Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Security

MongoDB Config Error Exposed 93M Mexican Voter Records (csoonline.com) 69

An anonymous reader cites an article on CSOOnline: A 132 GB database, containing the personal information on 93.4 million Mexican voters has finally been taken offline. The database sat exposed to the public for at least eight days after its discovery by researcher Chris Vickery, but originally went public in September 2015. Vickery, who works as a security researcher at Kromtech, discovered the MongoDB instance on April 14, but had difficulty tracking down the person or company responsible for placing the voter data on Amazon's AWS. He first reached out to the U.S. State Department, as well as the Mexican Embassy, but had little success. The database contains all of the information that Mexican citizens need for their government-issued photo IDs that enable them to vote. Along with their municipality, and district information, the database records include the voter's name, address, voter ID number, date of birth, the names of their parents, occupation, and more. [...] Given that the database has been online since September 2015, it isn't clear how many people have accessed the records. Additionally, the actual owner of the account hosting the data remains unknown.
Privacy

Database Error Exposes Sensitive Information On 1,700 Kids (csoonline.com) 62

itwbennett writes: Researcher Chris Vickery discovered that the Arlington, Virginia based child monitoring service uKnowKids.com had a misconfigured MongoDB installation that left sensitive details on over 1,700 children exposed for months. UKnowKids helps parents monitor their child's activities online, by watching their mobile communications, social media activities, and their location. And so the database stored 6.8 million private text messages, 1.8 million images (many depicting children), Facebook, Twitter, and Instagram account details, in addition to the children's full names, email addresses, GPS coordinates, date of birth.
Databases

Oracle Named Database of the Year, MongoDB Comes In Second (softpedia.com) 122

An anonymous reader writes: Oracle's database management system has seen the biggest rise in terms of popularity in the past year. Oracle didn't only see a rise in the number of deployed instances, job offerings and mentions on LinkedIn profiles, but for the first time also became a popular topic on Twitter and a constant mention on StackOverflow, a popular Q&A support forum for developers. Second on DB-Engine's popularity list was MongoDB, which barely missed winning the DBMS of the Year award for the third time in a row.
Security

Over 650 TB of Data Up For Grabs From Publicly Exposed MongoDB Database (csoonline.com) 96

itwbennett writes: A scan performed over the past few days by John Matherly, the creator of the Shodan search engine, has found that there are at least 35,000 publicly accessible and insecure MongoDB databases on the Internet, and their number appears to be growing. Combined they expose 684.8 terabytes of data to potential theft. Matherly originally sounded the alarm about this issue back in July, when he found nearly 30,000 unauthenticated MongoDB instances. He decided to revisit the issue after a security researcher named Chris Vickery recently found information exposed in such databases that was associated with 25 million user accounts from various apps and services, including 13 million users of the controversial OS X optimization program MacKeeper, as reported on Slashdot on Wednesday.
Databases

Why To Choose PostgreSQL Over MySQL, MariaDB (dice.com) 244

Nerval's Lobster writes: PostgreSQL, MySQL, and MariaDB are the three "main" open-source relational databases available today (there are four if you count FireBird, but for brevity we're excluding it). For years, MySQL had a reputation of being faster than PostgreSQL, but much of that was due to the MyISAM database engine, which didn't support transactions. On the flip side of things, PostgreSQL had a reputation for being slower but more reliable. But with the recent versions of both platforms, things have started to change; for example, speed has been less of a problem for PostgreSQL, while MySQL now defaults to the InnoDB engine, which does handle transactions. According to developer David Bolton, here's why PostgreSQL is worth a second look for your database-management needs (Dice link).
Databases

PostgreSQL Outperforms MongoDB In New Round of Tests 147

New submitter RaDag writes: PostgreSQL outperformed MongoDB, the leading document database and NoSQL-only solution provider, on larger workloads than initial performance benchmarks. Performance benchmarks conducted by EnterpriseDB, which released the framework for public scrutiny on GitHub, showed PostgreSQL outperformed MongoDB in selecting, loading and inserting complex document data in key workloads involving 50 million records. This gives developers the freedom to combine structured and unstructured data in a single database with ACID compliance and relational capabilities.
Stats

Video Working with Real-Time Analytics as a Service (Video) 15

This is wide-ranging interview with Dev Patel and Poulomi Damany of BitYota, an Analytics as a Service startup that works specifically with MongoDB. Open Source? Not yet. But hopefully soon, they say. And why should an IT person or programmer care about marketing-oriented analytics? Because the more you know about functions in your company besides IT (such as finance, investor relations, and -- yes -- marketing), the more valuable you are as an employee. Dev also mentions the two main things he looks for when recruiting for BitYota: "One is intellect, and the other is attitude." He points out that this is not true merely of BitYota, but of any strong startup. This is all good information for any job-seeker hoping to land a spot with a startup -- and for anyone who is happy with where he or she works but hopes to earn promotions and raises, too.
Databases

Ask Slashdot: Is Postgres On Par With Oracle? 372

grahamsaa writes "I work at medium sized company that offers a number of products that rely fairly heavily on backend databases, some of which are hundreds of gigabytes and deal with hundreds or thousands of queries per second. Currently, we're using a mix of Postgres, Oracle, and MySQL, though we're working hard to move everything to Postgres. The products that are still on MySQL and Oracle were acquisitions, so we didn't get to choose the RDBMS at the time these products were designed. So far, we've been very happy with Postgres, but I know next to nothing about Oracle. It's expensive and has a long history of use in large enterprises, but I'm curious about what it offers that Postgres might not — I'm not saying this because I think that sticking with Oracle would be a good idea (because in our case, it probably isn't), but I'm curious as to how some companies justify the cost — especially considering that EnterpriseDB makes transitioning from Oracle to Postgres feasible (though not painless) in most cases. For those that use Oracle — is it worth the money? What's keeping you from switching?"
Databases

Cassandra NoSQL Database 1.2 Released 55

Billly Gates writes "The Apache Foundation released version 1.2 of Cassandra today which is becoming quite popular for those wanting more performance than a traditional RDBMS. You can grab a copy from this list of mirrors. This release includes virtual nodes for backup and recovery. Another added feature is 'atomic batches,' where patches can be reapplied if one of them fails. They've also added support for integrating into Hadoop. Although Cassandra does not directly support MapReduce, it can more easily integrate with other NoSQL databases that use it with this release."
Databases

MemSQL Makers Say They've Created the Fastest Database On the Planet 377

mikejuk writes "Two former Facebook developers have created a new database that they say is the world's fastest and it is MySQL compatible. According to Eric Frenkiel and Nikita Shamgunov, MemSQL, the database they have developed over the past year, is thirty times faster than conventional disk-based databases. MemSQL has put together a video showing MySQL versus MemSQL carrying out a sequence of queries, in which MySQL performs at around 3,500 queries per second, while MemSQL achieves around 80,000 queries per second. The documentation says that MemSQL writes back to disk/SSD as soon as the transaction is acknowledged in memory, and that using a combination of write-ahead logging and snapshotting ensures your data is secure. There is a free version but so far how much a full version will cost isn't given." (See also this article at SlashBI.)
Data Storage

NoSQL Document Storage Benefits and Drawbacks 96

Nerval's Lobster writes "NoSQL databases sometimes feature a concept called document storage, a way of storing data that differs in radical ways from the means available to traditional relational SQL databases. But what does 'document storage' actually mean, and what are its implications for developers and other IT pros? This SlashBI article focuses on MongoDB; the techniques utilized here are similar in other document-based databases."
Databases

Moving From CouchDB To MySQL 283

itwbennett writes "Sauce Labs had outgrown CouchDB and too much unplanned downtime made them switch to MySQL. With 20-20 hindsight they wrote about their CouchDB experience. But Sauce certainly isn't the first organization to switch databases. Back in 2009, Till Klampaeckel wrote a series of blog posts about moving in the opposite direction — from MySQL to CouchDB. Klampaeckel said the decision was about 'using the right tool for the job.' But the real story may be that programmers are never satisfied with the tool they have." Of course, then they say things like: "We have a TEXT column on all our tables that holds JSON, which our model layer silently treats the same as real columns for most purposes. The idea is the same as Rails' ActiveRecord::Store. It’s not super well integrated with MySQL's feature set — MySQL can’t really operate on those JSON fields at all — but it’s still a great idea that gets us close to the joy of schemaless DBs."

Slashdot Top Deals

And on the seventh day, He exited from append mode.

Working...