If you are using hand-rolled SQL, most MySQL queries will execute on Postgres without much modification. However, MSSQL will be vastly different.
For example, look at these ugly MSSQL queries with explicit locking, which you will probably have to use as developers and DBAs can't seem to agree on a standard isolation mechanism:
SELECT COUNT(UserID) FROM Users WITH (NOLOCK) WHERE Username LIKE 'foobar'
and
UPDATE Users WITH (ROWLOCK) SET Username = 'fred' WHERE Username = 'foobar'
Also, there is no LIMIT / OFFSET keywords in MSSQL, you have to do crazy shit like:
WITH results AS (
SELECT
rowNo = ROW_NUMBER() OVER( ORDER BY columnName ASC )
, *
FROM tableName ) SELECT * FROM results WHERE rowNo between (@pageNumber-1)*@pageSize+1 and @pageNumber*@pageSize
Postgres is highly tunable, but the defaults (that ship with many OSes) are for small footprints. This is an older document, but still relevant with explanations and the annotated config guide (bottom of page). Throw 8 cores and 16GB ram at Postgres, tweak the conf a tiny bit, and the feature set and performance will surprise you.
There's no reason to use MSSQL unless all of your development and applications are on Windows, and your development team can't use anything other than their IDEs in a limited way. Once you start using Postgres, and realize the power behind it, you'll never want to use anything else.
If, for some strange reason, your company wants to spend money and buy DB support, go for a commercial vendor of postgres. Enterprise DB has some nice management features: http://www.enterprisedb.com/products/index.do
In theory, you can write a unit test to cover anything and everything you want. In practicality, the amount of code to perform expansive unit tests quickly dwarfs the amount of code in the product you are testing.
Like the summary said, the old attack didn't work exactly, it had to be tweaked slightly. Even if you had a unit test for this situation, it most likely would have passed (meaning the test exploit would fail).
If the developers set out to create an API, protocol, or specification, and then simultaneously released an initial implementation, this might be less of a big deal.
Take XMPP for example. It is a specification, and there are many implementations to choose from to run a Jabber server. Different languages, platforms, and features are up to the user to choose.
A well documented API, supplemented by buggy code, would be best. If you don't want to hack Ruby, implement the spec in your language of choice.
I'm using the Lightning extension for Tbird 3, on x86_64. Works great for those pesky Exchange calendar announcements. I accept/deny, choose whether to email a response or not, and it alerts me when the event happens. You can sync calendars over webdav.
Noscript users must temporarily allow adobe.com as well. (But at least you don't need to allow real cookies for either domain.)
You can set the flash plugin to not store any data, but it sure gets annoying on some sites when the volume controls don't work. You can also set it to ask, but it's even more annoying to try and hit the "cancel" button 15 times with choppy video behind it.
The examples given by others in the thread so far have been relational database driven.
But you raise a good point to use an application's cache instead of hitting the DB. The bummer is that you need a shared/global cache (or separate app) for all of your app-servers to hit against.
The gain is when you need to restart the entire application (say major code deployment), you only need to _not_ persist the cache to disk, which is a lot easier than cleaning all the locks out of the DB.
Still, having no locks and gracefully failing or merging near-concurrent updates seems simpler and scalable.
Why not design a user workflow that avoids synchronization issues?
Agreed. With many clients, dealing with hundreds of open locks at a time, as well as those same hundreds of rows being updated by ajax every 10s seems like a nightmare to manage. If you have single-master, multi-slave database replication, it seems like ajax polling for an updated timestamp on the record should be sufficient, and/or handling the cases you described in (1) and (2) above.
3.5 performs better than 3.0 for me too (x86_64). What I have noticed the most is memory usage. I have the same extensions installed with 3.5, and I open the same number of tabs, and browse for a "normal" amount of time, say 3 days, and resident memory seems to peak at 250-350 MB. Whereas with 3.0, my resident memory is never less than 500-750MB over the same period of time.
My heaviest extensions are TabKit (yay groups of tabs on the side!) and NoScript.
I used to have to restart 3.0 every 5-7 days or so when resident memory would exceed 1GB. I can leave 3.5 running for 2+ weeks.
AMF Bowling sucks the oil off a bowling ball. I got the game as I hoped it would be superior to the Sports bowling, but it wasn't. Not any mini-games like the strike practice with lots of pins. Also takes forever to just get to the bowling action, and the replays are terrible. I just want to see a close-up replay of my line so I know how to adjust my next shot- just like real bowling. (Some alleys have a fixed replay camera; and real life is always more detailed.)
Perhaps the new remote sensor could help- anyone know if it helps old games or do games have to be programmed for the enhanced sensor?
Reloading a zone is fine when you've changed an existing zone.
However, you must do a reconfig for bind to see new zones. (e.g. a list of zones is included from named.conf) Unfortunately, doing a full reconfig on > 120,000 zones takes awhile. (A few minutes at least)
But yeah, on a simple setup like yours, stick with ssh. You don't have to setup rndc keys, and you keep your configs much simpler, hence bind is more secure. And a reconfig happens in seconds with only a few hundred zones.
Reloading a zone is fine when you've changed an existing zone. I do this via: rndc reload ${zone} on the hidden master which sends notifies to the slaves.
However, you must do a reconfig for bind to see new zones.
Copying zone files over ssh means you then have to rndc reload/reconfig every time you change a single A record.
With a "normal" hidden master + slaves setup, at least you can send Notifies which will cause the slaves to query the master and update the zone without a reload. Also, this is the only sane way to provide secondary DNS for a trusted third party.
If you have a lot of zones, it can take a while to reload bind. If you only have a handful of zones, and you don't do secondary DNS, I'm sure reloading is quick.
Height wasn't something that was that useful until relatively recently, in fact for a long time it was probably more of a liability than a benefit.
Also think about long legs for running, height advantages on the battlefield like leverage and bearing down on your opponent. Even though this study is modern, it appears that having taller relative height garners respect.
Lots of projects have links to deb packages that install their GPG key and their PPA, after which you can see them in Synaptic, but this still isn't any guarantee. About the only thing you can do is be careful which groups you install keys and PPAs from.
I'm curious if anyone thinks the "web of trust" around signing other GPG keys could work here. The idea being that more trustworthy PPA members would have their keys signed by many others, while less reputable PPA members would have limited key signatures. This would essentially be a rating system of trust for PPAs.
I know when I use add a new PPA, I try and do a bit of research (e.g. find a lot of links to, or comments about, the PPA) that makes me feel better about trusting some third party binary.
Re:WebDav vs SSHFS benchmarks
on
R.I.P. FTP
·
· Score: 1
A simple test you can perform: time the copy of a large file over WebDav via HTTPS vs an SCP transfer using the same client+host. (Beware using putty or filezilla on windows as it's slow; at least compared to scp from linux to linux)
WebDav makes sense for subversion as it's built that way, so your other repository users will expect it. But for a plain remote file system, webdav may not be the best for you.
These servers proxy the real www.google.com to strip out some functionality that opendns found particularly offensive...
What? That doesn't make any sense. They only appear to proxy the first page, enough to capture what you type in the search box.
Lets examine the evidence: $ dig @resolver1.opendns.com www.google.com A www.google.com. 30 IN CNAME google.navigation.opendns.com. google.navigation.opendns.com. 30 IN A 208.67.216.231 google.navigation.opendns.com. 30 IN A 208.67.216.230
Notice anything different in the footer? Say the link that says Go to Google.com
There may be a good faith relationship between OpenDNS and Google, but it still means that OpenDNS is proxying your queries! Thus tracking your search queries.
It appears OpenDNS never responded to the many questions on their own forum
DNS redirection is bad, and proxying to collect information is evil. Both methods are employed by scammers and phishers.
I guess IF other non-electrical energy sources could be converted to electricity, then this could work. Pretty close to impossible, but some people are trying.
researchers found that wind energy could not only supply all of the world's energy requirements, but it could provide over forty times the world's current electrical consumption and over five times the global use of total energy needs.
So which is it? Forty times or five times the world/globe's current energy use?
Slashdot Mirror
If you are using hand-rolled SQL, most MySQL queries will execute on Postgres without much modification. However, MSSQL will be vastly different.
For example, look at these ugly MSSQL queries with explicit locking, which you will probably have to use as developers and DBAs can't seem to agree on a standard isolation mechanism:
SELECT COUNT(UserID) FROM Users WITH (NOLOCK) WHERE Username LIKE 'foobar'
and
UPDATE Users WITH (ROWLOCK) SET Username = 'fred' WHERE Username = 'foobar'
Also, there is no LIMIT / OFFSET keywords in MSSQL, you have to do crazy shit like:
WITH results AS (
SELECT
rowNo = ROW_NUMBER() OVER( ORDER BY columnName ASC )
, *
FROM tableName
)
SELECT *
FROM results
WHERE rowNo between (@pageNumber-1)*@pageSize+1 and @pageNumber*@pageSize
Source: http://stackoverflow.com/questions/187998/row-offset-in-ms-sql-server
You will soon realize that the Express version is super-limited (4GB max size, 1 GB ram, 1 core, no replication, etc.)
Source: http://www.microsoft.com/sqlserver/2005/en/us/compare-features.aspx
Postgres is highly tunable, but the defaults (that ship with many OSes) are for small footprints. This is an older document, but still relevant with explanations and the annotated config guide (bottom of page). Throw 8 cores and 16GB ram at Postgres, tweak the conf a tiny bit, and the feature set and performance will surprise you.
Tune Postgres: http://www.varlena.com/GeneralBits/Tidbits/perf.html
There's no reason to use MSSQL unless all of your development and applications are on Windows, and your development team can't use anything other than their IDEs in a limited way. Once you start using Postgres, and realize the power behind it, you'll never want to use anything else.
If, for some strange reason, your company wants to spend money and buy DB support, go for a commercial vendor of postgres. Enterprise DB has some nice management features: http://www.enterprisedb.com/products/index.do
In theory, you can write a unit test to cover anything and everything you want. In practicality, the amount of code to perform expansive unit tests quickly dwarfs the amount of code in the product you are testing.
Like the summary said, the old attack didn't work exactly, it had to be tweaked slightly. Even if you had a unit test for this situation, it most likely would have passed (meaning the test exploit would fail).
If the developers set out to create an API, protocol, or specification, and then simultaneously released an initial implementation, this might be less of a big deal.
Take XMPP for example. It is a specification, and there are many implementations to choose from to run a Jabber server. Different languages, platforms, and features are up to the user to choose.
A well documented API, supplemented by buggy code, would be best. If you don't want to hack Ruby, implement the spec in your language of choice.
VrrrrrWhooosh!
(That's the "sound" of a TIE fighter flying over your head, in space.)
I'm using the Lightning extension for Tbird 3, on x86_64. Works great for those pesky Exchange calendar announcements. I accept/deny, choose whether to email a response or not, and it alerts me when the event happens. You can sync calendars over webdav.
Here is the link to the x86_64 version, it is buried at the bottom of this page.
What do you mean by the following?
as we grew we knew that we would reach the limit of PostgreSQL
and:
we looked to including other databases like Teradata for data warehousing
How did you reach a "limit" of Postgres? Also, Teradata is built on Postgres.
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
Noscript users must temporarily allow adobe.com as well. (But at least you don't need to allow real cookies for either domain.)
You can set the flash plugin to not store any data, but it sure gets annoying on some sites when the volume controls don't work. You can also set it to ask, but it's even more annoying to try and hit the "cancel" button 15 times with choppy video behind it.
The examples given by others in the thread so far have been relational database driven.
But you raise a good point to use an application's cache instead of hitting the DB. The bummer is that you need a shared/global cache (or separate app) for all of your app-servers to hit against.
The gain is when you need to restart the entire application (say major code deployment), you only need to _not_ persist the cache to disk, which is a lot easier than cleaning all the locks out of the DB.
Still, having no locks and gracefully failing or merging near-concurrent updates seems simpler and scalable.
Why not design a user workflow that avoids synchronization issues?
Agreed. With many clients, dealing with hundreds of open locks at a time, as well as those same hundreds of rows being updated by ajax every 10s seems like a nightmare to manage. If you have single-master, multi-slave database replication, it seems like ajax polling for an updated timestamp on the record should be sufficient, and/or handling the cases you described in (1) and (2) above.
CtrlTab extension switches graphically while using a keyboard, if that's what you mean.
I love being able to ctrl-tab back and forth between two recent tabs. Much easier than opening a new window and dragging tabs in order to use alt-tab.
3.5 performs better than 3.0 for me too (x86_64). What I have noticed the most is memory usage. I have the same extensions installed with 3.5, and I open the same number of tabs, and browse for a "normal" amount of time, say 3 days, and resident memory seems to peak at 250-350 MB. Whereas with 3.0, my resident memory is never less than 500-750MB over the same period of time.
My heaviest extensions are TabKit (yay groups of tabs on the side!) and NoScript.
I used to have to restart 3.0 every 5-7 days or so when resident memory would exceed 1GB. I can leave 3.5 running for 2+ weeks.
AMF Bowling sucks the oil off a bowling ball. I got the game as I hoped it would be superior to the Sports bowling, but it wasn't. Not any mini-games like the strike practice with lots of pins. Also takes forever to just get to the bowling action, and the replays are terrible. I just want to see a close-up replay of my line so I know how to adjust my next shot- just like real bowling. (Some alleys have a fixed replay camera; and real life is always more detailed.)
Perhaps the new remote sensor could help- anyone know if it helps old games or do games have to be programmed for the enhanced sensor?
Try the snapshot from the summary link.
Published on 2009-06-18
Reloading a zone is fine when you've changed an existing zone.
However, you must do a reconfig for bind to see new zones. (e.g. a list of zones is included from named.conf) Unfortunately, doing a full reconfig on > 120,000 zones takes awhile. (A few minutes at least)
But yeah, on a simple setup like yours, stick with ssh. You don't have to setup rndc keys, and you keep your configs much simpler, hence bind is more secure. And a reconfig happens in seconds with only a few hundred zones.
Reloading a zone is fine when you've changed an existing zone. I do this via: rndc reload ${zone} on the hidden master which sends notifies to the slaves.
However, you must do a reconfig for bind to see new zones.
Copying zone files over ssh means you then have to rndc reload/reconfig every time you change a single A record.
With a "normal" hidden master + slaves setup, at least you can send Notifies which will cause the slaves to query the master and update the zone without a reload. Also, this is the only sane way to provide secondary DNS for a trusted third party.
If you have a lot of zones, it can take a while to reload bind. If you only have a handful of zones, and you don't do secondary DNS, I'm sure reloading is quick.
Height wasn't something that was that useful until relatively recently, in fact for a long time it was probably more of a liability than a benefit.
Also think about long legs for running, height advantages on the battlefield like leverage and bearing down on your opponent. Even though this study is modern, it appears that having taller relative height garners respect.
Wait- so is the increase in performance due to software (Windows 7) or hardware (new HDD)?
Could you please clarify how you performed your tests?
Lots of projects have links to deb packages that install their GPG key and their PPA, after which you can see them in Synaptic, but this still isn't any guarantee. About the only thing you can do is be careful which groups you install keys and PPAs from.
I'm curious if anyone thinks the "web of trust" around signing other GPG keys could work here. The idea being that more trustworthy PPA members would have their keys signed by many others, while less reputable PPA members would have limited key signatures. This would essentially be a rating system of trust for PPAs.
I know when I use add a new PPA, I try and do a bit of research (e.g. find a lot of links to, or comments about, the PPA) that makes me feel better about trusting some third party binary.
Well, here are some benchmarks:
http://jamiew.tumblr.com/post/382844/macfuse-sshfs-vs-webdav-benchmarks
Obviously blocksize makes a difference.
A simple test you can perform: time the copy of a large file over WebDav via HTTPS vs an SCP transfer using the same client+host. (Beware using putty or filezilla on windows as it's slow; at least compared to scp from linux to linux)
WebDav makes sense for subversion as it's built that way, so your other repository users will expect it. But for a plain remote file system, webdav may not be the best for you.
Um, this concerns me quite a bit:
These servers proxy the real www.google.com to strip out some functionality that opendns found particularly offensive...
What? That doesn't make any sense. They only appear to proxy the first page, enough to capture what you type in the search box.
Lets examine the evidence:
$ dig @resolver1.opendns.com www.google.com A
www.google.com. 30 IN CNAME google.navigation.opendns.com.
google.navigation.opendns.com. 30 IN A 208.67.216.231
google.navigation.opendns.com. 30 IN A 208.67.216.230
$ whois 208.67.216.231
OrgName: OpenDNS, LLC
Now visit both:
http://208.67.216.231/
http://www.google.com/
Notice anything different in the footer? Say the link that says Go to Google.com
There may be a good faith relationship between OpenDNS and Google, but it still means that OpenDNS is proxying your queries! Thus tracking your search queries.
It appears OpenDNS never responded to the many questions on their own forum
DNS redirection is bad, and proxying to collect information is evil. Both methods are employed by scammers and phishers.
The comments on slashdot might take more screen real estate, but they're much easier on the eyes (when the CSS mostly works).
The Daily Kos' narrow column of constrained text makes it painful to sift through many comments.
Their page loads do seem faster, but that's probably due to a simpler DOM (and feature set).
I see...
I guess IF other non-electrical energy sources could be converted to electricity, then this could work. Pretty close to impossible, but some people are trying.
researchers found that wind energy could not only supply all of the world's energy requirements, but it could provide over forty times the world's current electrical consumption and over five times the global use of total energy needs.
So which is it? Forty times or five times the world/globe's current energy use?
easier to understand: perl
This particular grouping of words should not ever be used outside the privacy of your own home...
Unless you are wanting to do some Practical Extracting and Reporting (with a programming language)