I recently mastered to pass the 10g oca examination and, as a proud member of the certified community, I obediently followed the instructions given to download the related logo for personal use. Targeting my browser to http://www.oracle.com/education/10goca, I experienced a behavior that i found strange at first, funny than, and disappointing at least. The story is, that the “passwort protected” procedure, as being described with the instructions, is’nt worth being called protected or ever secure, as will be shown below.
Due to the fact that the originating web page mentioned above gets redirected/reloaded multiple times upon a really slow web performance at oracle.com, one may spot a link to the protected data page even before being presented with the login page. Me, I noticed three redirects:
where #1 contains the link to the data page and #3 is the login page, respectively.
So, eager to get an oca logo for free, saving the exam efforts? Hell-bent on breaking the rules as set forth in http://www.oracle.com/education/downloads/ocplogoguidelines.pdf? Ok, watch out for this page and click as depicted.
ps. The how to works the same for ocp logos (i did’nt test the ocm part as well). Just use http://www.oracle.com/education/10gocp.
Hey oracle, you built the best database ever. What about securing your web contents appropriately?