Surely by now you've heard of the legal battle between SAP and Oracle. You can get the latest here.

To cut a long story short, Oracle accused SAP subsidiary TomorrowNow of downloading support materials from its customer portal using the login credentials of its customers.

As far as the media was concerned, Oracle was accusing SAP of "hacking" into Oracle to gain an edge over its competitor. Thankfully, the hacker hyperbole has been hosed down a little and the true nature of the allegations revealed:

Oracle, for example, created a Daylight Saving Time (DST) document with instructions on how to conform Oracle's software to the new daylight saving time change. But the software maker alleges TomorrowNow copied the information on two occasions in January and swapped out Oracle's logo and copyright and placed its own logo on the documents.

Heavy. SAP allegedly... copied Oracle's homework. It stands accused of using its customers' login credentials, which the customers had given it, to access documents that would simply be rebadged.

Serious allegations indeed, but how has this, or anything remotely like this, got anything to do with "hacking"?

I propose a new rule -- if you've been given a username and password to use a system, and then you log in to that system, it's not hacking, ok?

Sheesh.

This week's security podcast (found here) features a special on Romanian cyber-fraud and interviews with eBay fraud investigators Matt Henley and Alastair MacGibbon.