Call: +44 (0)7759 277220 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Demystifying MS SQL Server & Oracle database server security"] [Next entry: "10g Release 2 is available for download for Windows"]

Some response to Mary Ann's article



I have just been looking at some of the comments to Mary Ann Davidsons news article written last week titled "When security researchers become the problem". Someone made me aware of a response to the article and said to go and read it. The comment I was directed at was in response to another comment, so let's talk about this comment first. This is titled "After fact article about Michael Lynn?" posted by Walt. I think Walt is not up on current Oracle security events as he assumed that Mary Ann's article is about Michael Lynn going public about cisco bugs. I am not certain she is actually talking about Michael Lynn at all but all that said Walts final comments that it is the vendorís responsibility to offer patches quickly is the key. The comment I was pointed at is written by Rogue Shoten and is titled "Half the story" which takes an interesting angle on the issue of information disclosure.