Follow me on TwitterNot too long ago, I blogged about importance of getting developers to code parametrized queries instead of using literal values in SQL queries. In this post I urged every DBA to forward an article that talked about SQL injection attacks to their developers. Well, it would not have helped any to send this article to a Ruby on Rails developer because Ruby on Rails does not support parametrized queries. I should say “did not support till today”. Today IBM delivered version 2.0 of the Rails adapter for DB2 and the key future of this new version is support [...]
|
|||||
|
|
I think that every Database Administrator needs to read the article “Opinion: No more excuses for SQL injection attacks” and send it out to every application developer they know. I hate SPAM as much as the next guy but I think it is justified in this case. I am dead serious. We, the database people of all walks of life (DB2, Oracle, SQL Server …), have been talking about the benefits of using parameters in the queries instead of literal values for years. The main message has been “performance”. Most DBMS will perform much better and will use [...] I recently blogged about Oracle killing one of its recent acquisitions a company called Virtual Iron. I posed a question if the same fate awaits MySQL. This proved to be a popular post and there was no shortage of comments. One particular comment identified what the person believes is a shortcoming of DB2: The way DB2 manages users — via the OS — is a large hurdle for people coming from MySql (or any other DBMS for what that matters). DB2 express will never flourish before they provide user management like MySql and MS Sql have. Brad Perkins [...] Arbour Networks knows a thing or two about internet security as their gear is used by most top tier ISPs. They run an interesting internet threat analysis service at http://atlas.arbor.net/. I’ve been watching it for the past couple of weeks. During this time Microsoft SQL Server has consistently been the top attack target. Not only has SQL Server been a consistent target, it has been a target for over 50% of all attacks. SQL Server under attack Now, I don’t want to come across as bashing SQL Server. I am not one of those people who will claim [...] |
|
|||
|
Copyright © 2010 FreeDB2.com - All Rights Reserved |
|||||
