Oracle takes down CSO’s chastising blog post on home-security testing

oracle cso blog security testing oraclestory
If the last few years have taught us anything about the nature of digital security, it’s that nothing is airtight. Whether you look to Edward Snowden absconding with the NSA’s secretive files, Sony having its servers’ contents dumped all over the floor or indeed, Hacking Team itself being hacked, it’s clear everyone and everything is vulnerable.

Perhaps that’s why a lot of Oracle software users have been trying to find flaws in its software, something that the chief security officer at the company, Mary Davidson, isn’t happy with. So much so, in fact, that she penned a sarcastic, chastising blog post over the weekend that pointed out not only were people breaking their license agreement by reverse engineering Oracle programs, but that they were wasting their time too.

“I’ve been writing a lot of letters to customers that start with ‘hi, howzit, aloha,’ but end with ‘please comply with your license agreement and stop reverse engineering our code, already,'” she said in the now deleted post (via Ars Technica).

She went on to poke fun at those using automated tools to scan Oracle software for flaws, suggesting that not only that those tools’ reports do not — as she is concerned — quantify an actual potential exploit, but that they are roping someone else into breaking their license agreement too.

“Oh, and we require customers/consultants to destroy the results of such reverse engineering and confirm they have done so,” she said.

Her reasoning for this attack on customers, who she seems to believe are either misguided or want to catch Oracle out, is that she doesn’t want to send out more sternly worded letters telling people to stop. She also reiterated that third-party tools and analyzers don’t do a good job of looking at Oracle code anyway.

“I do not need you to analyze the code since we already do that.”

Do you think those sending in reports of Oracle bugs are doing it because they want the praise for finding a flaw, as Davison seems to think, or does this suggest a growing climate of more security concious software users?


Hitting ‘Check for updates’ in Windows 10 opts you into beta releases

Users who are careful about keeping their system updated should watch out -- Microsoft revealed this week that clicking the Check for updates button in Windows can opt you in to testing beta code.
Home Theater

Kill your cable and switch to streaming with our painless guide

If you're going to quit cable or satellite for a streaming TV solution, you're going to want to get it right the first time. We've outlined exactly how to get started, step by step. Follow our lead, and you'll never look back.

The most common Nintendo 3DS problems, and how to fix them

The Nintendo 3DS has seen its fair share of issues since it launched in 2011, including poor battery life and fragile Circle Pads. Here are some of the most common, as well as the steps you can take to solve them.
Movies & TV

'Stranger Things' season 3 teaser reveals the new episodes' titles

With a sophomore season as strong as its first, Stranger Things is now moving on to season 3. Here's everything we've learned so far about the Netflix series' upcoming third season.

You’ll soon be able to scribble all over PDFs on your Chromebook

Chrome OS users may soon be able to doodle all over their PDF documents with the possible addition of a new feature in Chrome OS' PDF viewer. The annotation feature is expected to allow users to hand draw or write over their documents.
Virtual Reality

Oculus Rift vs. HTC Vive: Prices drop, but our favorite stays the same

The Oculus Rift and HTC Vive are the two big names in the virtual reality arena, but most people can only afford one. Our comparison tells you which is best when you pit the Oculus Rift vs. HTC Vive.

Canada’s winters inspired a startup to warm homes with cryptomining heat waste

Cryptomining may be the key to untold riches and the future of currency, but it’s also an environmental nightmare. Heatmine, thinks it has the answer, but it could mean bolting a mining rig onto every home and business in the country.

Microsoft’s Windows 95 throwback was just an ugly sweater giveaway

Microsoft's "softwear" announcement wasn't what we had hoped for. Thursday's announcement was not the new line of wearable tech or SkiFree monster sweater we wished for. But it did deliver the 90s nostalgia we wanted.
Home Theater

Confused about LED vs. LCD TVs? Here's everything you need to know

Our LED vs. LCD TV buying guide explains why these two common types of displays are fundamentally connected, how they differ, what to look for in buying an LED TV, and what's on the horizon for TVs.

The best MacBook deals for December 2018

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.

How to connect AirPods to your MacBook

If you have new AirPods, you may be looking forward to pairing them with your MacBook. Our guide will show you exactly how to connect AirPods to MacBook, what to do if they are already paired with a device, and more.
Product Review

The Asus ZenBook 14 is a tiny notebook that gets lost in the crowd

The ZenBook 14 aims to be the smallest 14-inch notebook around, and it succeeds thanks to some tiny bezels. Performance and battery life are good, but the notebook lacks a standout feature other than size.

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.

Which Macs are compatible with MacOS Mojave?

Is your computer ready for Apple's big Mojave update? Here's what you need to know about MacOS Mojave compatibility, what Macs can successful download Mojave, and the requirements you need to know about.