MySQL 5.1.47

In addition to the security update, MySQL 5.1.47 is also very important for an additional reason. The InnoDB plugin that ships with this version has been updated to 1.0.8, which is …

MySQL 5.1.47

In addition to the security update, MySQL 5.1.47 is also very important for an additional reason. The InnoDB plugin that ships with this version has been updated to 1.0.8, which is …

MySQL 5.1.47

In addition to the security update, MySQL 5.1.47 is also very important for an additional reason. The InnoDB plugin that ships with this version has been updated to 1.0.8, which is …

Financial services on the go - GlassFish for Fundamo and profit
Alexis recently published a new Adoption Story on how Fundamo uses GlassFish v2 and OpenMQ for its Enterprise Platform. Overview at stories entry, details in questionnaire, and an overview in this earlier short video interview.
We are always interested in more GlassFish adoption stories, both from (non-paying) users and from (paying) customers.   …

Here’s a sneak peek at a video matrix — this is all the videos that include Pythian Group employees at the MySQL conference. I hope to have all the rest of the videos processed and uploaded within 24 hours, with a matrix similar to the one below (but of course with many more sessions).

I gave a presentation today at the MySQL Conference & Expo 2010, titled SQL Injection Myths and Fallacies. Thanks to everyone who came to my talk! I appreciate your interest in learning to develop more secure applications. SQL Injection is a serious threat to web applications, and it's only going to get worse. It's incumbent on you as software developers to learn how to write secure code!My

Requirement 6 of PCI DSS v1.2 states that in order to be compliant, an organization must: “Develop and maintain secure systems and applications” “Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of these vulnerabilities are fixed by vendor- provided security patches, which must be installed by the entities that manage the [...]

Requirement 4 of PCI DSS v1.2 states that we must: “Encrypt transmission of cardholder data across open, public networks” Specifically, “Sensitive information must be encrypted during transmission over networks that are easily accessed by malicious individuals. Misconfigured wireless networks and vulnerabilities in legacy encryption and authentication protocols can be continued targets of malicious individuals who [...]

Requirement 3 of the PCI DSS v1.2 is: “Protect Stored Cardholder Data” As vague as that sounds, the PCI DSS enumerates exactly what that covers: Data Element Storage Permitted Protection Required PCI DSS Req 3.4 Primary Account Number Yes Yes Yes Cardholder Name* Yes Yes No Service Code* Yes Yes No Expiration Date* Yes Yes [...]

Requirement 2 of the PCI DSS v1.2 is: “Do not use vendor-supplied defaults for system passwords and other security parameters” Understanding that we’re limiting the discussion solely to MySQL (OS, Network Devices, and other software will no doubt apply to overall compliance), we can do this easily. The vendor-supplied default MySQL 5.1.43 (they’re similar across [...]