Tag: Mary Ann Davidson

  • A quick, factual reminder on the value and reality of a “EULA”… (aka MADness)

    [This was originally published on the OSVDB blog.] This post is in response to the drama the last few days, where Mary Ann Davidson posted an inflammatory blog about security researchers that send Oracle vulnerabilities while violating their End-user License Agreement (EULA… that thing you click without reading for every piece of software you install). […]

  • A Decade of Oracle Security

    [This was originally published on attrition.org] Oracle Corporation, one of the largest software companies in the world, has been providing database software for 30 years. What began as a U.S. intelligence agency funded relational database designed on a PDP-11 and never officially released, later turned into perhaps the largest and most prevalent commercial database used […]

  • Scary Oracle Numbers

    [This was originally published on the OSVDB blog.] http://www.eweek.com/print_article2/0,1217,a=160368,00.asp On Security, Is Oracle the Next Microsoft?September 16, 2005By Paul F. Roberts While [Oracle CSO Mary Ann Davidson] acknowledges that some of the criticism from Litchfield and others is valid, outsiders aren’t privy to the 75 percent of product holes that Oracle discovers and fixes internally. […]

  • .. and the debate keeps raging

    [This was originally published on the OSVDB blog.] ZDnet Asia had an article recentl, titled “Bug hunters, software firms in uneasy alliance” which brought up the age old full disclosure (or ‘responsible’ disclosure) debate. This prompted a slashdot thread with various comments. My favorite pop tart, Mary Ann Davidson (chief security officer at Oracle) managed […]