Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/17/2010
05:52 PM
Bob Evans
Bob Evans
Commentary
50%
50%

Global CIO: Oracle Foes Scurry To Curry Favor With Dictatorships

Spurned by his former heartthrob heroes in the EU, MySQL's founder now sings the praises of Russia and China.

Unable to convince even the semi-capitalists of the European Union to block Oracle's acquisition of Sun, the founder of MySQL is taking his sorry obstructionist grandstanding to the dictatorships of Russia and China in hopes of currying favor among their corrupt bureaucrats. Oh the irony: that's the very same China Google abandoned last week due to its oppressive stances toward its citizens' use of technology.

"China and Russia can still say No unless there's a real solution in place," MySQL founder Michael Widenius said in a press release earlier today. "They are powerful, self-confident and open-source-friendly countries and they have every right and opportunity to do a better job on this than the EU. Russia just decided to take more time for this review and China proved in the Panasonic-Sanyo case that it stood its ground even after a deal had been cleared by the US and the EU."

Global CIO
Global CIOs: A Site Just For You
Visit InformationWeek's Global CIO -- our new online community and information resource for CIOs operating in the global economy.

Steamrolled in Brussels when the EU heard from large numbers of Oracle customers that the Sun acquisition would have no harmful effect on them, Widenius and his cohorts have shifted their petition-signing efforts to Russia and China. And while I hope Widenius meets with zero success in those countries, I also hope he realizes that these two countries on which he's pinning all his open-source hopes have been known to brandish what we could call a less-than-open view toward public efforts to gather signatures on petitions as well as online expressions of individual opinions.

Maybe he'll realize that the rule of law in Europe and the U.S.—imperfect though it may be—will force Oracle to stick to the 10 commitments it made to seal the EU deal and that no such sense of fairness and consistency will be forthcoming in China and Russia.

"The helpmysql.org campaign already has more than 600 supporters in China and more than 800 in Russia, almost double the number it had a week before," Widenius said in the press release. "The campaign will now work closely with its local supporters in order to support the work of the competition authorities in those two countries and will step up its efforts to collect signatures from local MySQL users."

In recent months, Widenius and his florid spokesman frequently issued equally glowing comments about the anti-capitalist popinjays of the EU, cooing about their vigor and rigor and predicting bad times for Oracle at the hands of those valiant stewards of parity and managed capitalism. Imagine my surprise, then, to see Widenius and his spokesman turn rather viciously on their former heartthrobs, replacing all that pillow talk with some rather harsh language.

Heck, Widenius could have spared himself a lot of emotional tribulations if he'd just read our Oct. 21 column, Global CIO: Can Oracle's Larry Ellison Keep MySQL From EU Whiners?, in which we said this:

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
7 Tips for Infosec Pros Considering A Lateral Career Move
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I've never actually seen the corporate ladder before.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5216
PUBLISHED: 2020-01-23
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was passed into append/override_content_security_policy_directives, a newline could be injected leading to limited header injection. Upon seei...
CVE-2020-5217
PUBLISHED: 2020-01-23
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/override_content_security_policy_directives, a semicolon could be injected leading to directive injection. This could b...
CVE-2020-5223
PUBLISHED: 2020-01-23
In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a persistent XSS attack is possible. Under certain conditions, a user provided attachment file name can inject HTML leading to a persistent Cross-site scripting (XSS) vulnerability. The vulnerability has been fixed in PrivateBin v1.3...
CVE-2019-20399
PUBLISHED: 2020-01-23
A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.
CVE-2020-7915
PUBLISHED: 2020-01-22
An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator.