Not wanting to get embroiled in a debate about this (but failing ;)
Having worked closely with the security teams of most large commercial vendors (IBM, Oracle, Microsoft, Apple, HP, Adobe, Real) I can quite honestly say that, of all of them, Oracle is the only company to still treat security in this way. Most other organizations "got it" years ago and while there could be improvements made in various areas the most improvement could be made at Oracle.
Not many of them "got it". Some are simply worse.
Firstly, it's due to the facts that I posted as I did. It is fact that the patch for Alert 68 fails to properly fix a large number of holes it was touted to fix. It is fact that a large number of companies that spent a great deal of money installing the patch have wasted their time. It is fact that Oracle database servers are still vulnerable to security holes that were reported to Oracle years ago.
Amazing statistics. Where are statistics on others?
Because enough is enough.
For security people maybe.. using Oracle for most business is a Business concern.
Because they seem to be the only ones that don't get it.
This is the place where you lost me, I am sorry. The only ones?
It's not that I disagree with their behavior being questionable, I honestly believe a survey of how all vendors do where the s**t floats to the top without singling out the Bad but rather the Good, would work better.
I'll definitely put together the stats.
This kind of attack may be "called for" but definitely will make Oracle less than willing to ever work with *you* or trust the community,
plus it will immediately become a PR issue where they may chose to go on lawyer-PR strategies rather than "how do we make sure this never happens again by getting off that list".
It simply looks like a rant, which is a shame.
Regardless, like I said, you better have a good plan on protecting yourself from liability. Right now, right or wrong, it appears like a personal attack from you. So, even if the entire community is behind you, most of the community won't help foot the legal bill.
Cheers, David