Apparently, Oracle isn't as "unbreakable" as we've been brainwashed led to believe.

Oracle confirmed that a variety of its server products could be tampered with through vulnerabilities via the OpenSSL protocol. The flaws could potentially open the door for a remote hacker to cause a denial-of-service (DoS) attack, execute arbitrary code, and gain access privileges.

Read all about it in Oracle Issues High-Severity Vulnerability Warning.

I always wonder if vendors will just give up someday, realizing that no product is secure, unbreakable, hack-proof, or whatever. It's software. It's imperfect. Deal with it and stop trying to convince anyone otherwise.

Amusingly, I just tried to search their site for "unbreakable" but got a 500 server error back: screenshot.

I'd say it's not a good day in Oracle land.

Posted by jzawodn at December 08, 2003 11:56 AM

Reader Comments
# Courtney said:

I *hate* Oracle.

WVU uses it because Larry Ellison graduated from school there.

There was an 18 month period when no department had any idea about their accounting flow unless they had kept shadow books.

The whole system sucks.

on December 8, 2003 03:51 PM
# Michael Kruckenberg said:

In the Boston airport there is a big display that reads "Oracle Makes Linux Unbreakable." I find that terribly annoying. Are they suggesting that Linux is breakable and Oracle somehow secured the loose ends?

I have worked in Oracle shops and have seen how "good" it is, am not sure Oracle is doing Linux any favor.

on December 8, 2003 06:23 PM
# Ryan Dooley said:

It will always be about what is unbreakable... the hype :-)

The one thing I find very interesting is the marketing jargon. It might be one thing to say that something is "unbreakable" when it doesn't rely upon external, opensource, software. When a security issue comes up with that third-party software, the core product will always fall short of the marketing . Why don't the folks who sell (software) get this?

on December 9, 2003 07:39 AM
Disclaimer: The opinions expressed here are mine and mine alone. My current, past, or previous employers are not responsible for what I write here, the comments left by others, or the photos I may share. If you have questions, please contact me. Also, I am not a journalist or reporter. Don't "pitch" me.

 

Privacy: I do not share or publish the email addresses or IP addresses of anyone posting a comment here without consent. However, I do reserve the right to remove comments that are spammy, off-topic, or otherwise unsuitable based on my comment policy. In a few cases, I may leave spammy comments but remove any URLs they contain.