Press "Enter" to skip to content

Day: January 4, 2023

Throwing MRAN a Retirement Party

Umachandar Jayachandran makes an announcement:

In June 2021, we announced that Microsoft Machine Learning Server & Microsoft R Open will be retired on July 1, 2022. In continuation with the retirement process, the Microsoft R Application Network (MRAN) website and CRAN Time Machine will be retired on July 1, 2023.

If you are using MRAN, click through and review the dates so you don’t have the rug pulled out from under you.

Comments closed

2023 Data Professional Survey Results

Brent Ozar busts out the briefcase full of Benjamins:

Are your peers being paid more this year? Are they switching job roles? Are they planning on leaving their companies? To find out, I run a salary survey every year for folks in the database industry. Download the raw data here and slice & dice ’em to see what’s important to you.

As a quick note, however, remember that inflation in the US went up considerably. Inflation wasn’t something we had to factor in from 2017-2021, as it was 1.5-2%. In 2021, it increased to more than 4% and in 2022 was closer to 8-9%, so converting these from nominal (pre-inflation) to real (post-inflation) will help tell the full story.

Comments closed

The Security of TDE

Matthew McGiffen explains one area of limitation with transparent data encryption:

TDE encrypts data stored on the file system, so it should be pretty clear that we are trying to protect ourselves from an attacker who gets access to our files. You would be right in suggesting that shouldn’t be allowed to happen. Access controls should be in place to prevent inappropriate access. The reality though is that sometimes we get hacked and someone is able to work around our access controls. Sometimes backup files are stored offsite with a different organization where we do not control the access. That is why we have encryption – encryption is an extra line of defense. TDE offers no protection however against individuals who have direct access to query the database.

Let’s say someone does get access to our files – does TDE mean we are still sufficiently protected?

My problem with TDE is something Simon McCauliffe wrote about a few years back (Wayback Machine link because the actual site went down in 2020): if you have root-level access to the server, you can ultimately get access to all of the keys to break TDE. I suppose the level of effort involved is high and that will mitigate the risk, but it’s always there.

2 Comments

Testing BIGINT Support in Applications

Michael J. Swart reminds us that it’s not just the database which needs to be able to handle large values:

In the past I’ve written about monitoring identity columns to ensure there’s room to grow.

But there’s a related danger that’s a little more subtle. Say you have a table whose identity column is an 8-byte bigint. An application that converts those values to a 4-byte integer will not always fail! Those applications will only fail if the value is larger than 2,147,483,647.

This post specifically pertains to identity columns but don’t forget those non-identity columns when testing.

Comments closed