UPDATE: register for webinar at
In one month I will be in Berlin presenting a two-day seminar based on the chapters 1, 2, 8, 9, 10 and 11 of my book. The event is organized by DOAG. You can read the full description of the seminar (incl. agenda) here. Just be careful that the spoken language will be German (slides [...]
I travel a lot. Because of that, I use 'hotspots' all over the place. I am connecting through Germany right now and had to sign up for a T-Mobile hotspot. They require you set up an account - to buy a 60 minute pass (I don't really like that, I don't want an account but they make you).
So, I set up my account - username, password - credit card information, etc. Get logged in and immediately receive an email. I've received this email before (because I always have to set up a new account since I can never remember what my 'old' account was) . It was the standard "welcome to T-Mobile" sort of email, but it always contains this (I've written to them before - that is like sending email to a bit bucket, no response, no action). Here is the email (xxxxx represents information I:
From - Fri May 21 09:05:34 2010
X-Apparently-To: email@example.com via 220.127.116.11; Fri, 21 May 2010 00:04:39 -0700
Received-SPF: none (mta1056.mail.mud.yahoo.com: domain of firstname.lastname@example.org does not designate permitted sender hosts)
Authentication-Results: mta1056.mail.mud.yahoo.com from=t-mobile.net; domainkeys=neutral (no sig); from=t-mobile.net; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO wlansmtp.t-mobile.net) (18.104.22.168)
by mta1056.mail.mud.yahoo.com with SMTP; Fri, 21 May 2010 00:04:39 -0700
Received: from kxsnsrg2 (kxsnsrg1 [172.28.76.134])
by wlansmtp.t-mobile.net (Postfix) with ESMTP id 37BDD6716
; Fri, 21 May 2010 09:04:37 +0200 (CEST)
Date: Fri, 21 May 2010 09:04:37 +0200
Subject: T-Mobile welcomes you to your new HotSpot Pass Account
T-Mobile welcomes you to your new HotSpot Pass Account. The password for your
new account is XXXXXXXXX
Yes, that is right, they emailed my password - over unencrypted email, for no apparently good reason at all. Why??? Why would they do this??? What is the point? What is the reason?
Why am I posting this? Well, maybe they'll read or hear about it this way and change it. I found this funny - this is their FAQ:
Is the HotSpot registration (log in) secure?
Yes, because the access details are transmitted in code to the T-Home / T-Mobile HotSpots. The code that is used is SSL. The software for this is integrated into the browser. If this is not the case, you can update your browser. The relevant downloads are available from the browser provider.
By using our HotSpot Manager, which automatically logs onto T-Home / T-Mobile HotSpots, you can be assured that the registration details are only transmitted to a confidential hot spot web portal.
Well, that is not quite true is it. You can also be assured that your password will be transmitted to everyone on the planet in clear text via good old email.
In the year 2010, you would think we'd know better.
They shouldn't be STORING my password let alone EMAILING IT to me. Sigh....
Now I've got some passwords to change, ugh....
The English language is full of irregular verbs, for example: I am hypothesising about possible explanations You are guessing He’s talking rubbish [Back to Philosophy 10] Filed under: humour, Philosophy
Many thanks to those who attended my webcast "Secure Your Database in a Single Day" for IOUG's wecast series. I hope you found it useful. I would highly appreciate if you take a moment to let me know how you felt - good, bad and ugly. Please write to me at email@example.com.
You can find the scripts referenced in the webcast here.
According to the documentation the GET_COMPRESSION_RATIO procedure of the DBMS_COMPRESSION package can be used to assess the impact of different compression options for a given table. In other words, it allows us to find out the expected compression ratio for a given set of data without having to really create a compressed table. The question [...]
I’ve previously published a couple of notes (here and here) about the driving_site() hint. The first note pointed out that the hint was deliberately ignored if you write a local CTAS or INSERT that did a remote query. I’ve just found another case where the hint is ignored – this time in a simple SELECT [...]
Not a tree, actually Just dump. Index dump. Custom index dump with blackjack and hookers (c) Check it out here if you haven’t seen this yet. Filed under: Oracle Tagged: indexes, scripts
When is the last time you looked at the listener logs? Perhaps never. Not a very good idea. Listener logs contain a wealth of information on security events - it shows you the profile of hosts connecting to the database, the programs they are using and attempting to communicate but failed, among other things. But reading the listener logs is not exactly a pleasant experience. A while ago I wrote a series of articles on an online eZine called DBAZine.com on how to create an external table to read the listener logs using simple SQL; but unfortunately DBAZine.com has folded.
I have placed the articles on my website for your reference. As always, I would love to hear from you how you felt about these, stories of your own use and everything in between.
For those who attended my seminars in Shanghai, Beijing, Shenzhen, Kualalampur and Singapore - I thank you very much for taking the time. I sincerely appreciate the gesture and hope that you found them useful.
As I mentioned during the seminars, I would love to hear from you your thoughts - what you liked, didn't like, wanted to learn but didn't, or specific areas you applied in your workplace. Please drop me a line at firstname.lastname@example.org.