Call them back and tell them you want to put your content back, when can we expect patch to be distributed?
>8)
-viz
Call them back and tell them you want to put your content back, when can we expect patch to be distributed?
>8)
-viz
[quote user="Rotary Jihad"]Wow. This got quashed really fast in a few places.
You know when Microsoft does this its decried as near criminal.
Are the fast patches as well as the insider silencing normal in the Oracle community?[/quote]
It's called social responsibility.
If you post an unknown exploit in public, you endanger a lot of people's information, possibly your own. Security 101. The harm is far greater than the good of publishing it.
think about it...
However, there needs to be a timeframe when they'll fix it and it had better be fast. Once people know that there is an issue with something like the .Net provider, every h4x0r and his brother will be poking at it to find out what that is, the clock is ticking and it's only a matter of time before the wrong people figure it out. In fact, If I were the moderator of this board, I'd clean up the parts that specify where the vulnerability is, as well as the exploit.
Once it's patched and distributed it's perfectly ok to release the exploit for educational purposes.
-Viz
[quote user="Rotary Jihad"]Wow. This got quashed really fast in a few places.
You know when Microsoft does this its decried as near criminal.
Are the fast patches as well as the insider silencing normal in the Oracle community?[/quote]
It's called social responsibility.
If you post an unknown exploit in public, you endanger a lot of people's information, possibly your own. Security 101. The harm is far greater than the good of publishing it.
think about it...
However, there needs to be a timeframe when they'll fix it and it had better be fast. Once people know that there is an issue with something like the .Net provider, every h4x0r and his brother will be poking at it to find out what that is, the clock is ticking and it's only a matter of time before the wrong people figure it out. In fact, If I were the moderator of this board, I'd clean up the parts that specify where the vulnerability is, as well as the exploit.
Once it's patched and distributed it's perfectly ok to release the exploit for educational purposes.
-Viz
Call them back and tell them you want to put your content back, when can we expect patch to be distributed?
>8)
-viz
Rule #1: You cannot install and run Oracle yourself.
Rule #2: You probably don't need Oracle.
Rule #3: If you need Oracle, you'll know.
---------------
haha. I went through the oracle dba training. I've rarely used it, never needed it, or recommended it once. I have met Oracle "DBA"'s that didn't know how to install a JVM on a sun box, at Citi. How can you be an Oracle DBA and not know how to install a jvm? (considering you need to install a jvm to use the installer, which you need to use to even DBA in the first place)?
Certified experts? WTF? Take a class, pass a test, get to real world and unable to function. PAY ME!!! I AM AN EXPERT!!! HERE'S THE PAPER THAT PROVES IT!!! The scary thing is these guys had the titles "DBA" and "Senior Developer" and "Architect".
>.<
I walked into the issue and got Oracle running on the Sun box (having never been at a Sun command prompt before), in about 5 minutes, with them telling me all the stuff I was doing wrong the whole time o.O (+ the time it took for the software to install). ****ing retards. Then again I'm just an open source schlep, what do I know? (besides linux, unix, oracle, postgresql, mysql, mssql, php, perl, java, sh)? I won't get into how they kept bugging me to help them with PL/SQL. My title is "Developer".
I'd never pass a sun or oracle certification, but when the chips are down, I deliver, and I don't waste 2 weeks before I ask for help, then blame the server guy that built the box for my own lack of knowledge and the lateness of my project.
I can't wait till all this outsourcing goes horribly wrong and we get back to normal. I usually only have time to do my own job.
-viz