From Oracle's Chief Security Officer: one of the finest marketing posts for free software I've seen in 2015

Simo s at
Mon Aug 17 00:32:42 UTC 2015

On Tue, 2015-08-11 at 21:41 +0200, Alessandro Rubini wrote:
> > Hmm, you're the only person so far I know of who hasn't reacted in 
> > shock.
> Then you are lucky, because your aquaintance is smart and competence.
> > * The attitude of security by obscurity, as if telling your 
> > customers
> > "don't look!" stops the black hats for a second.
> This I noted. Do you think normal people will?

The target customer of Oracle is not "normal" people, it is sysadmins
and in general IT folks. Sure there are various levels of competence
there too, but I would think that most competent admins will balk at
such a post.
I do not think many will find it really surprising, but may be
eyeopening for some.

>  As I said, security
> experts can lough at their incompetence. But this is perfectly normal
> for normal users.  I agree this is not a good advertisement for them
> (unlike the "we'll send people to learn" I referred to), but it's not
> hitting back either.  Who knows better is already not an Oracle fan.

Not being a fan is not enough, you also need some silver bullets to
kill the beast in some companies where sysadmins/security officers
can't call the shots.


Simo Sorce

More information about the Discussion mailing list