Recent Articles:

MidnightDBA at SQL Saturday Houston – May 10

sqlsat308_webSean and I will be speaking at SQL Saturday Houston on May 10, at

San Jacinto College – South Campus
13735 Beamer Rd. Building 12
Houston, TX 77089

We have three sessions between the two of us:

Remember that SQL Saturday events are FREE. Sign up today, learn things, get swag.

Happy days,
Jen McCown
http://www.midnightdba.com/Jen

The Week in Awesome

April 11, 2014 Fluffy Stuff, News No Comments

awesomeThis week in awesome:

Pick up a copy of PowerShell Deep Dives and support Save the Children, “an international non-governmental organization that promotes children’s rights, provides relief and helps support children in developing countries” (quote source: Wikipedia). PowerShell Deep Dives “is a compilation of PowerShell nuggets you won’t find anywhere else. Chapters were contributed by MVPs, leaders in the PowerShell community as well as Microsoft specialists.” Thanks for the heads up, Jeff! (As long as you’re feeling educational and charitable, pick up a copy of TribalSQL, which benefits Computers 4 Africa.)

A Smithsonian article, The Accidental History of the @ Symbol, covers the @ symbol’s wine-related origins, and rise from obscurity in 1971, due entirely to the invention of email. A big thanks to Arpanet’s Ray Tomlinson for the very best in shift-2 technology. (Via Grant Fritchey)

InfoWorld published a slideshow by Sean, “10 great new features in SQL Server 2014“, to accompany his great article on SQL Server 2014.

It’s possible that lightening comes from space, sort of. We know a lot about lightening, but “scientists have yet to find a way to explain how storm clouds build up enough extra charge to electrically illuminate the sky,” according to PhysicsCentral.com.  Thanks to the site for a good article on the question and the experiment.  (But, fie on them for their stupid electricity pun in the title.) (Via BoingBoing.)

I’m just a teensy bit behind the curve: it turns out that SQL Server 2012 introduced easy zoom functionality in SQL Server Management Studio (SSMS). Is this why there’s been slightly less screaming about Zoomit at events lately?

I tend to like people who play with language (better, if they’re doing it intentionally). And so I very much like Jenny “the Bloggess” Lawson. Here’s a recent post: Because if there’s one thing we need more of in my neighborhood, it’s fire.

For a good time, run #Powershell and enter
get-help about_*
Then explore.
-me

Sinfest is a favorite web comic. This week had an especially good strip: Bondage Puppet.

For LOLz: Pleash shtate your bishnesh.

Grant Fritchey is trying out a new Microsoft, er, venture/idea/thingy called “Curah!“* It’s apparently a focused bloglike arena for “curating” groups of links. He explains it better than I’m willing to, but I mostly find this interesting because Grant (and the people who commented on his blog) find it interesting. Awesomely interesting, if you will.

Led Zepplin got a LOUSY review of their first album from Rolling Stone Magazine in 1969. Out of this, I will take the moral: never read the comments. Highlights:

  • “…a writer of weak, unimaginative songs”
  • “…might have been ideal for a Yardbirds’ B-side”
  • “…prissy Robert Plant’s howled vocals”
  • “…strained and unconvincing shouting (he mauy be as foppish as Rod Stewart, but he’s nowhere near so exciting, especially in the higher registers)”

“Get me a secure line,” he barked. Then he waited 2 days for an appointment.

Dear new Tweeters: If you want something from others, make sure your account profile is filled out.  Avatar, too.  Don’t look like a spammer
- @datachick

PluralSight has purchased a media software training company. So, now Pluralsight has media training, which is kind of awesome for those with a subscription.

It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly; who errs, who comes short again and again, because there is no effort without error and shortcoming; but who does actually strive to do the deeds; who knows great enthusiasms, the great devotions; who spends himself in a worthy cause; who at the best knows in the end the triumph of high achievement, and who at the worst, if he fails, at least fails while daring greatly, so that his place shall never be with those cold and timid souls who neither know victory nor defeat.
-Theodore Roosevelt, The Man in the Arena (of the Citizenship in a Republic speech, 1910)

Want more? Join us Friday nights at 11pm Central for DBAs@Midnight, the only live weekly webshow for DBAs, by DBAs.

Happy days,
Jen

 

*Soon to be rebranded CloudCurate, I’m sure.

Heartbleed bug: immediate security threat for both IT, and consumer sites and services

Heartbleed_svg

This is bad, mm’kay?

“An encryption flaw called the Heartbleed bug is already being called one of the biggest security threats the Internet has ever seen. The bug has affected many popular websites and services — ones you might use every day, like Gmail and Facebook,” says this Mashable article.

This thing MUST be serious; it has its own domain – http://heartbleed.com/

On the consumer side

In short, take a look at the list of sites affected on the Mashable list, and run change your passwords now-now-now. It wouldn’t hurt to pay attention to your bank and credit card statements for the next, oh, forever, as this vulnerability “could have quietly exposed your sensitive account information …over the past two years“. Emphasis mine.

I’ve run right out and changed my Twitter, Dropbox, Pinterest, Gmail, YouTube, and half a dozen other passwords (now that the underlying systems are patched). Go thou, and do likewise.

In the IT sphere

Pingsense.com says “If you are running Linux and are using SSL could be affected by this issue and should upgrade to a fixed version as soon as possible.” OpenSSL.com reports “Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS.”

There are some Amazon AWS Services vulnerabilities I want to draw your attention to them, in case your company has any Amazon AWS in the works (or any customers with Amazon AWS).

We at least don’t have to worry about Azure. “Windows comes with its own encryption component called Secure Channel (a.k.a. SChannel), which is not susceptible to the Heartbleed vulnerability.” (Via MSDN.)

Microsoft Account and Microsoft Azure, along with most Microsoft Services, were not impacted by the OpenSSL vulnerability. Windows’ implementation of SSL/TLS was also not impacted.

This is by no means a comprehensive list of the dangers and impacts of this virus. I will add to this article as I find out more information.

Feel free to copy this article for your own blog, publication, or press release, as long as you link back to this site. I’m all about the creative commons share-alike attribution!

Further reading

Thanks to @sqlagentman, Mashable.com and others for spreading the word.

- Jen McCown

Heartbleed: So bad, it has its own XKCD.

Make that, two XKCDs.

 

MidnightSQL Consulting

Need help? Got an emergency? Write us at Support@MidnightDBA.com!

We can schedule time to help with your backup/restore issues, high availability and disaster recovery setup, performance problems, and a great deal more. Very often, we're even available on the moment for downtime issues and emergencies.

For more information about MidnightSQL consulting, email us or check out www.MidnightSQL.com. Happy days!

Where are We?

April 14: Oklahoma City SQL UG's 5th Anniversary
April 28-30: Powershell Summit in Bellevue, WA
May 10: SQL Saturday Houston
August 2: SQL Saturday Baton Rouge (planned)
August 22-23: SQL Saturday Oklahoma City Precon!

Blog Posts by Category

DBAs@Midnight

How to Eat Pop-tarts
Watch DBAs@Midnight live on Fridays,m 11pm Central time

The best database career advice you’ve never heard!

DBARoadmap.com

The DBA Roadmap Seminar is 7 MP3 tracks (over 5 hours!) of insider guidance on your database career. We'll teach you how and what to study as a DBA, weigh in on controversial resume debates, teach you to recognize a worthy recruiter, and discuss the new professionalism of interviews. Also some bonus materials, PDF companion guides, and really spiffy intro music!

Once your $99 PayPal payment is submitted, you'll get the download link in e-mail! (Download is a 370Mb ZIP file.)

Become a DBA. Become a BETTER DBA. Use the Roadmap.

Visit www.DBARoadmap.com for info, forums, and more!

Add to Cart View Cart

Cunningham’s Law

"The best way to get the right answer on the Internet is not to ask a question, it's to post the wrong answer."
Relevant: http://xkcd.com/386/