Oracle encryption: Ouch

From this article:

The standard encryption mechanism used by Oracle’s (Profile, Products, Articles) database products can be easily circumvented, according to a German security researcher who last week published details on a number of unpatched security”

Ouch. Not what you want to see, bad for Oracle, bad for customers. Not strictly an ELN issue, but it is a good example of one of the reasons why I think you want a very simple, very boring, stand alone PECP (Patent Evidence Creation & Preservation) system:

  • Simple systems are easy to see if they’re working OK, so if there’s a problem you can see it quickly – and less specialist skills are involved.
  • There’s less to go wrong with a simple system.
  • Because the system is standalone and not used for other purposes, there’s less chance that unrelated “events” will compromised your patent evidence.

The business requirements of PECP systems are comparatively simple. The hard part is developing & deploying systems which are robust in the real world. That’s much harder, and it is much less of an IT problem than people think. In fact, a reliable PECP system will probably violate a whole load of “IT best practice”.

Leave a Reply

Your email address will not be published. Required fields are marked *