Sorry for replying to my own comment. pushed submit too fast. according to the XE faq:
Any application developed for Oracle Database XE will run completely unchanged with Oracle Database 10g
Standard Edition One, Standard Edition, or Enterprise Edition;
so u can backup a DB created in XE, and restore it on the bigger ones. I still wonder if you can do it the other way around. the importance being that u could then do development on something like a laptop without needing to use another small footprint db like msde, mysql or postgresql.
Can XE handle a backup/restore from a full production enterprise edition version of 10g as long as it falls within usage restrictions (eg. max size 4Gb)? this would be quite handy, as I hate the resource requirements of 10g.
The fact that you are talking about JSP shows how little most people know about Java. MVC frameworks like Struts, Spring, Webwork, etc. have been around for a long time. While PHP seems like a great tool for creating (simpler) websites, no one can deny the maturity and vast amount of libraries that Java has to offer. This is definitely apples to oranges.
Can you install two versions of IE, and run them at the same time? Install or uninstall without rebooting? This has always been the annoying thing about microsoft. They have gotten better with backup/out points, but this is why MS should've been broken up.
definitely, but that's why this purchase makes no sense.
How will ebay leverage this user base? When (not if) ebay raises the prices on skype services, how many customers will they lose? skype's attraction has always been it's price, and it's ease of use. Just curious to see how these will change under ebay.
ultimately, where does ebay see the value in skype, and thus willing to pay the 2.5 - 4.1 bn?
Anyone saying that Americans are stupid or ignorant should read parent's post. (note: I am not American;) This person seems to be very perceptive. Although it's a very socialist point of view, it demonstrates the importance of a strong social net in times of crisis. if you were running for office, I'd vote for u! kudos.
All I'm asking is what the query looked like. You seem to make query optimization some sort of arcane science, when in fact all it could be is that you needed to index a table, structure the query differently, etc. ok, so maybe you've done all that. Did you try running an explain plan? You see none of this is that hard, or requires multiple doctorates to actually understand (or even beautifully engraved plaques for that matter - because so many dbas make one every time they write a query;)
btw, what do you base your customer numbers on? ie. why do you think there are more sql server users than Oracle or Postgres? Remember, access doesn't count!
What nested loop query are you referring to, and have you invested time into performance tuning the query?
You realise that some people invest their whole lives towards this right? they're called dbas and they get paid a crapload to make sure oracle doesn't run queries in "an hour" as you put it
I totally agree. At their core, web services are a common protocol (eg. SOAP) that allow disparate systems to communicate. As far as discoverable services, have the lawyers checked out http://www.uddi.org? in addition, servers such as juddi from apache (and many others) already implement this protocol.
Ultimately though, isn't having "discoverable" services very similar to things like jndi, ldap, and even DNS? what, is amazon gonna patent these as well?!
I hope my American counterparts put an end to this silliness. Surely, Amazon wasn't the first to come up with these ideas, so taking credit for it and being rewarded monetarily seems ridiculous. Monetary reward for a good idea is what a patent is for isn't it?
And just how many times has Hollywood portrayed gun usage in it's legal, legitimate purposes? Does Arnie leave his sawed off shotgun unloaded, and in a locked gun locker in the trunk of his car while he is pursuing enemies he is supposed to eliminate? Do I detect even just a slight hint of product usage promotion there to hurt others?
I do hope at least some Americans realise that this will affect them adversely in the very near future, and more importantly that they will take action. Every other modern nation seems to take it's legal queues from you after all.
Mod parent up. This is definitely a rehash of another "security flaw".
not to mention: "To take advantage of the flaw,...would have to direct a Web user from a malicious site to a genuine, trusted site such as an online bank, in a new browser window. The malicious site would then open a JavaScript dialog box in front of the trusted Web site, and a user might then be fooled into sending personal information back to the malicious site."
how ridiculous is that? I click on a link for viagra, and then a bank that I may or may not have affiliation with pops up asking for my details. I am then dumb enough to enter said details even though I have no idea why my banking site is on the screen?!? that's like saying someone paints a picture of an atm in their window, and I blindly pass them my bank card as well as tell them my pin. why was i there in the first place? no idea, but these popup windows are pretty!
aside from the obvious, "everyone needs to make a living argument", people will find dubious means to enhance their income. the question is: why was this person able to access those details? could the details have been segregated and or secured/encrypted? simple password protection is done on the database by hashing the person's password (one way encrypting). when the person tries to login, the entered password is encrypted as well and both encrypted strings are matched. Couldn't this type of thing be done for other details? maybe segregating those that write the code (including version control access) and those that have access to production data, like customer facing staff, would be a good start.
I wonder if some of the 16% that were lossed moved to somewhere else outside the US, or if they just found a new career?
this makes a difference since this could just mean qualified people go where they make more money (eg. India, China, etc.), and it could just be a "brain drain". after all, these people have to learn programming and best practices from somewhere. You can't learn those things by reading a Gartner Group report;)
I think what the parent is referring to is the fact that business will innovate far quicker in china because they will not get caught up in the ip red tape that is in the US.
I see your point, but I doubt the chinese government are that stupid as to waver foreign investor confidence and "take all their ip" as you say. instead, increased taxation in a profitable business sector is a far more PC and palatable approach.
you see, the US patent law seems to try to protect ideas from being profited on by others, but instead, is being used as a vehicle to stifle invention. take for instance, Kodak vs. Sun over Java. Kodak waits until Sun makes a few $$$, and then sues them for their "patent infringement". what happens the next time someone half intelligent builds something great in their garage? should they search through and interpret every single patent that's been registered before making that invention? no, instead, they will not bother at all. and that's where countries like China will offer a more competitive environment, where the best ideas will survive (because they need to be good in order to!)
Have you ever opened one of these things up? you'll never fit in a CF slot unless you increase the thickness by another 4-5mm. There's barely enough room in there as is!;) don't forget, they'd also have to put in some interface as well
Just replaced my 3G 20GB ipod's battery with a do it yourself kit.
Is this really a 'security vulnerability'?
I would define something like another person being able to access/write to your hard drive, or reading information from your browser cache, history, etc. as a vulnerability.
Getting redirected from some other link is hardly a browser vulnerability. The most secure way of going to your bank's site is by typing the url in manually, using a bookmark/favourite or copying and pasting the link so u know what you're going to. Don't follow some other link from someone else's pages - doesn't sound that difficult to follow.
Just a few comments from a Java developer that has used an old version of hibernate, and hence actually understands what this article is about:
1) Please don't flame the reviewer so much, he's actually done a good job. I personally will buy the book now that he's given the review.
2) Hibernate is a Java based object relational mapping(ORM) tool. ORM deals with the transition on the persistence layer between a database and using the object classes within your program. Where this saves u time is in dealing with type conversions (for instance), but also because with good ORM utilities (like JDO - java data objects) u don't need to write any SQL or stored procs.
but wait, u say, I don't mind writing these! well, when you are dealing with larger projects, it's much easier for a tool to generate the tables or classes for u and just called object.persist() rather than writing lines and lines of code that do essentially the same thing.
3) JDO is an alternative to Hibernate for ORM. unlike Hibernate, JDO is a standard api laid out by Sun, with different providers like kodo. I think the original story goes Gavin King thought JDO sucked so he wrote his own ORM tool.
4) What about performance? Hibernate insist that their product is fast - no objections to the contrary here. Using JDO, most providers optimize their sql to match the database type. On the whole, performance is not bad, but the strengths of these products lie in point (2).
1) "...specially crafted e-mail is forwarded"
- I'm shakin - I never use moz email
2) "by sending an e-mail containing a specially crafted vcard"
- see comment 1
3) "handles POP3 mail communication, can be exploited..."
- this is getting old, and sounds like the same exploit
4) "...exploited by tricking a user on a malicious website to drag a specially crafted javascript link to another window."
- oh yea, I often drag specially crafted javascript links to other windows
5) "Some files installed with the Linux installer..."
- not really a problem on my win xp install
6) "Many files and directories in the Linux install..."
- see above
And here I thought it was going to be a real problem. So let me get this straight - I really have to be careful of... BMPs?!
if IE only has to worry about one O/S, and it still can't get it right, what chance does moz/firebird really have?
before people realise that ie is crap, it will need to hit the pocket book. Wait till your hard drive gets wiped or financial info gets leaked because you are using ie. The sad reality is ie is the majority, and most people don't have the brains(joe consumer) or mindshare (ie. corporates) to switch.
Will this spell the end of open source technologies? Let me explain:
1) Many open source technologies are created to mimic/improve on commercial software (examples I can think of are open office, ogg vorbis, etc)
2) These projects draw inspiration from commercial technology
3) Sometimes the commercial technology is reverse engineered
what next? can BEA sue IBM just because IBM made websphere? (note: I'm not sure which came first, it's just an anology) This is software. The whole point is that I can make what I want to, and you can make what you want to as long as we're not copy/pasting eachother's code and selling it as our own.
ridiculous.
today u can't run linux on the xbox... what's next?
will the next version of windows seek out mozilla, winamp, gaim, etc and remove them from your hard drive because it's a 'security risk'? why don't they take all the mp3s and avi/mpegs while they're at it? honestly, this looks like just the beginning for 'auto-update'. isn't this sort of thing already in win xp?
Slashdot Mirror
Sorry for replying to my own comment. pushed submit too fast. according to the XE faq: Any application developed for Oracle Database XE will run completely unchanged with Oracle Database 10g Standard Edition One, Standard Edition, or Enterprise Edition; so u can backup a DB created in XE, and restore it on the bigger ones. I still wonder if you can do it the other way around. the importance being that u could then do development on something like a laptop without needing to use another small footprint db like msde, mysql or postgresql.
Can XE handle a backup/restore from a full production enterprise edition version of 10g as long as it falls within usage restrictions (eg. max size 4Gb)? this would be quite handy, as I hate the resource requirements of 10g.
The fact that you are talking about JSP shows how little most people know about Java. MVC frameworks like Struts, Spring, Webwork, etc. have been around for a long time. While PHP seems like a great tool for creating (simpler) websites, no one can deny the maturity and vast amount of libraries that Java has to offer. This is definitely apples to oranges.
Can you install two versions of IE, and run them at the same time? Install or uninstall without rebooting? This has always been the annoying thing about microsoft. They have gotten better with backup/out points, but this is why MS should've been broken up.
definitely, but that's why this purchase makes no sense.
How will ebay leverage this user base? When (not if) ebay raises the prices on skype services, how many customers will they lose? skype's attraction has always been it's price, and it's ease of use. Just curious to see how these will change under ebay.
ultimately, where does ebay see the value in skype, and thus willing to pay the 2.5 - 4.1 bn?
Anyone saying that Americans are stupid or ignorant should read parent's post. (note: I am not American ;) This person seems to be very perceptive. Although it's a very socialist point of view, it demonstrates the importance of a strong social net in times of crisis. if you were running for office, I'd vote for u! kudos.
All I'm asking is what the query looked like. You seem to make query optimization some sort of arcane science, when in fact all it could be is that you needed to index a table, structure the query differently, etc. ok, so maybe you've done all that. Did you try running an explain plan? You see none of this is that hard, or requires multiple doctorates to actually understand (or even beautifully engraved plaques for that matter - because so many dbas make one every time they write a query ;)
btw, what do you base your customer numbers on? ie. why do you think there are more sql server users than Oracle or Postgres? Remember, access doesn't count!
What nested loop query are you referring to, and have you invested time into performance tuning the query?
You realise that some people invest their whole lives towards this right? they're called dbas and they get paid a crapload to make sure oracle doesn't run queries in "an hour" as you put it
I totally agree. At their core, web services are a common protocol (eg. SOAP) that allow disparate systems to communicate. As far as discoverable services, have the lawyers checked out http://www.uddi.org? in addition, servers such as juddi from apache (and many others) already implement this protocol.
Ultimately though, isn't having "discoverable" services very similar to things like jndi, ldap, and even DNS? what, is amazon gonna patent these as well?!
I hope my American counterparts put an end to this silliness. Surely, Amazon wasn't the first to come up with these ideas, so taking credit for it and being rewarded monetarily seems ridiculous. Monetary reward for a good idea is what a patent is for isn't it?
And just how many times has Hollywood portrayed gun usage in it's legal, legitimate purposes? Does Arnie leave his sawed off shotgun unloaded, and in a locked gun locker in the trunk of his car while he is pursuing enemies he is supposed to eliminate? Do I detect even just a slight hint of product usage promotion there to hurt others?
I do hope at least some Americans realise that this will affect them adversely in the very near future, and more importantly that they will take action. Every other modern nation seems to take it's legal queues from you after all.
Mod parent up. This is definitely a rehash of another "security flaw".
not to mention: "To take advantage of the flaw, ...would have to direct a Web user from a malicious site to a genuine, trusted site such as an online bank, in a new browser window. The malicious site would then open a JavaScript dialog box in front of the trusted Web site, and a user might then be fooled into sending personal information back to the malicious site."
how ridiculous is that? I click on a link for viagra, and then a bank that I may or may not have affiliation with pops up asking for my details. I am then dumb enough to enter said details even though I have no idea why my banking site is on the screen?!? that's like saying someone paints a picture of an atm in their window, and I blindly pass them my bank card as well as tell them my pin. why was i there in the first place? no idea, but these popup windows are pretty!
aside from the obvious, "everyone needs to make a living argument", people will find dubious means to enhance their income. the question is: why was this person able to access those details? could the details have been segregated and or secured/encrypted?
simple password protection is done on the database by hashing the person's password (one way encrypting). when the person tries to login, the entered password is encrypted as well and both encrypted strings are matched. Couldn't this type of thing be done for other details?
maybe segregating those that write the code (including version control access) and those that have access to production data, like customer facing staff, would be a good start.
I wonder if some of the 16% that were lossed moved to somewhere else outside the US, or if they just found a new career? ;)
this makes a difference since this could just mean qualified people go where they make more money (eg. India, China, etc.), and it could just be a "brain drain". after all, these people have to learn programming and best practices from somewhere. You can't learn those things by reading a Gartner Group report
I think what the parent is referring to is the fact that business will innovate far quicker in china because they will not get caught up in the ip red tape that is in the US.
I see your point, but I doubt the chinese government are that stupid as to waver foreign investor confidence and "take all their ip" as you say. instead, increased taxation in a profitable business sector is a far more PC and palatable approach.
you see, the US patent law seems to try to protect ideas from being profited on by others, but instead, is being used as a vehicle to stifle invention. take for instance, Kodak vs. Sun over Java. Kodak waits until Sun makes a few $$$, and then sues them for their "patent infringement". what happens the next time someone half intelligent builds something great in their garage? should they search through and interpret every single patent that's been registered before making that invention? no, instead, they will not bother at all. and that's where countries like China will offer a more competitive environment, where the best ideas will survive (because they need to be good in order to!)
Hi There,g htly/latest-aviary1.0.1/
this should be what you're looking for:
http://ftp.mozilla.org/pub/mozilla.org/firefox/ni
I'm assuming it's: firefox-1.0.2.en-US.win32.zip
yep, watch all the servers move to outer mongolia. anyone want to set up an ISP out there? ;)
Have you ever opened one of these things up? you'll never fit in a CF slot unless you increase the thickness by another 4-5mm. There's barely enough room in there as is! ;) don't forget, they'd also have to put in some interface as well
Just replaced my 3G 20GB ipod's battery with a do it yourself kit.
Is this really a 'security vulnerability'?
I would define something like another person being able to access/write to your hard drive, or reading information from your browser cache, history, etc. as a vulnerability.
Getting redirected from some other link is hardly a browser vulnerability. The most secure way of going to your bank's site is by typing the url in manually, using a bookmark/favourite or copying and pasting the link so u know what you're going to. Don't follow some other link from someone else's pages - doesn't sound that difficult to follow.
Just a few comments from a Java developer that has used an old version of hibernate, and hence actually understands what this article is about:
1) Please don't flame the reviewer so much, he's actually done a good job. I personally will buy the book now that he's given the review.
2) Hibernate is a Java based object relational mapping(ORM) tool. ORM deals with the transition on the persistence layer between a database and using the object classes within your program. Where this saves u time is in dealing with type conversions (for instance), but also because with good ORM utilities (like JDO - java data objects) u don't need to write any SQL or stored procs.
but wait, u say, I don't mind writing these! well, when you are dealing with larger projects, it's much easier for a tool to generate the tables or classes for u and just called object.persist() rather than writing lines and lines of code that do essentially the same thing.
3) JDO is an alternative to Hibernate for ORM. unlike Hibernate, JDO is a standard api laid out by Sun, with different providers like kodo. I think the original story goes Gavin King thought JDO sucked so he wrote his own ORM tool.
4) What about performance? Hibernate insist that their product is fast - no objections to the contrary here. Using JDO, most providers optimize their sql to match the database type. On the whole, performance is not bad, but the strengths of these products lie in point (2).
there u go. hth.
1) "...specially crafted e-mail is forwarded"
- I'm shakin - I never use moz email 2) "by sending an e-mail containing a specially crafted vcard"
- see comment 1 3) "handles POP3 mail communication, can be exploited..."
- this is getting old, and sounds like the same exploit 4) "...exploited by tricking a user on a malicious website to drag a specially crafted javascript link to another window."
- oh yea, I often drag specially crafted javascript links to other windows 5) "Some files installed with the Linux installer..."
- not really a problem on my win xp install 6) "Many files and directories in the Linux install..."
- see above And here I thought it was going to be a real problem. So let me get this straight - I really have to be careful of... BMPs?! if IE only has to worry about one O/S, and it still can't get it right, what chance does moz/firebird really have?
It's not clear to me why it takes you hours to do anything in tomcat. afaik, unzip it and execute run.sh or run.bat depending on your o/s.
are u using a pentium 100? mozilla is very fast (at least on systems that I use) and cross platform. enough said.
before people realise that ie is crap, it will need to hit the pocket book. Wait till your hard drive gets wiped or financial info gets leaked because you are using ie. The sad reality is ie is the majority, and most people don't have the brains(joe consumer) or mindshare (ie. corporates) to switch.
Will this spell the end of open source technologies? Let me explain:
1) Many open source technologies are created to mimic/improve on commercial software (examples I can think of are open office, ogg vorbis, etc)
2) These projects draw inspiration from commercial technology
3) Sometimes the commercial technology is reverse engineered
what next? can BEA sue IBM just because IBM made websphere? (note: I'm not sure which came first, it's just an anology) This is software. The whole point is that I can make what I want to, and you can make what you want to as long as we're not copy/pasting eachother's code and selling it as our own.
ridiculous.
today u can't run linux on the xbox... what's next?
will the next version of windows seek out mozilla, winamp, gaim, etc and remove them from your hard drive because it's a 'security risk'? why don't they take all the mp3s and avi/mpegs while they're at it? honestly, this looks like just the beginning for 'auto-update'. isn't this sort of thing already in win xp?