Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Databases

Is MySQL's Community Eating the Company? 223

Posted by CmdrTaco from the get-yer-drizzle-on dept.
mjasay writes "Craigslist's Jeremy Zawodny reviews the progress of MySQL as a project, and discovers that through third-party forks and enhancements like Drizzle and OurDelta 'you can get a "better" MySQL than the one Sun/MySQL gives you today. For free.' Is this a good thing? On one hand it demonstrates the strong community around MySQL, but on the other, it could make it harder for Sun to fund core development on MySQL by diverting potential revenue from the core database project. Is this the fate of successful open-source companies? To become so successful as a community that they can't eke out a return as a company? If so, could anyone blame MySQL/Sun for creating its own proprietary fork in order to afford further core development?"

Comment Re:Wow (Score 1) 175

by quantum bit (#25951651) Attached to: MySQL 5.1 Released, Not Quite Up To Par

To be honest, and I'm a total pgsql fan, you usually wind up needing to edit pg_hba.conf and reload to allow external access. But yeah, it is about as easy to me as mysql.

Although, the primary deployment for MySQL seems to be running on the same machine as the web server. In a direct comparison of that case, you don't even need to change pg_hba.conf.

The default config isn't secure if you have untrusted users on the machine (i.e. hosting service), unless you used "initdb -A md5" or something similar, but it's easy to change.

My favorite auth method for server-in-a-box is "ident sameuser" over UNIX sockets. In that case it seamlessly integrates with the OS's underlying security model, so all I have to do is "CREATE USER webapp;", and the user 'webapp' can connect as itself (and only as itself) with no password.

Comment The first time I used MySQL... (Score 5, Interesting) 175

by quantum bit (#25951325) Attached to: MySQL 5.1 Released, Not Quite Up To Par

I've used MySQL for years...

The same thing in MySQL would have taken me thirty seconds now, and no more than 15 minutes when I was starting out. With Postgres, it took me upwards of 20 minutes when it should have taken much less time.

That's because you know MySQL, so of course something that works differently is going to be more work for you to figure out.

I've used PostgreSQL for years, when I had to set up a MySQL database for some php app it took much more than 15 minutes to figure it out and get it running. The primary problem was MySQL's obtuse user management system.

With PostgreSQL I know that it's secure by default -- the default user has no password, so even if you enable password authentication it won't work (because it has no password!). You log in locally with trusted authentication, and issue the very logical CREATE USER. Edit the self-documented config file to allow remote hosts to access the database using your preferred authenticaion method, and you're done.

With MySQL, new users are automagically created by the GRANT command?! Huh? On top of that, passwords are apparently specific to a certain host string. Bizarre. Do I need to use localhost for the actual machine name for local users? What about remote machine without a reverse DNS entry? What's the order of precedence for '%' vs a more specific name?

Oh, the default 'root' account has no password ...and allows access over the network. Wonderful. Okay, so to change that do I use root@% or root@computer? How do I know I changed the right one and there isn't still some root@something entry? SHOW TABLES is easy enough, how about SHOW USERS? Nope, that's not it.

Time to check the startup guides. Well, one just has a single password change, another has 3 or 4 lines of 'delete from user...'. The reference for GRANT just has a bunch of caveats and warnings, and the "User Account Management" section goes on and on and somehow doesn't manage to tell me what I want to know.

To this day I'm not 100% sure if the MySQL install is secure. I decided my time would be better spent eliminating the MySQL-isms from the app in question so that it can run on Postgres like everything else on the server. There are some very strange queries in there - a lot of GROUP BY expressions that make no sense and aren't valid SQL. Some of it I'm not sure how it ever worked.

Comment Re:In the US (Score 1) 245

by quantum bit (#25837249) Attached to: CRTC Rules Bell Can Squeeze Downloads

That info is a little out of date, too. At least to the endpoint, PRI is the preferred method of attaching to the PSTN. You do give up one of the channels to be dedicated to signaling, but get vastly superior channel allocation.

I'm not sure what the telcos are using for the big trunks, but I'd imagine (hope) they have something a little more advanced than basic T1 by now.
Science

Large Hadron Collider Goes Live September 10th 409

Posted by timothy from the get-your-affairs-in-order dept.
Naznarreb writes "CERN announced today that the first attempt to circulate a beam through the Large Hadron Collider will be on September 10th, 2008. You can read the press release here. They also announced the event will be webcast live. According to the release, they're just planning to run a few tests laps, not smash any particles, so the world won't be ending quite yet." And despite that September 10th date, according to the BBC, "On 9 August, protons will be piped through LHC magnets for the first time."
Media

BBC Offers iPhone Version of iPlayer, Accessible to Linux Users Too 187

Posted by Zonk from the so-nice-of-them dept.
smallfries writes "After a long battle with Linux users in the UK, the BBC was forced into releasing a flash version of the iPlayer streaming service to fulfill their obligations to license-fee payers. After claiming that development of Linux and Mac versions of the iPlayer would take two years, Auntie Beeb has rushed to support the iPhone. iPhone users 'can be trusted' because their platform is locked down ... so the beeb opened a non-DRM hole in the iPlayer to support them. This was guarded by the extreme security of User Agent strings! Long story short, Linux and Mac users have made their own non-DRM, non-Microsoft platform from firebug and wget. UK users can now watch (and keep) their favorite BBC shows."
Programming

When Should We Ditch Our Platform? 622

Posted by kdawson from the future-shock dept.
odoketa writes "My organization recently had to replace our Web developer. It took us an extremely long time to find someone with the necessary skill set. I don't know if this is because of the platform we are running (which I will leave nameless), or simply because the fates conspiring against us. It's easy to assume that languages or platforms are popular based on buzz, but the rubber hits the road when you have to hire someone to maintain that code. How are folks out there determining when you've backed the wrong horse, and getting back on track?"
Government

Daylight Saving Time Wastes Energy 550

Posted by kdawson from the back-to-nature's-clock dept.
An anonymous reader writes "With the time approaching when we'll be changing our clocks again, the Wall Street Journal is running a timely article on a study done by a UC-Santa Barbara economics professor and a Ph.D. student. The study unambiguously concludes that Daylight Saving Time not only doesn't save any energy, it actually wastes energy and costs more. The study used energy company records from Indiana before and after that state mandated DST for all of its counties, and calculated that the switch cost Indiana citizens $8.6M per year. 'I've never had a paper with such a clear and unambiguous finding as this,' the professor said."
Biotech

Key Step In Programmed Cell Death Discovered 80

Posted by CmdrTaco from the is-it-the-step-that-stops-it? dept.
Investigators at St. Jude Children's Research Hospital have discovered a dance of proteins that protects certain cells from undergoing apoptosis, also known as programmed cell death. Understanding the fine points of apoptosis is important to researchers seeking ways to control this process. In a series of experiments, St. Jude researchers found that if any one of three molecules is missing, certain cells lose the ability to protect themselves from apoptosis. A report on this work appears in the advance online publication of Nature.
Music

Leaked RIAA Training Video 335

Posted by samzenpus from the gateway-crime dept.
An anonymous reader writes "Gizmodo has a clip of that RIAA training video produced with the NDAA for US prosecutors that was leaked to torrent sites a few days ago. It argues they should pursue piracy cases because it leads to bigger and badder wares, like handguns, drugs, terrorist orgs, and hardcore repeat offender criminals. It's kind of sad how far they're stretching to bring law enforcement into the matter."
Star Wars Prequels

Animated Film Set To Kick Off Star Wars TV Show 270

Posted by Zonk from the could-be-worse-i-guess dept.
Sasseen writes "George Lucas has announced that the animated Star Wars television show, which we've discussed previously, will be kicking off with a feature-length theatre release. Lucas felt that, 'there were a lot more 'Star Wars' stories left to tell. I was eager to start telling some of them through animation and, at the same time, push the animation forward.' A fully animated film will be released in theaters on August 15 with a TV series of more than 30 episodes planned to follow on Cartoon Network and TNT. Also of note from the article, 'A new character named Ahsoka, Anakin's padawan, will be the first female Jedi to be a character of focus'."

Slashdot Top Deals

It is easier to write an incorrect program than understand a correct one.

Close