This blog post was inspired by a recent report of a Database Analyst at American Express stealing Credit Card data. It’s amazing how many companies still follow a mainly “perimeter security” approach when it comes to controlling access to sensitive information—their focus is on network security using firewalls, advanced authentication options, and so on. Even with such measures, it’s very common to setup strong barriers to the outside world but very little by way of internal limits; most internal people have some level of access to servers that store and process sensitive data.Read More >
This is the 153rd edition of Log Buffer, the weekly review of database blogs.Read More >
OpenSQL Camp will take place Saturday 22nd and Sunday 23rd of August, in St. Augustin, Germany, so it could do for a nice August getaway to Germany. It’s not really the biggest of cities, but then again, that is part of the charm, going to some small city and learning more about databases.
In case you do happen to be curious, feel free to check out the list of proposed sessions, although it is not complete, it does give a overview of what to expect.
Welcome to the 152nd edition of Log Buffer, the weekly review of database blogs.Read More >
This year, the International Free Software Forum celebrated its 10th anniversary. It happened last week in Porto Alegre. Pythian presented a session on Thursday called 8 Rules for Designing More Secure Applications with MySQL. As promised, here are the slides we used on that session: 8 Simple Rules to Design Secure Apps with MySQL.Read More >
Welcome to the 151st edition of Log Buffer, the weekly review of database blogs.Read More >
Presentation: Migrating 1 Terabyte Database to MySQL — Case Study by Alex Gorbachev. This presentation is based on the real project migrating from RDB on OpenVMS to MySQL on Linux. We will review the migration of the data itself and what infrastructure has been setup — high availability cluster with Heartbeat, DR site replication, organizing backup for 1 TB database. The system has been successfully put in production few months ago.Read More >
My old friend and collaborator Theo Schlossnagle at OmniTI posted his slides from his Scalable Internet Architectures talk at VelocityConf 2009. The slides are brilliant even without seeing Theo talk and I highly recommend the time it takes to flip through them, for anyone who is interested in systems performance. If anyone took an mp3 of this talk I’m dying to hear it, please let me know. Here’s the slide deck. Let me know your thoughts.Read More >
I just filed a very annoying bug when trying to compile with plugin engines using the 5.1.xx source tarball. I am trying to test SphinxSE as a plugin instead of getting it statically linked and came across an annoying bug. When using the configure –with-plugins option only once, the engine is statically linked. When using it twice, the first engine is created as a plugin, and the 2nd one is linked statically. Here are a couple of examples..Read More >
Lenz Grimmer recently wrote two blogs about password security on MySQL. Both are worth reading in detail. You’ll find them in Basic MySQL Security: Providing passwords on the command line and More on MySQL password security. Although I wrote a comment on the latter one, there is one point I thought was worth its own blog. Here we go…Read More >