ALL POSTS

When Security Researchers Become the Problem

Oracle Chief Security Officer Mary Ann Davidson writes about the myths and misunderstandings surrounding security and how security researchers can actually become the problem. The three misguided notions Davidson focuses on are that fixes can be done in a matter of days, that researchers increase their business by finding more bugs, and that researchers deserve credit for every bug they find.

EMC Unveils New High-End Storage Array

The latest next-generation product in EMC’s high-end Symmetrix storage line is DMX-3. Scheduled to ship in September, DMX-3 currently supports up to 960 disk drives, and will be capable of supporting up to 1,920 disk drives by the first half of 2006. By the end of 2006 it should be up to 2000, and will be able to store a petabyte of data once fully configured.

Oracle Security Easily Bypassed, Warns Researcher

According to security expert Alexander Kornbrust, Oracle’s standard encryption mechanism can be easily circumvented. Korbrust intends to give a presentation later this week at the Black Hat 2005 security conference demonstrating how Oracle’s encryption can be broken.

RMAN Skip Tablespace Issue

The ‘skip tablespace’ command when doing an RMAN duplicate database will work for self-contained tablespaces, but not for a set of self-contained tablespaces. In other words, if each tablespace can be individually dropped, its fine, but where the indexes are placed separately from the tables, this won’t work for the duplicate. Oracle calls it “not a bug”.

Oracle Issues Patches, but Misses the Mark, Again

Although nearly 50 vulnerabilities were fixed with Oracle’s most recent quarterly patches, experts are saying that numerous critical issues haven’t been addressed at all.

Pete Finnegan, renowned Oracle security expert asks “Where are the large numbers of fixes expected? Alex Kornbrust and Esteban Martinez Fayo have big lists of bugs, some reported over 18 months ago, some high risk, that have still not been fixed. Will Oracle never get around to fixing these bugs?”

Oracle Update Fixes Security Flaws

Oracle has released a new critical patch with several vulnerabilities simultaneously announced and fixed. Various versions of Oracle products, including its database, application server and 11i E-Business Suite, are part of this latest update.

Page 245 of 257« First...102030...243244245246247...250...Last »