Why Use an Open Source Database? Brilliant Inadvertent Explanation

February 15, 2021

I thought, “Why bother to read ‘Everything You Should Know about the Oracle Database.’” I am delighted that I did. I read the article in The Tech Block twice! The information attempts to explain some of Oracle’s licensing guidelines. The author does a workmanlike job of explaining number of users; for example:

If you create an account for five hundred individuals, and only fifty individuals use it, you still need about five hundred licenses. This means that you’ve got to pay utmost attention to who is accessing the software. In addition, you may require a separate license not only for people but also for devices that directly or indirectly access the database. It’s also essential that you constantly check who needs access and who doesn’t. This will help you not only reduce your risk of exposure but also save you money. Being found contravening Oracle licensing agreements can be very costly. In some extreme cases, organizations have been fined millions of dollars.

The point is Oracle charges for people who don’t use the database. On one hand, this makes sense. Oracle has to do “work” to configure a database to handle users. (Remember the good old days of having to allocate more memory to a table. Ho ho ho. Wait. The good old days are today’s days.)

The write up contains eight more missteps an Oracle customer can trip and break the bean counter’s financial ankles.

Net net: The explanation makes it quite clear why some organizations use open source databases. Perhaps the author did not intend to anti-market Oracle’s database? From my point of view, that is exactly what the information in “Everything You Should Know…” delivers.

Stephen E Arnold, February 16, 2021

Oracle: Looking Like an AARP Magazine Cover Shot

February 9, 2021

Oracle used to be a game changing name in the tech industry, but now it has become an industry standard and, for lack of better terms, old. Oracle might be old, but the company continues to release reliable technology. They recently updated Oracle Database 21c to operate on Oracle Cloud. Channel Life comments on the upgrade consisting of over 200 improvements in the article: “Oracle Releases New Version Of Converged Database.”

One of the top new features for the Oracle Database 21c is the availability of the Oracle APEX Application Development. The Oracle APEX combined with Oracle Cloud offers developers a browser-based, low-code cloud environment to create apps. Other new features include native JSON data type representation, immutable blockchain tables, AutoML for in-database machine learning, persistent memory support, in-database javascript, tiger performance graph models, database in-memory automation, and Sharding automation. Sharding automation is a nifty tool that:

“Native Database Sharding delivers hyperscale performance and availability while enabling global enterprises to meet data sovereignty and data privacy regulations. Data shards share no hardware or software and can reside on-premises or in the cloud. To simplify the design and use of sharding, Database 21c includes a Sharding Advisor Tool that assesses a database schema plus its workload characteristics and then provides a sharded database design optimised for performance, scalability, and availability.  Backup and Recovery across shards is also automated.”

These updates are great refreshers for the Oracle Database 21c. The only problem with some of these features is that AWS added them a few years ago. Does Oracle stand a chance competing against AWS on a factor other than price?

Whitney Grace, February 9, 2021

Oracle: An Interesting Take on the Outfit Once Occupying Dolphin Way

December 30, 2020

The Sea World thing off 101 is history. The weird “aquatorium” has been replaced with glass structures which look like black oat meal boxes on my grandmother’s pantry shelf. Now more insight into the Coddish (not codfish) style database company has been revealed in “When You Can’t Innovate, You Litigate: Oracle Gleefully Takes Credit For Attacks On Section 230 And Google.” The write up explains that Oracle has shifted from technology to litigation and included the catch phrase “When you cannot innovate, litigate.” I like the phrase.

This passage is particularly interesting:

For a while now, people in Silicon Valley have been well aware of Oracle’s reputation as the anti-innovation behemoth, especially following its attack on APIs, interfaces, and how software is developed with the case against Google’s reimplementation of the Java API.


The thing is, Oracle more or less admits that it’s doing this purely out of spite and the fact that it has failed to innovate and keep up with more nimble and innovative competitors. Oracle and Larry Ellison made some big bets early on that flopped. And rather than correct course and innovate, it has focused on what we’ve referred to as political entrepreneurship: lobbying and using the powers of government to shut down competitors, rather than innovate.

There are, however, several other facets of Oracle which can explain the company’s behavior; for instance:

  • The firm’s investment approach using special purpose entities off shore
  • The company’s policy of acquiring companies and allowing them to drift. (I am not sure if this was Oracle’s “invention” or its version of the OpenText approach to gaining revenue and prospects for upselling.)
  • The drift down systemic problem affecting HP, IBM, Intel, and SAP. Oracle is just responding in a “path of least resistance” manner.

Interesting write up, but there’s quite a bit of corporate activity beyond the “let’s litigate” mantra.

Stephen E Arnold, December 30, 2020

Alleged CCP Database: 1.9 Million Entries

December 14, 2020

DarkCyber noted the availability of 1.9 million members of the Chinese Communist Party in 2016. We think we can here “The data are old,” “The data are a scam,” and “That was then, this is now” statements from those listed in the file. The information, which you will have to figure out for yourself, may be on the money or a bit of a spoof. Elaborate spoof, yes. It will help if you can read Chinese or have access to a system which can translate the ideographs into ASCII characters and normalized. Spellings can be variable depending on the translator or the machine translation system one uses. For now, the file is available on Go File at this link.\

Here’s a tiny snippet:

chinese database

Are there uses of the data? Sure, how about:

  • Filtering the list for those individuals in Canada, the UK, and the US and mapping the names against university faculty
  • Filtering the list for graduate students in such countries as Australia, Canada, and France. While you are at it, why not do the same for graduate students in the US
  • Filtering the list for individuals who are or have been part of a cultural or scientific exchange, particularly within driving or drone distance of a US national research laboratory; e.g., University of New Mexico or the University of Tennessee?

The data appear to be at least four years old and may turn out to be little more than a listing of individuals who purchased a SIM from a Chinese vendor in the last 48 months. On the other hand, some of the information may be a cyber confection. DarkCyber finds the circumstances of the data’s “availability,” its possible accuracy, and its available as open source information interesting.

Stephen E Arnold, December 14, 2020

Checking Out Registered Foreign Agents

December 14, 2020

Navigate to https://datasette.io. The Web page explains a service which permits manipulation of structured data. The service seems quite useful. One of the demonstrations makes it possible to explore Datasette functionality by searching for registered foreign agents. This is an interesting demonstration and some of the information returned are quite useful. You can locate the FARA Department of Justice data at this link.

Stephen E Arnold, December 14, 2020

Why Investigative Software Is Expensive

December 3, 2020

In a forthcoming interview, I explore industrial-strength policeware and intelware with a person who was Intelligence Officer of the Year. In that review, which will appear in a few weeks, the question of cost of policeware and intelware is addressed. Systems like those from IBM’s i2, Palantir Technologies, Verint, and similar vendors are pricey. Not only is there a six or seven figure license fee, the client has to pay for training, often months of instruction. Plus, these i2-type systems require systems and engineering support. One tip off of to the fully loaded costs is the phrase “forward deployed engineer.” The implicit message is that these i2-type systems require an outside expert to keep the digital plumbing humming along. But who is responsible for the data? The user. If the user fumbles the data bundle, bad outputs are indeed possible.

What’s the big deal? Why not download Maltego? Why not use one of the $100 to $3,000 solutions from jazzy startups by former intelligence officers? These are “good enough”, some may assert. One facet of the cost of industrial strength systems available to qualified licensees is a little appreciated function: Dealing with data.

Keep Data Consistency During Database Migration” does a good job of explaining what has to happen in a reliable, consistent way when one of the multiple data sources contributes “new” or “fresh” data to an intelware or policeware system. The number of companies providing middleware to perform these functions is growing. Why?

Most companies wanting to get into the knowledge extraction business have to deal with the issues identified in the article. Most organizations do not handle these tasks elegantly, rapidly, or accurately.

Injecting incorrect, stale, inaccurate data into a knowledge centric process like those in industrial strength policeware causes those systems to output unreliable results.

What’s the consequence?

Investigators and analysts learn to ignore certain outputs.

Why? The outputs can be more serious than a flawed diagram whipped up by an MBA who worries only about the impression he or she makes on a group of prospects attending a Zoom meeting.

Data consistency is a big deal.

Stephen E Arnold, December 2, 2020

Facebook Dating Cleared for Launch in EU

November 6, 2020

Facebook has cleared a regulatory hurdle in Europe, meaning it will soon launch its dating service in 32 more countries over a year after going live in the US. An opt-in option within the Facebook app, the service is currently available in 20 countries. Voice of America reports the development in, “Facebook Launches Dating Service in Europe.” The brief write-up reveals:

“The social media company had postponed the rollout of Facebook Dating in Europe in February after concerns were raised by Ireland’s Data Protection Commissioner (DPC), the main regulator in the European Union for a number of the world’s biggest technology firms, including Facebook. The DPC had said it was told about the Feb. 13 launch date on Feb. 3 and was very concerned about being given such short notice. It also said it was not given documentation regarding data protection impact assessments or decision-making processes that had been undertaken by Facebook.”

Facebook Dating’s product manager Kate Orseth assures us that users who create a dating profile can delete it whenever they want without deleting their entire Facebook profile. The service grabs first names and ages from users’ Facebook profiles and does not allow users to edit them. Last names are not displayed, but one can choose to share other personal information right from the main profile. How many users understand how easily AI tech could be used to correlate that information and pinpoint their identities? We advise caution for anyone who chooses to use Facebook Dating, whatever continent one lives on.

Cynthia Murrell, November 6, 2020

Washington Might Crack Down On Mobile Bidstream Data

November 4, 2020

Mobile devices siphon data from users and sell the data to third parties, mostly ad companies, to make a profit. The bidstream is mobile’s dirty secret that everyone knows about and the federal government might finally do something to protect consumers’ privacy says The Drum: “Mobile’s Dirty Little Data Secret Under Washington’s Microscope.”

“Bidstream” is the mobile industry jargon used for data mobile services collect from users then sell. The data is sold to advertisers who bid on ad space in real time exchange for targeted ads. Bidstream data could include demographics, personal hobbies and (even more alarmingly) real time coordinates for consumers’ current location.

The Interactive Advertising Bureau’s (IAB) executive vice president Dave Grimaldi stated that his organization has recently communicated a hundred times more with the federal government about the bidstream than the past two months. There are politicians worried that the bidstream could not only violated privacy, but could lead to deceptive business tactics (and maybe violent actions). There are currently no industry standards or rules from the IAB or the Mobile Marketing Association against bidstreams.

In June 2020, Mobilewalla released demographic information about BLM protestors under the guise of data analysis, while politicians called in surveillance. They want to know if Mobilewalla’s analysis along with the midstream violate the FTC act:

“The FTC won’t say whether it is probing bidstream data gathering, but its chairman did respond to lawmakers. ‘In order to fully address the concerns mentioned in your letter,’ wrote FTC Chairman Joseph Simons in a letter to Wyden obtained by The Drum, ‘we need a new federal privacy law, enforceable by the FTC, that gives us authority to seek civil penalties for first-time violations and jurisdiction over non-profits and common carriers.’… In questions sent separately to Mobilewalla, Senator Elizabeth Warren (D-MA) and other legislators asked the company to provide details of its “disturbing” use of bidstream data.‘Mobilewalla has and will respond to any request received from Congress or the FTC,’ a Mobilewalla spokesperson tells The Drum, declining to provide further detail.”

Those mobile phones are handy dandy gizmos, aren’t they?

Whitney Grace, November 4, 2020

What Does Disappearing Mean?

November 2, 2020

Do messages disappear? A user may not be able to view them, but is it possible that those messages reside in a server, indexed, and ready to analyze? “WhatsApp Disappearing Messages Coming Soon: Everything Explained” does not pursue this line of thinking. The write up states:

You should use disappearing messages only with trusted individuals and groups because the recipient can still take screenshots, forward, or copy disappearing messages before they disappear. Also, if you share a photo, video, or document using disappearing messages, it’ll get deleted from the chat window; if the receiver has auto-download turned on, it’ll be saved to their device.

The article points out: “It’s not a foolproof solution for sharing secrets over the instant messaging platform.”

What if Facebook retains these data? What if these disappearing chats include details about digital currency transactions? How likely is it that certain governments will curtail Facebook’s most recent initiative? Some regulators and enforcement authorities may find value in Facebook’s allegedly deleted messages. With enough value, Facebook is unlikely to explain what “disappearing” means.

What is the solution? Stop using Facebook? No problem.

Stephen E Arnold, November 2, 2020

A Challenge for Federal Records Management

October 6, 2020

Federal agencies are facing a mandate without adequate funding. This is sure to go smoothly. GCN explains why, for these entities, “Records Management Is About to Get Harder.” The White House’s Office of Management and Budget is requiring federal agencies to completely shift to electronic recordkeeping by the end of 2022, after which the National Archives and Records Administration shall accept no new paper records. The directive presents two challenges which overlap: digitizing existing records and providing a process whereby new records are created digitally in the first place. Officials plan to begin at the intersection of those requirements, invoking a Venn diagram. They must be as efficient as they can because, we’re told, Congress is reluctant to loosen purse strings enough to sufficiently fund the project.

The article cites a recent discussion among federal records management specialists regarding the transition. Reporter Troy K. Schneider writes:

“Although agencies’ readiness levels varied widely, most participants said they were on track to meet the M-19-21 deadlines. Yet whether the available tools and resources are sufficient, however, is another matter. ‘There never are enough resources,’ one official said. ‘We’ve got great resources to the extent that we have them,’ referring to the staff and the record schedules that have been developed, but the work will outstrip them — and this year’s telework-driven embrace of collaboration tools has only increased the degree of difficulty….“Complicating that resource challenge in terms of staff and money is the rapidly growing suite of communication tools agencies use. Too often, participants said, the adoption and deployment of those tools is happening before Federal Records Act requirements are accounted for.”

SharePoint and Office 365 are but two examples of software in which agencies have invested much that may not be able to keep pace with current governance needs and a greatly increased cloud-centered user base. One suggestion is to mimic the Continuous Diagnostics and Mitigation Program now used by the Department of Homeland Security and the General Services Administration for their approved product lists, reporting requirements, and cybersecurity funding. Whatever the solution, we’re told:

“Ultimately, the group agreed, fundamentals are more important than specific technologies. ‘What I’ve seen in looking at my compatriots in other agencies is they spent incredible sums of money to deploy a technology,’ one participant said. ‘And those solutions have not been nearly as effective as they have been sold as because some of the fundamentals hadn’t been done — like understanding your record schedule and the organizational and institutional changes around processes and capabilities that really need to be in place to feed the right records.’”

Indeed, rushing to choose a solution before closely examining one’s needs is a recipe for waste and disappointment. Let us hope decision makers think things through and spend the limited funds wisely. If they do not, our nation’s records are bound to become a huge, paperless mess.

Cynthia Murrell, October 6, 2020

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta