Oracle's Chief Security Officer Speaks Out

Posted by Zonk on Sunday August 7, 2005 @06:57AM from the talking-the-talk dept.

s0u1d13r writes "ZDNet Australia posted a special article from Oracle's CSO regarding the treatment and publishing of exploits and vulnerabilities by security researchers. From the article: 'There's a myth about security researchers that goes like this: Vendors are made up of indifferent slugs who wouldn't fix security vulnerabilities quickly -- if at all -- if it weren't for noble security researchers using the threat of public disclosure to force them to act.' An interesting read from the perspective of one of the largest software vendors accused of ignoring vulnerabilities by software researchers."

1 of 112 comments (clear)

Min score:

Reason:

Sort:

Cry me a river sweetcheeks by Anonymous Coward · 2005-08-07 07:26 · Score: 3, Funny

What a little cry baby.. so worried about someone getting too much credit. It's crystal clear she CAN'T STAND being pushed around by people that didn't follow all the rules like she did. Well too bad toots, it comes with relasing holes in your products, not from evil researchers.. got it? Good!

And IMO, whilest it may be true that NOT ALL vendors are made up of indifferent slugs who wouldn't fix security vulnerabilities quickly if it weren't for security researchers, it's true for most!