MySQL 8.0 release

MySQL 8.0 has been released and it brings the following new features, enhancements, and more:

  1. SQL Window functions, Common Table Expressions, NOWAIT and SKIP LOCKED, Descending Indexes, Grouping, Regular Expressions, Character Sets, Cost Model, and Histograms.
  2. JSON Extended syntax, new functions, improved sorting, and partial updates. With JSON table functions you can use the SQL machinery for JSON data.
  3. GIS Geography support. Spatial Reference Systems (SRS), as well as SRS aware spatial datatypes,  spatial indexes,  and spatial functions.
  4. Reliability DDL statements have become atomic and crash safe, meta-data is stored in a single, transactional data dictionary. Powered by InnoDB! 
  5. Observability Significant enhancements to Performance Schema, Information Schema, Configuration Variables, and Error Logging.
  6. Manageability Remote management, Undo tablespace management, and new instant DDL.
  7. Security OpenSSL improvements, new default authentication, SQL Roles, breaking up the super privilege, password strength, and more.
  8. Performance InnoDB is significantly better at Read/Write workloads, IO bound workloads, and high contention “hot spot” workloads. Added Resource Group feature to give users an option optimize for specific workloads on specific hardware by mapping user threads to CPUs.

Distributed architecture concepts I learned while building a large payments system

Gergely Orosz, an engineer who worked at Uber on the large scale payments system used by the company, shares some of the distributed architecture concepts he had to learn in the blog post titled “Distributed architecture concepts I learned while building a large payments system“.

The article is very well written and easy to follow. But it’s also a goldmine of links to other resources on the subject.  Here’s a list links and concepts for a quick research and/or click-through later:

Registry of Open Data on AWS

AWS News Blog covers the Registry of Open Data on AWS:

Almost a decade ago, my colleague Deepak Singh introduced the AWS Public Datasets in his post Paging Researchers, Analysts, and Developers. I’m happy to report that Deepak is still an important part of the AWS team and that the Public Datasets program is still going strong!

Today we are announcing a new take on open and public data, the Registry of Open Data on AWS, or RODA. This registry includes existing Public Datasets and allows anyone to add their own datasets so that they can be accessed and analyzed on AWS.

Currently, there are 53 data sets in the registry.  Each provides a tonne of data.  Subjects vary from satellite imagery and weather monitoring to political and financial information.

Hopefully, this will grow and expand with time.

Get Started with Blockchain Using the new AWS Blockchain Templates

One of the greatest things about the Amazon AWS services is that they save a tonne of time on the reinventing the wheel.  There are numerous technologies out there and nobody has the time to dive deep, learn, and try all of them.  Amazon AWS often provides ready-made templates and configurations for people who just want to try a technology or a tool, without investing too much time (and money) into figuring out all the options and tweaks.

Get Started with Blockchain Using the new AWS Blockchain Templates” is one example of such predefined and pre-configured setup, for those who want to play around with Blockchain.  Just think of how much time it would have taken somebody who just wants to spin up their own Etherium network with some basic tools and services just to check the technology out.  With the predefined templates you can be up and running in minutes, and, once you are comfortable, you can spend more time rebuilding the whole thing, configuring and tweaking everything.

Useful payloads for security testing of web applications

This article (in Russian) lists a number of useful payloads (and some tools that work with them) for security testing of web applications.  Below is the list of handy GitHub repositories for web server path testing, cross-site scripting, SQL injection, and several other common types of vulnerabilities.  These payloads are much richer than basic hand-made tests and can help improve the security of the web application a great deal:

Building for the Blockchain

Building for the Blockchain” is a nice article some of the challenges and paradigm shifts that software developers that jump into Blockchain technology need to know about.  Apart from the usual suspects – networking, Etherium, cryptocurrencies and smart contracts – this article is full of useful links to helpful resources.

If you are considering the Blockchain or if you are already getting your feet wet in this new technology, have a look – I’m sure you’ll find something useful.

Service Workers

A List Apart runs an excellent article “Going Offline“.  In it, among other things, there’s one of the simplest explanations of the Service Workers technology that I’ve seen so far:

A service worker is like a cookie. Cookies are downloaded from a web server and installed in a browser. You can go to your browser’s preferences and see all the cookies that have been installed by sites you’ve visited. Cookies are very small and very simple little text files. A website can set a cookie, read a cookie, and update a cookie. A service worker script is much more powerful. It contains a set of instructions that the browser will consult before making any requests to the site that originally installed the service worker.

A service worker is like a virus. When you visit a website, a service worker is surreptitiously installed in the background. Afterwards, whenever you make a request to that website, your request will be intercepted by the service worker first. Your computer or phone becomes the home for service workers lurking in wait, ready to perform man-in-the-middle attacks. Don’t panic. A service worker can only handle requests for the site that originally installed that service worker. When you write a service worker, you can only use it to perform man-in-the-middle attacks on your own website.

A service worker is like a toolbox. By itself, a service worker can’t do much. But it allows you to access some very powerful browser features, like the Fetch API, the Cache API, and even notifications. API stands for Application Programming Interface, which sounds very fancy but really just means a tool that you can program however you want. You can write a set of instructions in your service worker to take advantage of these tools. Most of your instructions will be written as “when this happens, reach for this tool.” If, for instance, the network connection fails, you can instruct the service worker to retrieve a backup file using the Cache API.

RIP Ronald Lee Ermey

This is one of the best scenes in the whole movies history.  And that’s because of the brilliant performance by Ronald Lee Ermey.  Unfortunately, Ronald Lee Ermey has passed away on April 15, 2018, at the age of 74.  He played a few more roles in other movies, but I think this is by far his best contribution to the cinema.  Probably, because he was a drill instructor in the United States Marine Corps in real life.

Thank you, Ronald.  Rest in peace.

 

Mailtrain – self-hosted Open Source alternative to MailChimp

Mailtrain is a self-hosted Open Source alternative to MailChimp and other similar mass-mailing and newsletter services.  Of course, being self-hosted, it can go only so far – you’ll still need to deal with mail delivery, SPAM filtering, and other modern days “benefits” of delivering mass mailings.  But it looks pretty complete in terms of features, so if you want to have full control and don’t mind investing a bit of time in setting up, check it out – you might get a better or at least cheaper alternative.