We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
The Federal Trade Commission announced that it has won concessions in a settlement with software maker Oracle over the company’s failure to uninstall older, insecure Java SE software from customer PCs upon upgrade.
This, said the FTC, despite Oracle’s explicit promise to its users that updates would render their machines “safe and secure.”
By abandoning these legacy builds, Oracle essentially left backdoors open on the computers of its customers — backdoors well-known to potential attackers due to their widespread publicity among security researchers.
As part of the settlement, Oracle will be responsible for both notifying its users of the terms it agreed to and the risks posed by its uninstalled software, as well as for providing the tools necessary to perform complete removals.
Action like this highlights the need for industry watchdogs, as insecure legacy software is a prime example of what economists call externalities: negative consequence of economic behavior that the free market provides no incentive to correct or account for.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.