Re: oracle on the traces of microsoft ?

[Cesar <sqlsec () yahoo com>]

Oracle can't be on the traces of MS, Oracle security
people are a bunch of amateurs and clueless, they have
a really long, long way to reach MS on security
efforts (btw: im not a MS fan but i know both
companies and how they handle security). Also Oracle
patches are a pain in the ass to install and if you
are successful on installing them then you have to
pray so the engine continue working without problems.
Man, Oracle is so buggy, it's incredible how easy is
to own any Oracle app. We have reported hundred of
bugs since more than year and most of them are
unpatched!!!!!!. The bugs i'm talking about should
have been fixed years ago but they are inherited from
version 8 to 9 and from 9 to 10.... most of these bugs
can be found by a simple half hour auditing.


Cesar.
--- johnny cyberpunk <jcyberpunk () thc org> wrote:

> it's seems that oracle is on the traces of microsoft
> !
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1027052,00.html
> and best is, that oracle said, that they asked
> customers, what would be 
> their favorite update cycle.
> most of the admins approved the every 3 months
> strategy. sure, if i ask an 
> admin here in our
> company, he'll also give them the same answer. if
> oracle had asked the 
> security team, the answer
> would be: release a patch asap, especially if the
> bug is publically known.
>
> cheers,
> johnny
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave
>



                
__________________________________ 
Do you Yahoo!? 
The all-new My Yahoo! - Get yours free! 
http://my.yahoo.com 
 

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave