The whole point of a regular patch cycle is that people can plan ahead and install once. But if you are having to install it nine times, where's the benefit of that.
More Quotes from David Litchfield:
Someone can come in off the Internet over the Web without a user ID or password and interact with the back-end database server, so it goes through all the firewalls. This is critical.David Litchfield
Oracle still has not released an official patch, so it is still leaving its customers at risk. It is a trivial thing to fix. If the company is still working on it, I do not understand why.
David Litchfield
SQL injection is probably today's biggest security issue. This problem has been known about for years, but seven out of ten Web applications are still vulnerable. I find it extremely frustrating.
David Litchfield
We disclosed this to Oracle on Oct. 25 last year. Around the same time, they were alerted to another high-risk flaw that is not as serious as this one. They fixed that one in the January CPU but neglected to fix this. It's not a case of not having enough time, because the fix is trivial and the risks are severe.
David Litchfield
Readers Who Like This Quotation Also Like:
Based on Topics: People QuotesThe actual atoms and molecules that make up my brain and body today are not the same ones that I was born with on September 8, 1954, a half-century ago this month.
Michael Shermer
An idea is salvation by imagination.
Frank Lloyd Wright
Acting is easier than skating in a way and harder in other aspects. In skating, you get one chance, and with acting you get to do it over and over.
Tara Lipinski