Archive for January 18th, 2006
Security as Marketing
There is an interesting security advisory over at the security company imperva. The paper details a network exploit fixed by Oracle in the latest CPU. The exploit itself is interesting, but reading the advisory complete with ‘advice’ that regurgitates some of the recent discussion about the timeliness of Oracle’s patching and suggests purchasing a type of product that the vendor supplies does rather bring back memories of various FUD campaigns that software vendors have conducted over the years.
I’d be interested in what readers think as, for me, this advisory steers just about as close as possible to the security as marketing boundaries as it is possible to get.
In the current climate I’m afraid I think that the demands on Oracle to make some sort of public commitment to change in their security procedures will only grow.