Wednesday, January 18, 2006
Security as Marketing
There is an interesting security advisory over at the security company imperva. The paper details a network exploit fixed by Oracle in the latest CPU. The exploit itself is interesting, but reading the advisory complete with 'advice' that regurgitates some of the recent discussion about the timeliness of Oracle's patching and suggests purchasing a type of product that the vendor supplies does rather bring back memories of various FUD campaigns that software vendors have conducted over the years.
I'd be interested in what readers think as, for me, this advisory steers just about as close as possible to the security as marketing boundaries as it is possible to get.
In the current climate I'm afraid I think that the demands on Oracle to make some sort of public commitment to change in their security procedures will only grow.
2 Comments
I'd be interested in what readers think as, for me, this advisory steers just about as close as possible to the security as marketing boundaries as it is possible to get.
In the current climate I'm afraid I think that the demands on Oracle to make some sort of public commitment to change in their security procedures will only grow.
2 Comments:
I also had my doubts when reading the article. They could just as well have attached the code to exploit the bug.
What's the purpose in helping all those script-kiddies out there in writing their very first Oracle Worm?
What's the purpose in helping all those script-kiddies out there in writing their very first Oracle Worm?
# posted by 
: 7:18 PM, January 18, 2006
: 7:18 PM, January 18, 2006
Not sure who they are marketing for.
Go back to the page, and look at the title on the Browser (from the TITLE HTML tag).
"Security Advisory: Microsoft SQL Server Audit Bug"
Post a Comment
Go back to the page, and look at the title on the Browser (from the TITLE HTML tag).
"Security Advisory: Microsoft SQL Server Audit Bug"
