David Litchfield's letter (entitled, "Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers") cuts like a scapel. In my opinion, this one's a must read. Check out the full text or just take a look at the SC paraphrase.
He leads with a quote from Mary Ann and then tells a chilling tale about his experiences working to try to get Oracle software vulnerabilities fixed. Don't stop reading in the middle - make sure to read the last paragraph or so where he gets to the part about how Mary Ann is a "mouthpiece" and has "categorically failed". Ouch.
Posted by Ed at October 7, 2005 08:58 AM