stoolpigeon writes "My past as a DBA probably makes me a bit biased, but the reaction I've seen the most when a database application isn't performing as well as would be liked seems to focus on the database side of things. The search for a solution usually seems to center around tuning db parameters, the building (or removal) of indexes and, if the budget allows, throwing hardware at the problem. In their new work, Refactoring SQL Applications, Faroult and L'Hermite bring a much wider range of options to the table. There is a lot in this little book for the developer charged with fixing an existing application and I think a lot of good information that could save one from making a number of headache-inducing mistakes on a new application." Keep reading for the rest of JR's review.

theodp writes "Most of America's largest publicly traded corporations and Federal contractors — including those receiving billions of dollars from US taxpayers to finance their recovery — have set up offshore operations that could help them avoid paying US taxes, according to a GAO study released yesterday. Of the 100 largest public companies, 83 do business in tax-haven hot-spots like the Cayman Islands, Bermuda, and the British Virgin Islands. The report found that Citigroup, a recipient of $45B in bailout funds so far, has set up 427 subsidiaries in tax-haven countries, including 91 in Luxembourg, 90 in the Cayman Islands, and 35 in the British Virgin Islands. Household names on the lists from the tech sector include Apple (1 tax haven subsidiary), Cisco (38), Dell (29), HP (14), Intel (6), IBM (10), Microsoft (8), Motorola (4), and Oracle (77)."

jazir1979 writes "ZDNet is reporting that Oracle has added code to the Linux kernel for ensuring data integrity. The code has been developed in partnership with Emulex and was recently accepted into the 2.6.27 kernel release." According to the article, "The code adds metadata to data at rest or in transit, to monitor whether that data has been corrupted. It helps make sure that I/O operations are valid by looking at that metadata — which acts as verification information — exchanged during data transmissions."

mantex writes "The title of this book combines two coded terms — 'Web 2.0' and 'The Enterprise' — for which read 'social networking software' and 'Big Business.' And the purpose is to show how the techniques and concepts behind Web 2.0 applications (blogs, wikis, tagging, RSS, and social bookmarking) can be used to encourage collaboration efforts in what was previously thought of as secretive, competitive businesses." Read on for the rest of Roy's review.

stoolpigeon writes "MySQL is frequently touted as the world's most widely used relational database management system. Many of the best known web applications and web sites use MySQL as their data repository. The popularity of MySQL has continued to grow while at the same time many were concerned by the lack of many features considered essential to a 'real' rdbms. Such naysayers have done little to impede the growth or development of MySQL. The first edition of MySQL in a Nutshell, published in 2005, gave users a handy reference to using MySQL. The second edition, published in 2008, covers many new features that MySQL fans proudly proclaim as an answer to all those critics clamoring for a better-rounded rdbms." Read below for the rest of JR's review.

Ponca City, We love you writes "The NY Times reports that H211 LLC, a company controlled by Google's top executives, including billionaire founders Larry Page and Sergey Brin, appears to have added to its fleet a Dornier Alpha Jet, a light jet attack and advanced trainer aircraft manufactured by Dornier of Germany and Dassault-Breguet of France. The 1982 Alpha-Jet seats two and was originally used by European air forces, but is now being sold relatively cheaply to civilians. The jet has landing rights at Moffett Field, the NASA-operated airfield that is a stone's throw from the Google campus. It is not clear who exactly flies the fighter jet, although Google chief executive Eric Schmidt is an avid pilot. If the top Googlers indeed own the fighter jet, they would be following in the footsteps of Oracle chief executive Larry Ellison, who has owned several aircraft, including fighter jets."

smooth wombat writes "An international spam ring with ties to Australia, New Zealand, China, India, and the US is in the process of being shut down. Finances of members in the US are being frozen using the CAN-SPAM Act of 2003 while the FBI is pursuing criminal charges. The group sent spam advertising male enhancement herbs and other items using a botnet estimated at 35,000 computers, and able to send 10 billion emails per day. The Federal Trade Commission monitored the group's finances and found that they had cleared $400,000 in Visa charges in one month alone."

qazsedcft writes "In a move the company is billing as its first foray into the hardware business, Oracle Corp. said Wednesday it will begin selling server computers that come with its database software pre-installed."

Robert Hodges, CTO of Continuent, has an interesting blog entry about a new approach to database replication that they are undertaking. The new approach aims to provide easier access to replication for low-end Oracle users in addition to the alpha offering they already have for MySQL. "It's not a coincidence that we chose to implement MySQL and Oracle replication at the same time. MySQL has revolutionized the simplicity and accessibility of databases in general and replication in particular. For example, MySQL users have created cost-effective read scaling solutions using master/slave replication for years. MySQL replication is not free of problems, but there is no question MySQL AB helped by the community got a lot of the basics really right. On the other hand, Oracle replication products offer state-of-the-art solutions for availability, heterogeneous replication, application upgrade, and other problems, albeit for high-end users. For example, Oracle Streams and Golden Gate TDM offer very advanced solutions to the problem of data migration with minimal downtime. The big problem with these solutions is not capabilities but administrative complexity and cost."

Almost Live writes "Oracle has released an out-of-cycle alert to offer mitigation for a zero-day exploit that's been posted on the Internet. The emergency workaround addresses an unpatched remote buffer overflow that's remotely exploitable without the need for a username and password, and can result in compromising the confidentiality, integrity, and availability of the targeted system." Whoever published the vulnerability and matching exploit code did not contact Oracle first.

Leemeng writes "I'm looking for a simple, free, and F/OSS flat-file database program. I'm storing info about Wi-Fi access points that I come across, maybe 8-9 fields per entry. I've outgrown Notepad. This info is for my own reference only; it is not going on a Web server. Googling was unhelpful, with results skewed towards SQL, Access (MS), and Oracle, all of which would be overkill for my purposes. My criteria are: it must be simple, F/OSS, must work in Windows Vista, preferably use a portable format, must not be an online app, and must not require Java. Does such a beast exist?"

cyteen02 writes "We run a data processing and tracking system for a customer in the UK. We provide a simple Web site where the customer can display the tracking data held in our Oracle database. From these screens they can query based on a combination of 15 different data fields, so it's pretty flexible. We also provide a csv report overnight of the previous day's data processing, which they can load into their own SQL Server database and produce whatever reports they want. Occasionally they also want one-off specific detailed reports, so we write the SQL for that and send them the results in an Excel format spreadsheet. This all ticks along happily. However they have now asked for direct read-only access to our Oracle database, to be able to run ad-hoc queries without consulting us. As a DBA, my heart sinks at the thought of amateurs pawing through my database. Unfortunately, 'because you are stupid' is not considered a valid business reason to reject their request. So can any Slashdotters assist me in building my case to restrict access? Have you experienced a similar situation? Have you had to support this sort of end user access? How would you advice me to keep my customer away from my precious tables?"

Trailrunner7 writes "Database security super-genius David Litchfield has found a way to manipulate common Oracle data types, which were not thought to be exploitable, and inject arbitrary SQL commands. The new method shows that you can no longer assume any data types are safe from attacker input, regardless of their location or function. 'In conclusion, even those functions and procedures that don't take user input can be exploited if SYSDATE is used. The lesson here is always, always validate and prevent this type of vulnerability getting into your code. The second lesson is that no longer should DATE or NUMBER data types be considered as safe and not useful as injection vectors: as this paper (PDF) has proved, they are,' Litchfield writes."

conan1989 writes to tell us that a recent report from the Standish Group is claiming that open source is costing the traditional software market somewhere in the neighborhood of $60 billion per year in revenue. "MySQL Marten Mickos has often spoken of 'taking a $10 billion market and making it a $3 billion market.' If you consider that open source has taken out $60 billion of traditional software revenues there will be a bloodletting in the proprietary world soon enough. It's a great time to be an open source company."

An anonymous reader writes "From the MySQL User's Conference, Sun has announced, and former CEO Marten Mickos has confirmed, that Sun will be close sourcing sections of the MySQL code base. Sun will begin with close sourcing the backup solutions to MySQL, and will continue with more advanced features. With Oracle owning Innodb, and it being GPL, does this mean that MySQL will be removing it to introduce these features? Sun has had a very poor history of actually open sourcing anything."

stoolpigeon writes "IBM has made a move to support open source RDBMS PostgreSQL by investing in EnterpriseDB, a company that supports PostgreSQL as well as selling their own proprietary extensions to the database product. IBM participated in a $10 million funding round, though the article doesn't say how much they invested. In the past EnterpriseDB has primarily advertised itself as an Oracle competitor, though the article says, 'Derek Rodner, EnterpriseDB's director of product strategy, explained that Postgres Plus 8.3 also adds in new application quick starts which are supposed to help with installation issues. They will also help in EnterpriseDB's battle against MySQL for open source database supremacy.'"

OTDR alerts us to the latest software patent stupidity in the news as patent number 6,418,462, "methods allowing clients to perform tasks through a sideband communication channel, in addition to the main communication channel between a client and server," snubs its nose at AJAX, ftp, and decades of prior art and goes on sale next month in San Fransisco. "Singled out are AJAX mashups including Google Maps and Gmail, and Microsoft 'Live'... Also in the frame are Amazon's S3 and EC2 and clusters from Microsoft, VMware, and Oracle. eBay's Skype, Napster, and Microsoft's Groove are also listed as potentially infringing on the patent in P2P."

alx5000 writes "In an interview conducted last week with Consumer Eroski (link in Spanish; Google translation), the father of Tetris Alexey Pajitnov claimed that 'Free Software should have never existed,' since it 'destroys the market' by bringing down companies that create wealth and prosperity. When asked about Red Hat or Oracle's support-oriented model, he called them 'a minority,' and also criticized Stallman's ideas as 'belonging to the past' where there were no software 'business possibilities.'"

Reservoir Hill writes "Randall Stross has an insightful article in the NY Times that says that if Microsoft thinks this is the right time to try a major acquisition on a scale it has never tried before, it should pursue not Yahoo but SAP, another major player in business software, thus merging Microsoft's strength with that of another. This is more likely to produce a happy outcome than yoking two ailing businesses, Yahoo's and Microsoft's own online offerings, and hoping for a miracle. Stross points to Oracle as a company whose acquisition strategy has picked up key products and customers while avoiding venturing too far from its core business, or overpaying. Stross recommends that Microsoft acquire SAP and leave it alone as an autonomous division — which would avoid a culture-clash integration fiasco. Besides, large enterprise customers are arguably the best customers a software company can have. A few dozen well-paying Fortune 500 customers may actually be more valuable than tens of millions of Web e-mail 'customers' who pay nothing for the service and whose attention is not highly valued by online advertisers."

sleeplesseye writes "In a speech at the Midem music industry convention in Cannes, Paul McGuinness, longtime manager of the band U2, has called on Internet service providers to immediately introduce mandatory French-style service disconnections to end music downloading, and has urged governments to force ISPs to adopt such policies. McGuinness criticized Radiohead's 'In Rainbows' pay-what-you-want business model, saying that 'the majority of downloads were through illegal P2P download services like BitTorrent and LimeWire'. He also accused ISPs, telcos, device makers, and numerous specifically named companies such as Apple, Google, Yahoo!, Oracle, and Facebook of building 'multi billion dollar industries on the back of our content without paying for it', and of being 'makers of burglary kits' who have made 'a thieves' charter' to steal money from the music industry. The full text of his speech has been posted on U2's website."