hi,

we often hear that a certain software product has security holes as claimed by research firms/ hackers and security solutions vendors. i just came across one article as follows,
about sql server and oracle rdbms.

http://www.theinquirer.net/default.aspx?article=36000

as far as i understand, in order to know in what sense a software is having a security issue/hole/vulnerability, one needs to have access to the source code of the product in question. but many a time it looks like that source code is not made available to these companies/hackers etc and still they report the problems. how does this work? thanks.

It is not required, you can learn a lot from windows internals books,oracle handbook, you already have some opensource like postgresql/linux to play with and list down what all are the main bugs, try to attack a simmilar database/os using the knowledge you have gained

It is not required, you can learn a lot from windows internals books,oracle handbook, you already have some opensource like postgresql/linux to play with and list down what all are the main bugs, try to attack a simmilar database/os using the knowledge you have gained

Brilliant, cheers mate. Appreciated.

Part of the problem Microsoft has, is that programmers are not fools. Back in the 80's M$ stole software sure that they had enough lawyers to keep a programmer in court forever. SO- programmers began inserting "back doors" into their code, strings of assy bytes, that if called could call external subroutines you know as viruses.

So, Microsoft has stolen the code along with the back doors, and at this point, has no idea how much it has stolen.

Part of the problem Microsoft has, is that programmers are not fools. Back in the 80's M$ stole software sure that they had enough lawyers to keep a programmer in court forever. SO- programmers began inserting "back doors" into their code, strings of assy bytes, that if called could call external subroutines you know as viruses.

So, Microsoft has stolen the code along with the back doors, and at this point, has no idea how much it has stolen.

:icon_rolleyes:

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.