Microsoft, Oracle Step Up to the Plate

By John Taschek  |  Posted 2002-10-14 Print this article Print

OpenHack 4 promises to show the strengths and weaknesses of each platform.

"Unbreakable" Oracle running with J2EE and Microsofts .Net are two of the most important computing platforms of the 21st century. The problem is that the other important computing environment is cyber-crime—something that unfortunately has more market penetration than any single technology ever will.

Thats one reason eWeek runs the annual OpenHack contest; this years challenge starts this week. OpenHack cant stop hack attempts from occurring, but it helps us provide insight into how and where these attempts occur.

OpenHack 4, this years event, promises to be the most compelling ever. While we dont consider OpenHack a contest between .Net and Oracles application stack, it will help show the strengths and weaknesses of each platform.

Clearly, the stakes are high. Security is the most important "feature" in new computing environments and applications. Its no wonder, considering how much we apparently have lost because of high-tech crime. Most of the estimates, of course, are out of whack. Last spring, a survey by the Computer Security Institute showed that 90 percent of its respondents had security breaches in the prior year, with about 40 percent coming from outside the firewall.

Ive heard stories that some banks have lost $1 trillion over five years because of cyber-crime. The CSI survey said its respondents claimed to have lost $240 billion per year. If cyber-crime were an economy, it would be tremendous. For comparison, the state of California—the worlds sixth-largest economy—has a gross state product figure of about $1.2 trillion.

This leads to three things—a fatalistic attitude among IT professionals who believe theyre going to be hacked no matter what; the high-tech equivalent of malingering, in which IT professionals exaggerate attacks and break-ins; and full-scale marketing by vendors claiming that their products are secure. Ive seen and heard them all.

All we know for sure is that we dont have accurate ways of identifying security flaws until after the fact. Thats where OpenHack comes in.

We applaud Oracle and Microsoft for participating in OpenHack 4. Special thanks also to Extreme Networks for providing gear and being extraordinarily responsive after one of the other networking companies backed out.

Write to me at if you want to know which companies are the security wimps that dropped out.

As the director of eWEEK Labs, John manages a staff that tests and analyzes a wide range of corporate technology products. He has been instrumental in expanding eWEEK Labs' analyses into actual user environments, and has continually engineered the Labs for accurate portrayal of true enterprise infrastructures. John also writes eWEEK's 'Wide Angle' column, which challenges readers interested in enterprise products and strategies to reconsider old assumptions and think about existing IT problems in new ways. Prior to his tenure at eWEEK, which started in 1994, Taschek headed up the performance testing lab at PC/Computing magazine (now called Smart Business). Taschek got his start in IT in Washington D.C., holding various technical positions at the National Alliance of Business and the Department of Housing and Urban Development. There, he and his colleagues assisted the government office with integrating the Windows desktop operating system with HUD's legacy mainframe and mid-range servers.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel