OurSQL Episode 61: Security Blankets, Part 2

We go over the open calls for papers, upcoming conferences, conversations with Oracle, and finish up our 2-part series on MySQL security.

Calls for papers:
Call for papers for Percona Live: MySQL Conference & Expo 2012 is open! They opened it on Friday, September 15th and the call will close on Monday, December 5th. The MySQL Conference & Expo is Tuesday April 10 - Thursday, April 12, 2012 in Santa Clara, CA.

To submit a paper, first register as a speaker at http://www.percona.com/live/mysql-conference-2012/user/register and then go to My Account -> Submit Proposal.

Kscope call for papers is open until Friday, October 28th. Kscope is an Oracle developer conference with a 1-day MySQL track. It will be June 24-28, 2012 at the JW Marriott San Antonio in San Antonio, Texas. Submit your presentation here.

Upcoming events:
MySQL Developer Day London - Tuesday Oct 18th
The MySQL Developer Day is a one-stop shop for you to learn all the essential MySQL skills. This free, one-day seminar, covers everything you need to know to successfully design, develop, and manage your MySQL databases in an efficient and cost-effective manner. You'll also learn the guidelines and best practices in performance tuning and scalability. Oracle’s MySQL experts share their tips and tricks, for free!

Percona Live: London is happening, Monday October 24th - Tuessday October 25th

CouchConf NYC is happening on Monday, October 24th in New York City. CouchConf is a one-day conference focused on Couch NoSQL database technology for web and mobile applications. There will be numerous technology sessions presented by leaders of the Apache CouchDB project and other Couch experts.

IOUG MySQL Council

Server options:
skip-name-resolve -- Blog post about the handshake process and unauthenticated users

Manual page for mysqld_safe wrapper [note: we did talk about this last time, whoops!]

Password hashes: *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 = 'password' and you can search Google for the hash and reverse-engineer the password from the one-way hash.

SQL Injection:
XKCD comic called "Exploits of a Mom" that illustrates SQL injection
A good walkthrough of SQL injection

prepared statement syntax

max-connect-errors and FLUSH HOSTS

Ear Candy
MySQL 5.5 pluggable authenticaton

MySQL 5.5 pluggable auditing

Where you can see us
Sarah Will be at Linux Con EU from Wednesday October 26 - until Friday October 28, 2011 · Clarion Congress Hotel · Prague, Czech Republic speaking about IRL: How Geeks Undermine Their Presentations & Conversations With Body Language

November Seattle MySQL User Group ( http://www.meetup.com/seattlemysql/ ) on Mon Nov 7th from 7 - 9 pm 10 at 7:00 PM where Ari Weil, Product Manager of Akiban Technologies will present: "Renormalize - Solving Performance Problems in MySQL Without Denormalization".

Boston MySQL User Group on Monday, November 14th at 7:00 PM where Mike Frank of Gazzang will present "MySQL Encryption".

Facebook group
e-mail: podcast at technocation.org
voicemail using phone/Skype: +1-617-674-2369
twitter: @oursqlcast
or Tweet about @oursqlcast