Oracle Has More Flaws Than SQL Server 229
jcatcw writes, "Next Generation Security Software Ltd. of Surrey, England, compared bugs in Oracle and SQL Server that were reported and fixed between December 2000 and November 2006. The tally: Oracle had 233; MS SQL had 59. The products compared were Oracle 8, 9, and 10g; SQL Server 7, 2000 and 2005. From the article: '[The head of the survey said,] "The results show that the reputation that Microsoft SQL Server had back in 2002 for relatively poor security is no longer deserved."' Oracle's response: 'Measuring security is a very complex process, and customers must take a number of factors into consideration — including use-case scenarios, default configurations, as well as vulnerability remediation and disclosure policies and practices.'"
translation (Score:5, Funny)
Oracle's response in english: Clearly you have no idea what you're doing, because your results showed us in a poor light. Perhaps you'd like to try again. We have a bag of money for you.
Stop counting flaws! (Score:5, Funny)
Check the data and the criteria before deciding (Score:4, Funny)
Not least the criteria for selecting and enumerating flaws, and any differences between those criteria for the two products. Not saying that there is a problem, just that any prospective customer needs to take this into consideration and check his facts.
This whole study reminds me of a couple of years ago, when someone decided to make a comparative list of security flaws between Windows and Linux. For the former, they only included official Microsoft security fixes. For the latter, they included just about every bug in every open source project known to man. Big surprise, Windows was found to have less flaws.
When it comes to security, trust no one. Especially not research firms, security "specialists" and people mouthing off about security on Slashdot.
Hey, waitaminute....
Re:Summary title is vague (Score:3, Funny)
59 bugs reported and fixed... (Score:4, Funny)
Re:Summary title is vague (Score:3, Funny)
Re:Stop counting flaws! (Score:3, Funny)
You are vastly oversimplifying, and clearly have not funded a study of the market. Cottage cheese passes an ACID test, and I hear that Swiss Cheese is full of holes.
This just in (Score:4, Funny)
Re:translation (Score:2, Funny)