Oracle Secure Search: The World’s Greatest Paradox?

A colleague of mine once used a term that seemed very fitting to a particular security process. He termed it what it was, in my opinion: a disgrace. That’s hard to say seriously without immediately thinking of the company that has, in the security space, re-defined what it means to be a disgrace: Oracle.

Read More

Windows Media Exploit: Lesson Learned Yet?

We’ve been hearing a lot about software distributors downplaying vulnerabilities in their code. It seems like a familiar tune. Gadi’s post hits on it. I talked about it two weeks ago after Mozilla managed to (yet again) severely downplay some trivially-exploitable vulnerabilities fixed by recent patches. Judging from this week’s Windows Media Player fiasco, the lesson hasn’t been learned.

Read More