Pythian Group

OpenSQLCamp was a huge success! Not many folks have blogged about what they learned there….if you missed it, all is not lost. We did take videos of most of the sessions (we only had 3 video cameras, and 4 rooms, and 2 sessions were not recorded).

All the videos have been processed, and I am working on uploading them to YouTube and filling in details for the video descriptions. Not all the videos are up right now….right now all the lightning talks are up.

• All the lightning talks belowin one continuous video (just over 54 minutes total)
• The Graph Engine (Antony Curtis)
• Cluster/J, a new set of Java APIs to MySQL Cluster 5.1 (John David Duncan)
• Sphinx, the fulltext storage engine (Peter Zaitsev)
• iiBench, the Indexed Insertion Benchmark (Bradley Kuszmaul of Tokutek)
• JJtree in Coco
• Integrating OSS with Windows (Tom Hanrahan of Microsoft)
• Trainwreck, an agent for MySQL replication (Domas Mituzas)
• Column Stores (David Lutz of Infobright)
• I Play With Data, about doing real statistical calculations of data, when SQL gets in the way (Joseph di Paolantonio)
• Your Guide to NoSQL (Brian Aker)
• PL/Parrot The call for PL/Parrot in Postgres is put out there (Jonathan “Duke” Leto)

Read the rest of this entry . . .

Is it Friday already? Where has the week gone? Whatever, we’ve got lots of good news tidbits for you this week, including several follow-ups to previous stories. Enough jaw-jacking, let’s get to the news.

Operating Systems

This week we got an early alpha of Google Chrome OS, which is slated for full release sometime in Q4 of 2010. ZDNet blogs and Ars technica have three good first looks at Chrome. First up is Adrian Kingsley-Hughes article Chrome OS – The good, the bad and the ugly, and how it fits in with Windows, Mac and Linux.

For a more security related view, Ryan Naraine has an early look into Chrome OS security with Inside the Google Chrome OS security model.

Lastly, Jon Stokes at Ars Technica has his own first look with screenshots in Chrome OS: Internet failing at PC > PC failing at Internet.
Read the rest of this entry . . .

Most people think Windows administrators make a living with their right-hand—you know, right-clicking and left-clicking the user interface to get things done. While anybody can do that in Windows, the real value comes in when you no longer need to rely so much on the user interface but instead write scripts. Lower total cost of ownership is achieved when the administrative costs are kept low, and this is where Windows PowerShell comes in.

I’ve spent a fair amount of time writing VBScript scripts to administer Windows servers and workstations and automating repetitive tasks. One reason for me moving into Windows PowerShell is its roots in the Microsoft .NET Framework, as I have done a fair amount of .NET programming. But what is Windows PowerShell anyway?

Windows PowerShell is an extensible command-line shell and an associated scripting language built on top of the .NET Framework v2.0. It was released in 2006 and is currently available for Windows XP SP2/SP3, Windows Server 2003, Windows Vista, and is included in Windows Server 2008.

PowerShell will be included as a common engineering criteria (CEC) in future releases of Microsoft server products, making it a must-learn for Microsoft server administrators.

Administrators (DBAs included) have been using scripting to automate administrative tasks with scripting languages like DOS batch, VBScript, Perl, and a few third-party tools like KiXtart and WinScript. Windows PowerShell complements the administrators’ existing scripting toolkit to easily manage and administer Windows workstations and servers and other Microsoft server products as THEY are being built using the .NET Framework.

Although it is designed for operating systems, Windows PowerShell can be used to administer SQL Server 2005 instances and higher, as Server Management Objects—the object model used to manage SQL Server 2005—are built using the .NET Framework, thus exposing the object model in PowerShell. And since SMO is compatible with SQL Server 2000, you can administer SQL Server 2000 instances using Windows PowerShell. SQL Server 2008 even ships with its own PowerShell snap-in.

No wonder it makes sense to learn a thing or two about Windows PowerShell. Besides, I’ve seen Windows administrators being “forced” to do SQL Server DBA tasks even without knowing what T-SQL is. Windows PowerShell makes it a level playing field.

I will be posting a series of blog posts on getting started with Windows PowerShell, and how any Windows administrator can use it for their day-to-day tasks. In the process, I’ll also cover how to use Windows PowerShell for administering SQL Server instances.

All,

I’m writing to help get the word out that Microsoft announced a major security vulnerability in GDI+, a component that is included and vulnerable to remote code execution exploits in every supported release of SQL Server 2005.

You can find our more about the vulnerabilities and affected products (there’s a long list, not just SQL 2005) at the Microsoft announcement here.

There is an update already available, so you probably want to evaluate an accelerated deployment of that. If you are a current Pythian client, we’ll be reviewing this patch for you. If you are not, now would be a good time to sign up, and Michelle will take care of you. :-)

Snippet from the announcement:

Executive Summary

This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for all supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008, Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4, Microsoft Digital Image Suite 2006, SQL Server 2000 Reporting Services Service Pack 2, all supported editions of SQL Server 2005, Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package, and Microsoft Report Viewer 2008 Redistributable Package.

This security update is rated Important for all supported editions of Microsoft Office XP, Microsoft Office 2003, 2007 Microsoft Office System, Microsoft Visio 2002, Microsoft Office PowerPoint Viewer 2003, Microsoft Works 8, and Microsoft Forefront Client Security 1.0. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerabilities by modifying the way that GDI+ handles viewing malformed images. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Recommendation. Microsoft recommends that customers apply the update immediately.

Known Issues. Microsoft Knowledge Base Article 954593 documents the currently known issues that customers may experience when installing this security update. The article also documents recommended solutions for these issues.