Oracle and Bug Hunters Clash Over Flaw Reports

Monday Dec 11th 2006 by DatabaseJournal.com Staff
Share:

Vendor blasts ‘irresponsible’ practices; researchers say their work helps users.

[From Computerworld]

December 11, 2006 (Computerworld) -- The long-standing tension between software vendors and independent researchers who try to find security holes in products came into public view late last month, when Oracle Corp. criticized bug hunters after it came under fire for its security practices.

In a message posted Nov. 27 in a blog on Oracle’s Web site, Eric Maurice, manager of security in the company’s global technology business unit, said Oracle wouldn’t let external perceptions drive its software security policies. Maurice reiterated Oracle’s commitment to strong security practices but said it would continue to prioritize vulnerabilities based on their criticality and not on who had discovered them.

The article continues at http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=276275&taxonomyId=17&intsrc=kc_top

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved