SQL Archive

Oracle’s NoSQL

by Asbed P
During last month’s OpenWorld conference, Oracle announced a slew of new technologies along with their much anticipated NoSQL database.  Finally the Oracle NoSQL is released and will also be included in Oracle’s Big Data Appliance, which will ship during the first three months of this coming year.  Oracle says their NoSQL database is targeted towards “customers who are acquiring massive amounts of data who are unsure about the schema, who want more fluid capture of the data,” says Marie-Anne Neimat, the vice president of Oracle’s database development.  The database is a Java version of the Berkeley database, which is an open source database developed by UC Berkeley that is commonly used in embedded systems.  Although NoSQL can’t do highly structured queries like other SQL based datases could, the database doesn’t require a fixed schema, so users can add new information as columns as the need rises. read more...

1,300 Ways to Skin a CAT5

by James C
Summary:

It is reported that applications on the web are attacked by SQL injections on average of 71 times per hour. This is no comparison to the 1,300 attacks that some sites experience during peak attacks. Imperva, a security vendor, had conducted a research on 30 different Web application, spanning different industries and sizes. In concluded that 83% of all hacker related intrusions stemmed from SQL injections. To make the intrusion simpler the attackers used automated penetration tools. Tools like Sqlmap, LulzSec and Havij to name a few. The article states 8 safeguards for stopping SQL injection attacks. read more...

SQL server in the cloud?

by Dean H

Summary: SQL server is a very powerful relational database system that can provide powerful calculations. Cloud computing is the up coming new star which many companies not only use it to maintain its competition, but also rely on it to perform the business operation. Microsoft came out with the idea of combining the two together and introduced the “Cloud SQL server”. It is “a distributed storage system for web-base applications”. It is also currently being used as the storage engine for Microsoft’s Exchange Hosted Archive and SQL Azure. There are two main approaches, one is a database without key (a co-located), or the traditional way with the keys to identify the different tables. Although the cloud SQL server is already implemented, there are some drawbacks such as the Cloud SQL performance is lower than the SQL server, unable to be self-monitoring and self- managing. A big improvement would be replacing the partitioning requirement and still maintain an acceptable performance. Response: I competed in last year’s IT competition and our topic was on Cloud computing. Personally I think it is the an inevitable trend of the future, so I am not surprised to see Microsoft introduce a “Cloud SQL Server’. It brings performance and mobility to the table, as well as an easier way to measure the cost of IT within a company. From this article I learned some technical terms that I have heard before, but not sure the actual implementation. An example would be “two phase commit”. It means “an all-or-nothing affair”, that if a series of operation bound as a transaction cannot be completed, the rollback must restore the system to the pre-transaction state, which leads the approach of a keyless data model. Citation Bernstein, P.A.; Cseri, I.; Dani, N.; Ellis, N.; Kalhan, A.; Kakivaya, G.; Lomet, D.B.; Manne, R.; Novik, L.; Talius, T.; , “Adapting microsoft SQL server for cloud computing,” Data Engineering (ICDE), 2011 IEEE 27th International Conference on , vol., no., pp.1255-1263, 11-16 April 2011 doi: 10.1109/ICDE.2011.5767935 URL: http://0-ieeexplore.ieee.org.opac.library.csupomona.edu/stamp/stamp.jsp?tp=&arnumber=5767935&isnumber=5767827

FBI Catches LulzSec Hacker

by Asbed P
Many companies use SQL Databases to store company and customer information.  Sometimes these databases are not very well protected.  In Sony’s case, their databases were left open to a group of hackers known as LulzSec.  These loosely knit group of hackers like to create chaos and mischief for their own entertainment and not necessarily for profit.  On Thursday, September 22, 2011, a hacker named “Recursion” from the group LulzSec was tracked down and caught by the Federal Bureau of Investigation.  He attacked the database by using a technique also known as SQL injection that allowed him full access into Sony Pictures systems.  From there he was able to post massive amounts of data online as part of LulzSec’s data dumps which included email addresses and passwords of Sony customers.  The student from Phoenix, used an online proxy service and a hard drive cleaner to cover his tracks but that was not enough.  He could spend the next 15 years in prison if he is found guilty. read more...

A Costly Lesson for Sony

by George A
The article in summation states that one of the hackers of the group LulzSec has been detained by authorities named. Cody Kretsinger. He is being detained due to his connection with the security breach on Sony Pictures Entertainment. LulzSec managed to obtain thousands of emails, phone numbers, passwords, birth dates, addresses and names. This information was later packaged into a single file and made available to the public. They attempted to protect themselves via proxy servers and by deleting their hard drives. The members used an attack called a “SQL Injection” which is a common way for hackers to obtain information. 23 year old Kretsinger is facing a maximum sentence of 15 years in prison. read more...

Netflix uses NoSQL as Demand Grows

by Ahlyzik M
Summary:

As Netflix slowly takes over the online video market, there needs to be some type in-house redesign in their back-end infrastructure to accommodate for this demand. The company intends to do so by implementing a NoSQL style of architecture for a number of reasons. Yury Izrailevsky, Netflix’s Director of Cloud and Systems Infrastructure, stated that one of the main factors of choosing this style of database is because they best suit the use cases with those of Netflix. With the new infrastructure, there will be 3 different databases that handle each use case that Netflix has. This will in turn allow the user to have a better experience when using Netflix’s product. read more...