Oracle 'bug a day' initiative gets canned
He's not saying what prompted his turnaround, but the bug fighter who pledged to release his knowledge of a zero-day bug in Oracle has withdrawn from taking action. Cesar Cerrudo, who runs a security firm, had announced he was going to release insight on a new Oracle bug daily for a week--taking a page from colleagues bent on discovering product flaws (there's a Month of Browser Bugs and a Month of Kernel Bugs as well, both being published by independent vulnerability researchers.) His goal, said Cerrudo, was to prove Oracle's database isn't nearly as secure as the vendor claims.
for more on the bug blog withdrawal:
- read the news at Computerworld
Comments