Security

32:11 minutes (14.89 MB)

This week we have a big announcement about Sarah, 3 hosts and an extra special guest.

News
Call for papers for Percona Live: MySQL Conference & Expo 2012 is open until Monday, December 5th. The MySQL Conference & Expo is Tuesday April 10 - Thursday, April 12, 2012 in Santa Clara, CA.

To submit a paper, first register as a speaker at http://www.percona.com/live/mysql-conference-2012/user/register and then go to My Account -> Submit Proposal.

Main content
Previous podcasts about securing MySQL

44:21 minutes (20.46 MB)

We go over the open calls for papers, upcoming conferences, conversations with Oracle, and finish up our 2-part series on MySQL security.

Calls for papers:
Call for papers for Percona Live: MySQL Conference & Expo 2012 is open! They opened it on Friday, September 15th and the call will close on Monday, December 5th. The MySQL Conference & Expo is Tuesday April 10 - Thursday, April 12, 2012 in Santa Clara, CA.

To submit a paper, first register as a speaker at http://www.percona.com/live/mysql-conference-2012/user/register and then go to My Account -> Submit Proposal.

45:32 minutes (21 MB)

News/Feedback
Collaborate Call for papers is open until Sunday October 14th - http://events.ioug.org/p/cm/ld/fid=15
Collaborate is an Oracle Technology and Applications conference put on by IOUG, OAUG and Quest. It is the largest independent Oracle conference, and we are planning on having a one-day track there. Collaborate is at the Mandalay Bay Convention Center in Las Vegas, Nevada from Sunday April 22nd - Thursday 26th, 2012.

Call for papers for Percona Live: MySQL Conference & Expo 2012 is open! They opened it on Friday, September 15th and the call will close on Monday, December 5th. The MySQL Conference & Expo is Tuesday April 10 - Thursday, October 12, 2012 in Santa Clara, CA.

28:15 minutes (13.09 MB)

OSCon Data and OSCon videos
The Technocation youtube playlist, as of the time of this publishing has 18 videos, mostly from OSCon Data, is at http://www.youtube.com/playlist?list=PLE0AEC3980A198DA0

The O'Reilly YouTube playlist, as of the time of this publishing has 84 videos, from OSCon, OSCon Data and OScon Java, is at http://www.youtube.com/playlist?list=93FC98105B19725C

Note: There are no overlaps in the playlists, so that's over 100 videos from the week so far!

This Monday, September 8th, the Boston MySQL User Group broke our 2-month summer hiatus with a presentation on MySQL Views. The slides can be downloaded from http://www.technocation.org/files/doc/2008_09_Views.pdf -- 89 kB, .pdf format. The 199 Mb .flv file can be downloaded at http://technocation.org/node/621/download or played directly in your browser at http://technocation.org/node/621/play. The presentation covers: * Defining views, changing views, deleting views * Using views for column and row level security * Using views for schema abstraction * Simulating check constraints using views * Performance implications * How to find out which tables are views, and information about views * What a materialized view is, and that MySQL does not have them * What makes a view updateable * Problems with updateable views * How views interact with replication

Christine Peterson of Foresight Nanotech Institute asks, "Open Source Physical Security: Can We Have Both Privacy and Safety?" In this OSCon 2008 keynote, Peterson shows how increased security does not have to require loss of privacy. She introduces the concept (quote taken from that official conference description) of: citizen-controlled, privacy-oriented, verifiably limited open source security devices and procedures focused on obtaining and sharing the minimal data required for communities to satisfy the reasonable concerns of their neighbors regarding the possible presence of specific weapons able to affect them directly. The goal is to use decentralized, open source approaches to address legitimate security concerns without impacting personal privacy in other areas. The project does not require government participation. Stream directly online at http://technocation.org/node/604/play or download the 176 Mb .wmv file at http://technocation.org/node/604/download.

Josh Berkus' "Safe Data is Happy Data" (originally entitled "Lock Up Your Data") goes talks about defense in depth -- going beyond firewalls and other "perimeter defense" mechanisms such as middleware and web server tools. Berkus explains "full-stack security" including preventing SQL injection, data abstraction, database permissions, and even what to do after an attack. Stream directly online at http://technocation.org/node/591/play or download the 346 Mb .wmv file at . From the official OSCon description: "While examples will be based on PHP & PostgreSQL, they should be applicable to other platforms."

At the 2008 MySQL User Conference and Expo, Brian Miezejewski gave a workshop on "Securing MySQL for a Security Audit".

I have already blogged about this keynote at http://www.pythian.com/blogs/948/liveblogging-who-is-the-dick-on-my-site. If you are interested in actually seeing the video, the 286 Mb .wmv file can be downloaded at http://technocation.org/videos/original/mysqlconf2008/2008_04_17_panelDick.wmv and played through your browser by clicking the "play" link here. This is not to be missed!