
Oracle Hacker Gets The Last Word - J3L2404
http://www.forbes.com/2010/02/02/hacker-litchfield-ellison-technology-security-oracle.html?boxes=Homepagemostemailed
======
invisible
It's amazing to me that anyone could find exposing flaws privately to a
company could be construed as hurtful in any way. The mere benefit of having
someone tell you about a flaw that you were not aware of could save you
millions (if not billions) in lost revenue and PR damage.

If your software has enough attention to garner free QA checks from security
firms, I believe you should praise those checks rather than complain.

~~~
wmf
An opposing viewpoint:
[http://www.ranum.com/security/computer_security/editorials/d...](http://www.ranum.com/security/computer_security/editorials/disclosure-1/index.html)

