Five Companies That Dropped The Ball This Week
Oracle's Database Security Gaffe Exposes Customers To Attack
Oracle recently informed security researcher Joxean Koret that it had fixed a vulnerability he first reported to the company in 2008 in its April critical patch update. Oracle credited Koret with his role in finding the flaw, and he subsequently published details on how it works. Only problem was, Oracle hadn't actually issued a patch for the flaw, and merely fixed it in future versions of the software.
The end result: There is now a zero day database vulnerability floating around out there, and Oracle says it won't fix it until its next Oracle Database release. For a company with as dismal a security track record as Oracle, this is another in a long line of pretty significant failures.
RIM Fesses Up To Staging Fake Protest In Australia
Research In Motion offered a sneak peek at its upcoming BlackBerry 10 operating system and, judging from the fact that its shares hit an eight-year low afterward, the unveiling did not go swimmingly.
Bad as that was, RIM also suffered the embarrassment of being caught staging a guerilla marketing campaign outside an Apple store in Sydney, Australia. According to reports, a bus emblazoned with the slogan "Wake Up" rolled up outside a store and protestors jumped out, ran up to the entrance, and began chanting, you guessed it, "Wake up."
Later, it emerged that RIM had tipped off local bloggers in advance with details on the time and location of the protest. Congratulations, RIM -- you have just surpassed Microsoft in the annals of loony marketing stunts.
AT&T Whines About Being Denied In T-Mobile Deal
In the latest example of AT&T's obvious disregard for customers' sensibilities, the carrier's CEO, Randall Stephenson, lashed out this week against the mean old Federal Communications Commission. His beef, of course, stems from the FCC's veto of AT&T's proposed acquisition of T-Mobile last year.
Stephenson laid blame for AT&T's 30 percent price hike for mobile data, which took effect earlier this year, directly at the FCC's doorstep. "Since [the merger] got killed, our data prices have gone up 30 percent," Stephenson told federal regulators, as reported by The Hill.
AT&T customers could not be reached for comment. However, one suspects that Stephenson's explanation does little to appease their irritation at having to pay more for mobile data.
Yahoo CEO Comes Under Scrutiny Over College Degree Claim
Well, well, well. After a period of relative calm, Yahoo is once again facing the hot glare of industry scrutiny -- if not scorn -- over CEO Scott Thompson and his computer science degree that wasn't.
This week, after a shareholder inquiry, Yahoo acknowledged that Thompson did not have a computer science degree from Stone Hill College, a Boston-area institution. This contradicted information in Thompson's bio that had been posted on Yahoo's Web site -- and more importantly, in the company' SEC filings.
Yahoo chalked up the situation to an "inadvertent error," but that doesn't explain why the same information is listed on eBay's Web site, where Thompson was CTO prior to joining Yahoo. Get the popcorn ready, this one is going to be interesting.
Security Researchers: Skype Knew About IP Address Flaw
Security researchers are claiming that an exploit in Skype that can reveal the IP address of its users could have been avoided -- if the company had paid attention to their reported findings.
According to CIO Journal, researchers from French security firm Inria, and the Polytechnic Institute of New York University, claim to have reported the flaw to Skype in November 2010. They claim the issue lies deep in the Skype code, and that fixing it could require heavy lifting on Microsoft and Skype's part.
A Skype spokesperson told Cnet the company is looking into the matter but suggested that it's not a problem that is unique to Skype. This is an ongoing, industrywide issue faced by all peer-to-peer software companies, the spokesperson told Cnet.