misc

2017–what grabbed your attention

Connor McDonald ,

Here are the blog posts that you hit on most this year.  Thanks for supporting the blog, and always, there will be more content next year !

Buffer cache hit ratio–blast from the past

Connor McDonald ,

I was perusing some old content during a hard drive “spring clean” the other day, and I found an old gem from way back in 2001.  A time when the database community were trying to dispel the myth that all database performance issues could be tracked back to,  and solved via, the database buffer cache hit ratio.  Thankfully, much of that folklore has now passed into the realm of fiction, but I remember at the time, as a means of showing how silly some of the claims were, I published a routine that would generate any buffer cache hit ratio you desired.  It just simply ran a query to burn through logical I/O’s (and burn a whole in your CPU!) until the required number of operations bumped up the buffer cache hit ratio to whatever number you liked Smile 

Less performance, more work done…. all to get a nice summary number.

The kinds of statistics that the database collects, and what each one represents has changed over the years and versions of Oracle, but I figured I’d present the routine in original form as a nostalgic reminder that statistics without an understanding behind them are as good as no statistics at all.

Enjoy !


create or replace
procedure choose_a_hit_ratio(p_ratio number default 99,p_show_only boolean default false) is
  v_phy                number;
  v_db                 number;
  v_con                number;
  v_count              number;
  v_additional_congets number;
  v_hit number;
  
  procedure show_hit is
  begin
    select p.value, d.value, c.value
    into v_phy, v_db, v_con
    from 
      ( select value from v$sysstat where name = 'physical reads' ) p,
      ( select value from v$sysstat where name = 'db block gets' ) d,
      ( select value from v$sysstat where name = 'consistent gets' ) c;
    v_hit := 1-(v_phy/(v_db+v_con));
    dbms_output.put_line('Current ratio is: '||round(v_hit*100,5));
  end;
begin
--
-- First we work out the ratio in the normal fashion
--
  show_hit;

  if p_ratio/100 < v_hit or p_ratio > 99.9999999 then
    dbms_output.put_line('Sorry - I cannot help you');
    return;
  end if;
--
-- Flipping the formula we can work out how many more consistent gets
-- we need to increase the hit ratio
--
  v_additional_congets := trunc(v_phy/(1-p_ratio/100)-v_db - v_con);

  dbms_output.put_line('Another '||v_additional_congets||' consistent gets needed...');

  if p_show_only then return; end if;
--
-- Create a simple table to hold 200 rows in a single block
--
  begin
    execute immediate 'drop table dummy';
  exception 
    when others then null;
  end;

  execute immediate 'create table dummy (n primary key) organization index as '||
                    'select rownum n from all_objects where rownum <= 200';
--
-- Turn off any new 9i connect-by features to ensure we still do lots of 
-- logical IO
--
  begin
    execute immediate 'alter session set "_old_connect_by_enabled" = true';
  exception 
    when others then null;
  end;
--
-- Grind away until we do all those additional gets
--
  execute immediate '
    select count(*) 
    from (
      select n
      from dummy
      connect by n > prior n
      start with n = 1 )
    where rownum < :v_additional_congets' into v_count using v_additional_congets;

  show_hit;
end;
/

And some output to keep the hit ratio fanatics happy!


SQL> exec choose_a_hit_ratio(85,true);
Current ratio is: 82.30833
Another 29385 consistent gets needed...

PL/SQL procedure successfully completed.

SQL> exec choose_a_hit_ratio(85);
Current ratio is: 82.30833
Another 29385 consistent gets needed...
Current ratio is: 86.24548

PL/SQL procedure successfully completed.

SQL> exec choose_a_hit_ratio(90,true);
Current ratio is: 86.24731
Another 79053 consistent gets needed...

PL/SQL procedure successfully completed.

SQL> exec choose_a_hit_ratio(90);
Current ratio is: 86.24731
Another 79053 consistent gets needed...
Current ratio is: 90.5702

PL/SQL procedure successfully completed.

SQL> exec choose_a_hit_ratio(98,true);
Current ratio is: 90.5709
Another 1141299 consistent gets needed...

PL/SQL procedure successfully completed.

SQL> exec choose_a_hit_ratio(98);
Current ratio is: 90.5709
Another 1141299 consistent gets needed...
Current ratio is: 98.02386

PL/SQL procedure successfully completed.

The devastating death PC emoji of doom

Connor McDonald ,

So there I am.  Sitting at Perth airport.  My flight from Perth to Sydney, the first leg on my trip to OpenWorld 2017 is delayed.  Of course, delays are not unusual and do not normally bother me.  Because I can just flip open my laptop, knock off a few AskTOM questions while I wait.

But not this time.  I press the Power button and I get this:

Image result for windows 10 collectin memory dump

That is the first time I’ve ever seen that on my nice Dell XPS 13 laptop, but I figure “No big drama.  Probably just some sleep glitch” and let the machine reboot.

That is when the real fun started.  As it is restarting I get a similar screen (which I can’t screen dump…because the laptop isn’t booting!) saying the machine cannot boot.

Now I’m starting to be concerned.  Because I’m a few days out from 6 conference talks at the biggest Oracle conference of the year.  The laptop then goes into a “Cannot boot, so we’ll reboot” cycle which I don’t seem to be able to escape from, and then boarding call comes out over the public address system at the airport.

Aggghhhhh!!!

So I have to do a forced power off on the laptop, jump on the plane…and now sit there in a cold sweat for 5 hours while I fly to Sydney (because I’m now too scared to tackle this issue without a power supply).

I arrive in Sydney and renew the battle.  I power it up, and the laptop says “I cannot boot”, but this time says … “Would I like to repair the startup?”.  Why it has changed I have no idea, but I give it a shot.  After a lot of progress bars, and messages about how long this might take, the laptop finally displays the normal login screen.

Phew !!!!!!!!!

But all is not totally right.  If I sleep or shutdown the laptop, then on boot up, the first message I get is a sad emoji BSOD like the one above, after which it reboots again and then appears fine.

So … here I am, at the hotel with a working laptop… and zero confidence in it.  Grrrrrr.

Not the best start to the week 😦

Top Ten Travel hints and Tips

Connor McDonald ,

Well, let me be honest right at the top here.  These are not travel hints Smile  These will not help you in any way.

This is me having a whine and a rant about a minority of people that I occasionally encounter when travelling.

Yes, this can probably be best described as me and my first world problems, but I need to expunge these so that next time I travel, I don’t lose my head, and stuff some poor unsuspecting innocent passenger“under the seat in front of me or in the overhead locker” Smile

So sit back, relax and enjoy Connor’s “Travel Tips” Smile  (possibly NSFW)

1) Boarding pass

The term “boarding pass” stems from the Latin derivation: “The pass you need to present in order to board the bloody plane!”

So you know what ? At some stage, there is going to be a person who wants to see your boarding pass.  Incredible eh ?  And do you know where this happens ?  In every freakin’ airport !  We don’t need to suffer while you present a bemused expression to the security person asking for boarding pass, whilst you say “Oh….do I need my boarding pass ?  Let me hunt for it in the bottom of my bag for 15 minutes”.  On a recent flight, I even saw someone launch into a debate with the ground staff about why they have to present their pass!  Seriously ?  Were you trying out for the school debating team ?  Just keep it in your pocket or in your hand, and you’re done.  Easy !

2) Security check

There’s also going to be some people who want to X-ray your stuff.  Do you know where this happens ?  In every freakin’ airport !  And that huge placard that just about hit you on the head as you entered the security checkpoint said something along the lines of:

  • Take out your laptop
  • Empty your pockets

or we can take that down to real simple terms…. Metal and electrical stuff – bad.  Human body – good. Pretty….simple….concept.

But that’s ok, you can just ignore all that, because nothing makes a security officer feel more complete, than watching that bag of yours go though the X-ray machine 4 times, each time with one less electronic device in it, combined with your silly grin and shrug of the shoulders…. And they’ll ever happier when you follow that up with you carrying your wallet, phone, pocket knife, kitchen utensils, meccano set, your complete IKEA Applaro outdoor furniture setting, and a Milwaukee ride-on lawn mower, all stuffed in your jeans pockets, so that body scanner sounds more like Tchaikovsky’s Dance of the Sugar Plum fairy.

3) Boarding the plane

A few budget airlines have a policy where the seats are no allocated, you simply take what is available as you enter plane.

But the huge majority of airlines offer an incredible, amazingly sophisticated service for you as a passenger.

It’s called …. AN ALLOCATED SEAT.

You’re going to get one.  Incredible isn’t it ?!?!  Whether you like it or not… there is a seat on that plane that is waiting for you… JUST FOR YOU!  It doesn’t matter if you are the first person on the plane, or the last person on the plane, you are going to get that seat.  Because we’ve all seen the unholy hell of a nightmare that results when a passenger does not arrive for their seat after they’ve checked in.  Staff run around in a total panic like headless chickens yelling out “MR SMITH !!! URGENTLY PAGING MR SMITH!!!!”.  Every airline employee involved with that airline’s imminent departure is thoroughly invested in getting you to the your seat so the plane can leave, and they can see the back of you and go grab a coffee.

Do you know what this means ?  It means that when the boarding announcement is made, you do not have to charge the gate like the Orc army in the Lord of the Rings.  Do you know why airlines board the plane in a particular order ?  So they get can the damn plane into the air and on it’s way! That is sortta a prerequisite of travelling by plane to a destination – at some stage the plane has to get into the air for this to work ! You are not trying to storm a battlefront, or escape a stampede of bison, or get a limited edition of the AskTom commemorative sticker Smile.

So surprise surprise … if you wait for your boarding zone to be called, you will actually get to your destination faster.  And as a bonus, we can all get away faster.

4) Carry on

There is probably some unique set of circumstances out there, or some incredibly rare set of events put in motion, that means on this particular day, on this particular flight:

  • you are emigrating to another country never to return, AND
  • the aircraft is doing an emergency shipment of food to a stranded herd of Nepalese mountain goats, and hence the cargo hold is full of hay.

but unless both of those conditions are true, then sorry, you do not need to bring a metric tonne of belongings spread across 34 bags into the cabin.  If you don’t carry so much junk with you, you’re also less likely to needing riot gear to rush the door (see 3 above) worrying that you won’t be able to find storage space for those 34 bags you’re lugging.  And if you had listened to me in #1, you’d have your boarding pass in one hand, and only one hand left for carry-on luggage.  That’s ample!

5) Your seat

“Wow, I walked onto the plane, and every row number was just in a random order throughout the plane”

… said no passenger on any airline ever.

It’s pretty simple.  The numbers start low and get higher.  It’s a lot like …. hmm… what’s the term I’m looking for …. oh yeah, counting! Smile  Don’t get me wrong – we’ve all done the “walk mistake” or “sit mistake” where we end up 1 row adjacent to where we should have gone.  No problems with that – it’s easy to fix.  But how on earth did you get down to row 64 when your boarding pass said “Row 17”.  What happened in that long slow walk down the plane where you missed the numbers 18 through 63 ?  I reckon I know why you missed those numbers – you were looking for storage bins to put your 34 carryon bags, plus the IKEA Applaro outdoor furniture setting that’s in your back pocket (which would be uncomfortable to sit on for the flight) Smile

Now, if you’re going to take me to task on this one and tell me that things might be more complicated on an A380 because of it’s multi-deck system, then I’m still not budging.  See #3 above.  When the boarding call announcements are made, the ground staff will tell you which door to take to the plane.  But you might have missed that during your Ussain Bolt impersonation trying to be the first person on the plane Smile

(Caveat: If the standard decimal Hindu-Arabic number system is not native to your language…you get a leave pass for this one)

6) The loo (toilet, rest room)

There’s plenty of ridiculous research studies performed each year, so perhaps somewhere, in some remote corner of our planet, there is a study being conducted to see in how many ways in a confined space a male can pee and deliberately not hit the target.

An aircraft is not one of the places…. Ugh.

7) Your phone

I think I side with the majority here, in that I’m pretty confident that using mobile phone is not going to cause any problems to the plane.

But … unless I work as an electronics/avionics engineer for that airline I’m flying on, that is not my decision to make.  It’s not yours either.

So when the announcement to turn off or flight mode your phone is made – try this technique:  Stop using your damn phone.

Because even if there is only a 0.001% chance of your phone usage causing an issue on the plane, there is no way that you “Poking” or “Liking” your cousin’s new gluten-free sugar-free chocolate chip muffin recipe on Facebook even comes close to taking even that infinitesimal risk.  When they’re crawling through the wreckage of the plane to find your remains, that’s not so great a eulogy to have read out at your funeral: “Yes, John did bring the plane down with his phone by messing up its navigation, but at least he enjoyed cousin Susie’s Paleo muffins”

8) The seat belt sign

I’ve travelled a lot.  Like most people, I’m not a fan of turbulence, but there are some times when I am literally appealing to a higher power for sudden, unexpected, near catastrophic turbulence to hit the plane – even if we’re still on the ground!  It’s when we’re about to take off, or we’re about to land, because someone has decided it’s time to get out of their seat and and embark upon a voyage of exploration throughout the entire cabin.  You can see their mindset – “I paid for my ticket. Why should I have to abide by the instructions of the flight attendant?”. If they just could take their over-inflated sense of self-importance offline for a few minutes, they’d probably realise that that trip to the galley area to demand an apple juice, (because hey, apple juice is much more critical than the tasks that flight attendants are currently doing in preparation for take off) could probably wait for a few minutes until the seat belt sign is switched off.  Which it will be for 99% of the flight!

The other day, I was in a plane that was seriously 20 seconds from touching down, and some joker gets up and makes his way to the toilet.  They had been locked by the flight attendants because …. we’re busy landing the bloody plane!  But that’s lets face it, if a seat belt sign hasn’t deterred the passenger, then nothing as simple as a locked door is going to stop him either.  So he’s standing there trying to break down the door like a SWAT team doing a drug raid, whilst the poor flight attendant has to put her safety at risk to get this numpty to the sit the hell back down.

9) The baggage carousel

As well as SpaceX and cross-continental transport tunnels, Elon Musk has already invested billions of dollars into baggage carousels at airports. Baggage carousels are incredibly hi-tech pieces of equipment.  There is a series of highly sophisticated Bluetooth devices that scan every single passenger as they approach via the entrance hall – devices that measure each passenger’s exact distance from their shoes to the carousel down to the nearest millimetre.  These measurements are sent wirelessly to the luggage delivery staff who then proceed to deliver the suitcases in exactly the order of proximity of passengers to the carousel.  The closer you stand, the faster your bag will come out.

I don’t have any concrete evidence of Elon’s involvement in baggage carousels – but surely that must be the case, because what other reason could there be for people to jam themselves around the thing like sardines in a can, making it impossible for anyone to see or even pick up their bag. Oh, and here’s a great idea – grab that airport luggage trolley and jam it right up against the carousel as well.  Heaven knows, if you packed 34 items of carry-on, you probably have an aircraft carrier plus a 4-storey building jammed into your suitcase.  No way you’ll be able to lift that more than a couple of inches.

Pro tip:  Standing just 1 meter back from the carousel lets everyone easily see and grab their bags.  And there’s no Bluetooth either, or Elon Musk for that matter.  He’s got more important stuff to do than watch you make a fool of yourself around a baggage carousel. Smile

10 ) Your airline staff

This is perhaps the motivation for this entire post.  On a few flights recently, I’ve seen the flight attendants over stretched in their duties because they are spending so much time trying to get passengers to do what passengers are meant to be doing without explicit instruction.  Or even worse, people being just plain rude to them.  Man, that gets me wound up.  So wound up it makes me want to blog about it Smile

Whatever your profession, nothing is more insulting than someone coming up to you and basically announcing “Whatever task you are doing is not as important as you catering to my most trivial of needs right now”.  It’s disrespectful and demeaning.  At the end of my work day, I feel best when I look back at the day and think “I achieved a lot today”.  More and more nowadays, when I’m a plane sitting within eyeshot of a flight attendants, when the plane lands I don’t see a look of job satisfaction; I see “Thank heavens, these rude and ignorant people will be getting off this damn plane so I won’t have to deal with them again”.  That’s a really sad reflection on us as passengers.

So there’s my “travel tips” for you.  Happy flying Smile

The village idiot

Connor McDonald , ,

If you are not familiar with the term Village Idiot, then Wikipedia provides a sufficient definition from which I can base this blog post.

https://en.wikipedia.org/wiki/Village_idiot

“The village idiot … is a person known for ignorance or stupidity”

Over the past couple of weeks I’ve been flying a bit.  First was OpenWorld and OracleCode in New Delhi in India, and from there, I was heading straight from there to Cleveland, Ohio for the GLOC users conference for the first time.  Being a fairly seasoned traveller, this should have been a relatively straightforward affair.

Well… things didn’t turn out that way. 

To get to Cleveland, first I had to get to the United States, so I had two flights, as you can see from the picture  – one from New Delhi to a transfer in Shanghai, and then from Shanghai to San Francisco. 

village_idiot_map

 

 

The problems started due to the simplest of issues.  The night before I was due to fly, I picked up my itinerary, saw “11:40pm” and thought “Cool…I can sleep in tomorrow, do some AskTOM, get some work done, and stroll out to the airport after the evening traffic has subsided”.  And I did precisely that.  I got to the airport at about 9pm, paid my driver, collected my suitcase and headed over to the airport entrance.

For those of you that have not been the India, the airports work a little differently.  You cannot actually enter the airport unless you have a valid ticket.  I assume this is both for security reasons and due simply to the volume of people that pass through the doors.  At the entrance, security personnel check your passport and ticket and let you in.  I produced my details and after a short pause, the officer looked at me and said:

“You cannot come in”

I asked why ?  I had given him my passport and all my flight details. 

He said “Your ticket is no longer valid”

And that’s when it hit me….The boarding time for both of my flights was 11:40… But for the first flight, it was 11:40am, and for the second flight was 11:40pm.  The night before, I had checked the wrong itinerary – I was mentally cued in to the time being “11:40” so when I saw “11:40pm” I assumed I was looking at the right document.

So this was the start of problems.  Here I was, on the sidewalk, not even being able to enter the airport, having missed a flight that left some 8 hours before I even got to the airport.  This first leg was with Air India, and the second leg was with United, so I was already thinking – how am I going to re-arrange these flights and get everything coordinated across two carriers. 

But first things first…I wandered down to the one part of the airport where you are allowed to enter – the ticketing section.  And, now nearly 10pm, no-one was manning the Air India desk.  So I tried calling them, and even whilst on hold, I realised the futility of this, because if you’ve ever stood outside in Indian traffic, you cannot hear a single thing.

I knew I would not be flying anywhere tonight so the next job was to get to an airport hotel….and of course, there are no onsite airport hotels at New Delhi airport Smile  So then it was a case of walking from taxi to taxi outside the airport trying to see if any of them take a credit card (which is rare for taxis in India) because, like most people, I had carefully spent all of my Indian currency because I thought I was about to leave the country !  Finally a car that looked less like a taxi and more like a hotel car was driving past, so I flagged him down, and asked him which hotel he was from and how far away it was.  5km later I was at a hotel, now nearing midnight, and the job of sorting out flights commenced.

Sorting out 2 flights with different vendors is not pleasant.  To try avoid the hassles, I phoned my travel agency because they’d have access across carriers.  After 20 mins (on mobile phone international roaming rates!) of “Please hold, your call is important to us” I gave up.  So first it was a call to Air India to see if I could get on the same flight tomorrow, but I could book nothing because then it was a call to United to see if I could get the next day flight from Shanghai. Then back to Air India to actually book, and then back to United and book with them.  Rest assured, on a mobile phone with brittle coverage, nothing is more annoying that voice-controlled automation ! 

Bot: “In a few words, tell us how we can direct your call”…
Me:  “Flight Reservation”
Bot: “I think you said ‘Cargo’. Is that right?”

I dont know why…but it does indeed make you feel better to swear at a bot Smile
So after a couple of hours of sweat and tears (and expense) I have more or less the same flights booked for 24 hours later.  I get some much needed sleep to let the adrenalin seep out…

Next morning, I’m back where I started – at the airport entrance, but this time, I’m straight through the entrance with no difficulties…phew.  After the standard 30min queue to check in, when I get to the counter, the Air India agent says to me:

“I’m sorry…We cannot check you in”

I go pale…. “WHY ?!?!?!”

“You do not have a visa for China.”

I tell him I do not need one, because I’m not staying there – it is just transit.  But apparently with the re-booking of the flights, they are no longer “connected”.  So now I have to prove that I indeed have a connecting flight out of China, and my existing hard copy printouts are useless, because they refer to a flight that already left yesterday !  And thus, here I am, at the checkin desk, trying to once again navigate the stupid voice bot as I try to contact United over shoddy cell service with international roam, so they can tell my Air India checkin agent about my flight.  I’ve discovered this is not a good way to be popular in an indian airport, with 500 people queued up behind you because you have become a bottleneck.

After 10mins on the phone, passing it back and forth to the agent and myself, I am finally allowed to check in.  My Air India agent is very apologetic and offers to check my bags all the way through to San Francisco to make transit more convenient.  I am thankful for small mercies at this point.

8 hours later and touchdown…I have made it to Shanghai.  Unsurprisingly, all of the signage is in Chinese, so navigating my way around is not easy.  For the life of me, after much wandering, I cannot find the International Transfer. Eventually I give up and figure, even if I go out through Customs, I can just come back through security in the normal way.  After another long queue, I get to the front of the line at Customs, and the two officials, resplendent in their semi-automatic machine guns, look at my passport, and my ticket, pause, and just shake their head.

That’s all.  Just a shake of the head, and I’m not allowed to pass.

Now I’m panicking.  I’m starting to think of that movie where the guy could not get out of the airport for months. 

I ask why, but their English is just as good my Chinese, ie, non-existent.  I can feel the sweat on forehead, so I’m sure they are starting to think I’m a terrorist or threat to the nation in some way.  And they are mighty big machine guns.

Some feeble gesturing and “sign language” from me doesn’t seem to be helping but at least I’m not being locked up yet.  Eventually one of the officials gets my onward boarding pass to San Francisco, and points at the sign on the wall, which is mainly Chinese but I can make out that it is referring to “24 hours” being the limit you can stay in the country without having a visa.

Now I’m very stressed and very confused.  I’ve given them my onward boarding pass, which shows I’m (hopefully) out of the country in 5 hours…so what could possibly be the issue. More desperate hand waving from me.  The official gets my boarding pass and circles two items:

Departure Date: May 12
Boarding Time: 23:40

and then points to the “24 hour” sign again.  And then … the penny drops.  My flight leaves at 00:30 on May 12, but the boarding pass says “Boarding at 23:40” (which is actually boarding on May 11 for a May 12 flight!), but the Customs person is interpreting this to be late at night on the 12th, which is more than 24 hours…hence violating their entry rules.

So now it’s me drawing pictures of clock hands, and calendars, and departure boards …. and after 10 terrifying minutes, we finally are in agreement – I can indeed pass through and pass back to leave the country !  At this point, I’m still not even sure if I was meant to come through Customs but at least I’m seem to be making some progress. 

It’s at this moment I realise that Friday night is peak hour at Shanghai airport.  Often as travellers, we’re critical of security checks when the queues are long and only a handful of staff are working.  I cannot say this about Shanghai.  They had every single departure check open, and equally as many X-ray machines all going concurrently – perhaps as many as 15.  But it counts for nought when a bazillion people are trying to fly somewhere.  I spent 2 hours in the familiar snake lines going through the standard departure checks and x-ray screening before finally getting to the United departure gate with about 40mins to spare.

The stress finally seems to be over…I sit and relax.  And then…

“Paging Mr Connor McDonald…can you come to the gate desk urgently”

By this point, I’m convinced that I will never be seen again by family and friends.  I trudge up to the desk. 

“We’re sorry sir, but the Air India checkin agent should not have checked your bags through to San Francisco.  As you’ve seen, there is no international transfer in Shanghai – all passengers must retrieve their bags when transferring”.

Well…this explains why I could not find the international transfer….there isn’t one !  And then comes the kicker..

“…So we’ll need to go back through Customs and collect your suitcase and come through security again”

There was long pause at this moment… a long pause where I considered the well being of the person telling me this, and what the implications would be if I were to remove their spleen with the plastic fork I had been eating my salad with Smile

“NNNNNNOOOOOOOOOOOO!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!”  I bellowed at them, knowing that I could no way make it back in time, and moreover, there was no way I was going through the explanations of 24hour clocks again.

The result ?  I did get on my plane and I did land in San Francisco…albeit a day later than originally planned.

The suit case ?  Well… it didn’t.  So the next day, I was back in a taxi, heading out to San Francisco airport to pick up the suitcase that made its own way on its own schedule to San Francisco.

So there you have it.  All of this grief…and why ?  Because I could not read a piece of paper correctly.  I’m not just the village idiot.  I think if you took the village idiot from the all villages, and then made a village of those idiots…then I’d be the village idiot in that village !

So I’m writing this post somewhat as part of my “penance”.  After all, if you can do something as silly as I did, then it only seems an appropriate punishment to share it with one’s peers 🙂

Hack-a-Mongo

Connor McDonald , ,

I was reading an article today about how 10,000+ Mongo installations that are/were openly accessible on the internet have now been captured by ransomware, with nearly 100,000 other instances potentially vulnerable to the same issue.

Now, since I’m an Oracle blogger, you may be inclined to think the post is going to jump on the “bash MongoDB” bandwagon, but it’s not.  I am going to bash  something…but it’s not MongoDB Smile

I’m going to steal a quote from … of all things… Jurassic Park Smile

“Your scientists were so preoccupied with whether or not they could, they didn’t stop to think if they should”

In this age of DevOps, Agility, reactive-this, and responsive-that, there is an understandable desire to have a goal of “deliver fast and often”.  But I’m not attacking the various methodologies and processes out there that espouse the new age of fast and furious delivery.  Because, to my knowledge, none of them ever had a goal of “fast delivery no matter what“…they had a goal of fast and flexible delivery whilst adhering to the unchanging fundamental principle of delivering high quality, secure and robust software.  It may be functionally incomplete, or have compromises in (for example) the user experience, but we never meant to compromise on the core principles.

So when I see stories about MongoDB (or any software technology) being exposed for reasons of poor security, my lament is not for the technology but the part when a developer, or administrator, or manager, or anyone in the chain of processes that skipped an appropriate assessment of security, in effect, playing a game of Russian Roulette with their customer’s personal details.  I don’t think there is even a defence of “ignorance” here, because the moment anything is deployed in an organisation, surely the first question that must be asked either before the deployment, or even in that awkward moment afterwards when you discover something was deployed without your knowledge is … Is it secured?  And if no-one can answer that question, then surely that’s the immediate death knell on that application right there ?

If “hand on heart” a team can claim that security measures are in place, and then these are circumvented, then that’s defensible – perfection in security is such a moving target nowadays.  But it seems a stretch to think that 100,000 Mongo teams out there all did a diligent crack at securing their system before getting all excited about having their application live Sad smile

So if you’re building applications with the latest Micro-agile-internet-of-things-reactive-responsive-Java-scripted-open-source-media-rich-blahblah approach…that’s super cool.  But that’s not a Leave Pass from being responsible when it comes to security.

What you "liked" last year…

Connor McDonald ,

Well…when I say “liked”, what I mean is “the stuff you all clicked on a lot” last year. Whether you liked it or not will remain one of those great mysteries Smile

The top 6 posts from 2016 were:

https://connormcdonald.wordpress.com/2015/11/25/ora-14758-last-partition-cannot-be-dropped/

https://connormcdonald.wordpress.com/2013/01/20/exchange-partition-those-pesky-columns/

https://connormcdonald.wordpress.com/2013/08/26/compressed-partitions-are-not-compressed-tables/

https://connormcdonald.wordpress.com/2014/04/12/pluggable-database-and-restricted-sessions/

https://connormcdonald.wordpress.com/2016/06/09/parsing-no-big-deal-eh/

https://connormcdonald.wordpress.com/2016/03/26/are-your-sql-plus-scripts-going-to-ell/

Nice to see a 12c post in there – 2017 is the year I think most people will be moving to 12c if they have not done so already.

And of course, nice to see a SQL*Plus post in there….I love it when the old simple tools still add value for people.

Thanks for supporting the blog in 2016 … I’ll have stacks more content again for you this year.