Software-creation

Databases on SSD

2011-10-12 17:34:47 +0000

SSD disk are becoming increasingly popular. As they read faster, you might consider running databases such as Oracle DBMS, MySQL or non-sql databases. However, interestingly, originally databases are optimized for tradition hard drives with spinning disks: most importantly: data is read in small chunks, and sequential reads are faster than random reads. I can't remember everything anymore, but I do remember doing calculations on various reading/writing algorithms during my university days.
For SSD's this model doesn't hold anymore: this blog posting shortly explains why: Why theory fails for SSDs There's no difference, if I understand correctly between random reads and sequential reads. However writes are much slower. Also SSD's have to calculate the physical address for every different read or write access. Meaning if you read a different part of the disk continuously, this will be slower then reading in the same pattern again and again.

Of course the theory doesn't fail, but it just doesn't apply to SSD :-).

Read more

Diginotar

2011-09-20 20:58:35 +0000

I just updated my (virtual) server, on which this weblog is running too. The update log was rather interesting this time:

Setting up tzdata-java (2011j-0ubuntu0.11.04) ...
Setting up ca-certificates (20090814+nmu2ubuntu0.1) ...
Updating certificates in /etc/ssl/certs... WARNING: Skipping duplicate certificate brasil.gov.br.pem
0 added, 1 removed; done.
Running hooks in /etc/ca-certificates/update.d....
updating keystore /etc/ssl/certs/java/cacerts...
  does not exist: /etc/ssl/certs/DigiNotar_Root_CA.pem
done.

For those living outside the Netherlands: DigiNotar was a issuer of ssl and pki certificates, similor to Verisign. Their main customer was the Dutch government. Turned out DigiNotar was hacked by Iranian hackers, but not only that, the hack happened a few months ago but they decided not to inform their clients. In the mean time, Dutch governmental communication wasn't as secure as you might hope.
Of course the Dutch government did perform audits on DigiNotar - sort of, they outsourced the audit to the great company PwC, who verified that all of their procedures were correctly written down in Word documents with proper headings and jargon that pleases business consultants (quote from the DigiNotar website: 'Certificering ETSI door PricewaterhouseCoopers  (november 2010 - november 2013) ') Of course they didn't look at the actual software and IT security - why would anyone care about such technical details?

For more information, I found the following timeline.

Read more

Archive

subscribe via RSS