sql

Twitter has open-sourced some of the numerous tweaks it has made to MySQL, the database technology that the microblogging site uses to store most of the data generated by its users.

"MySQL is the persistent storage technology behind most Twitter data: the interest graph, timelines, user data and the Tweets themselves," wrote Twitter developers Jeremy Cole and Davi Arnaut on the Twitter engineering blog. "Since we believe in sharing knowledge and that open source software facilitates innovation, we have decided to open source our MySQL work on GitHub under the BSD New license."

The code Twitter'… Read more

Oracle yesterday deployed 78 different security fixes aimed at patching holes throughout its various database products.

As part of the company's January critical patch update, 16 of the 78 fixes were considered critical, meaning they could be exploited remotely. The fixes stretched across much of Oracle's product lineup, including Oracle Database Server, Fusion Middleware, E-Business Suite, Oracle Sun products, MySQL, VirtualBox, and PeopleSoft.

One of the patches addresses a major flaw that could compromise the security of Oracle database systems. Initially researched by InfoWorld, the flaw was shared with Oracle before the tech publication went live with the … Read more

The MySQL site, whose open-source repository serves some of the most popular Web sites, has been hacked and was being used to serve malware to visitors running Windows before it was cleaned up today, a security firm said.

Armorize Chief Executive Wayne Huang and some of his firm's researchers warned about the attack in a blog post today.

MySQL.com acted quickly to remove the malware so computers would stop getting infected, but Huang told CNET he did not know how long site visitors were vulnerable or how many may have been infected. Armorize estimated that MySQL.com gets … Read more

A hacker accessed personal details of Nokia developers in an attack on the Nokia Developer site last week, the phone manufacturer has admitted.

The intrusion resulted in the apparent attacker, pr0tect0r AKA mrNRG, redirecting visitors to the Nokia Developer Community forum to a page berating Nokia for its server security. Yesterday, Nokia told forum members that it had originally believed "only a small number" of their records had been accessed, but it had since revised that analysis.

"Further investigation has identified that the number is significantly larger," Nokia said in an e-mail sent to developers, apologizing … Read more

EnterpriseDB, a provider of enterprise-class products and services based on PostgreSQL, today announced Postgres Plus Cloud Server, which the company has billed as "a full-featured, Oracle-compatible, enterprise-class PostgreSQL database-as-a-service for public and private clouds with support for Amazon EC2, Eucalyptus, Rackspace, and GoGrid."

We've seen other database-as-a-service offerings come on the scene from the likes of Salesforce.com's Database.com, Amazon RDS, as well as from startup Xeround. But they're not based on PostgreSQL, which has had years of hardening and development by a committed community. The other databases are not "Oracle compatible," … Read more

The average Web-based application is hit by a cyberattack once every two minutes, says a report out today by security firm Imperva.

Detailing its findings in its "Web Application Attack Report" (PDF) for July, Imperva found that Web applications are attacked around 27 times per hour. Monitoring the Internet from December 2010 through May 2011, the security firm uncovered and categorized more than 10 million individual attacks targeting both business and government sites.

Automated cyberattacks accounted for a huge number of attempted breaches. The report discovered that attack traffic was characterized by quick spikes of high volumes followed … Read more

Sony's turn as the whipping boy for Internet hackers continued over the weekend. Two hackers posted a list of e-mails they say they took from the Sony Pictures France Web site.

The two hackers who claim responsibility are a Lebanese student who goes by the handle Idahc, and a French friend of his who goes by Auth3ntiq. The two say they copied 177,172 e-mails from the entertainment company's site, but posted only 70 of them on the code-sharing site Pastebin. They say they will not be posting all of the e-mails they found.

Jim Kennedy, Sony Pictures … Read more

Security company Barracuda Networks was itself hit by a security breach over the weekend that exposed certain information from its databases.

An unknown hacker, who apparently took credit for the break-in, launched an attack that exposed a list of Barracuda databases along with the names, phone numbers, and e-mail address of various Barracuda partners.

The attack also uncovered the e-mail addresses of different Barracuda employees along with their passwords. Though the passwords were encrypted, they were done so using a hashing algorithm called MD5, which is considered by many to be a flawed and outdated encryption method.

The attacker grabbed … Read more

On March 3, database vendor EnterpriseDB is set to release the results of its survey conducted at the JavaOne conference last September in San Francisco.

More than 600 IT professionals completed the survey, the results of which provide a bit of insight into community sentiment regarding Oracle's control of open-source projects Java and MySQL.

While opinion polls generally tend to be fairly unscientific--especially when sponsored by rival vendors--the results seem to indicate the IT community is wary of Oracle's plans.

According to the results, 46 percent of respondents believe that open-source projects such as MySQL will stagnate under … Read more