News Blog Subscribe to News Blog
July 28, 2005 12:33 PM PDT

Oracle: Unbreakable no more?

Posted by Mike Ricciuti

Big technology companies routinely make boastful claims about their products. Despite marketers' best efforts, most of those pledges are little noticed and quickly forgotten. But some security researchers have taken Oracle's "Unbreakable" marketing campaign to heart, even though the company has begun moving away from that label.

When Oracle launched the campaign four years ago, the company said its Oracle 9i database was "unbreakable," and that unauthorized users couldn't "break it" or "break in."

Larry Ellison, Oracle's CEO, repeatedly compared his company's security record against that of arch-rival Microsoft. "Bill Gates said he would devote the month of February to security," said Ellison, referring to an initiative at Microsoft to improve the security of its software. "February's a short month. We've devoted 25 years to security."

Not surprisingly, Oracle executives were forced to defend the unbreakable claim right from the start. "Calling your code "Unbreakable" is like having a big bull's-eye on your products and your firewall. Obviously, nobody wants to be a target," Mary Ann Davidson, Oracle's chief security officer, told BusinessWeek back in 2002.

Well, security researchers love a challenge. At the Black Hat Briefings, a security conference taking place this week in Las Vegas, two researchers will detail security flaws uncovered in Oracle's software.

Alexander Kornbrust of Red Database Security will give a presentation on ways to circumvent Oracle's database encryption, and Esteban Martinez Fayo, a researcher at security company Argeniss, is slated to show new ways to attack Oracle databases. Kornbrust, a German security researcher, earlier this month published details on a number of unpatched security flaws in Oracle software.

Finding holes in Oracle's "Unbreakable" claim isn't new. Back in 2002, a security researcher used an earlier Black Hat conference as the venue to detail a bevy of security problems in the company's database software. U.K. security researcher David Litchfield at the time detailed a serious software slip-up that could let hackers take control of corporate servers running the database program.

Meanwhile, Oracle has recently begun moving away from the campaign. It isn't actively using the unbreakable label in product marketing and advertising, a company representative said.

Topics:

Security,

Oracle

Bookmark:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
XACML: A still-emerging standard worth watching
Alltel joins LTE bandwagon
Wafer-thin: Samsung's OLED laptop prototype
Georgia law aims to lure video game makers
iPhone expands its empire, once again
Powered by Jive Software
advertisement

  • About News Blog

  • Recent posts on technology, trends, and more.

Add this feed to your online news reader
Google
Yahoo
MSN

News Blog topics

Most popular stories

  1. CBS to buy CNET Networks

  2. Images: Microsoft telescope puts universe on your desktop

  3. End of Intel, AMD duopoly near? Via readies Isaiah chip

  4. If Gates is right, how much longer for keyboards & mice?

  5. Photos: Microsoft previews 2008 Xbox games

Latest tech news headlines

All News.com headlines »

Featured blogs

Beyond Binary by Ina Fried

Coop's Corner by Charles Cooper

Defense in Depth by Robert Vamosi

Geek Gestalt by Daniel Terdiman

Green Tech

One More Thing by Tom Krazit

Outside the Lines by Dan Farber

The Iconoclast by Declan McCullagh

The Social by Caroline McCarthy

Underexposed by Stephen Shankland

advertisement
Welcome (log out) |View profile
Log in | Sign up Why join?
On GameFAQs: Grand Theft Auto IV (PS3) cheats & more!
Advanced
search
advertisementGet more done with Windows Mobile
Advanced
search
Visit other CNET Networks sites: