It’s like a joke that never gets old. I’ve written about Oracle’s terrible approach to product security before (here, here, here, and here are a few examples… bonus: this). Now security legend Jericho has written this outstanding timeline of exactly what Oracle has failed to do in the security arena. He should have subtitled it “Bring Me the Head of Mary Ann Davidson”. Well worth a read.