Oracle CEO Larry Ellison did his best to play down concerns about NSA hacking into his business customers’ private data.
At an industry conference in San Francisco, an audience member asked the Oracle co-founder what to tell potential Oracle cloud-computing clients who worry that the National Security Agency could access their information.
Ellison chose his words extremely carefully. He said that “to the best of our knowledge,” an Oracle database has not been broken into for a couple of decades by anybody.
He said the databases were so secure there are people that complain they are too difficult to use.
However, Ellison implied that the only thing businesses have to worry about is the NSA cracking an Oracle database. If they managed that, Ellison is saying he had no knowledge of it. But he is also not saying what Oracle would do if an NSA spook showed up with a court order and demanded he handed over all the data on a business client, which is a scenario that many businesses are worried about.
However, David Litchfield, an established security expert and frequent speaker at top hacking conferences, disagreed with Ellison’s comments and said he regularly sees Oracle systems being compromised.
In fact he told Reuters that of all of the commercial databases, Oracle is the least secure.
Ellison got his start doing work for the CIA. In 1977 the spooks asked him to design a database, codenamed Oracle. The same year, Ellison and his colleagues founded the database company that would eventually be renamed Oracle.
Ellison and Oracle have also been one of the few IT outfits in the US who has publically endorsed the NSA’s spy programme. In an interview with CBS News’ Charlie Rose in August, Ellison said he believed the NSA’s widespread surveillance was essential to preventing terrorism. Still nothing to worry about eh?