While the spate of SQL injection attacks appears to have died down from its peak earlier this year, it is still a considerable problem that should be on the radar of all database developers and DBAs.
Any SQL-based database server is vulnerable to a SQL injection, but the ones that have wreaked havoc this year have been directed at Microsoft's SQL Server via malicious code in a SQL query string, directed to the database via a Web app.
More
Posted by Jeffrey Schwartz on 09/03/20082 comments
Microsoft yesterday released a software development kit for SQL Server Data Services, its forthcoming cloud-based service that will let organizations store and query data.
The first beta of SSDS was released back in March, announced with much fanfare at the Mix08 Conference by Microsoft chief software architect Ray Ozzie
The SDK includes the command-line tool and the SSDS Explorer demonstrated by Soumitra Sengupta at TechEd back in Orlando in June. "The team would appreciate if you can give it a spin and let us know what you like, what you do not like and above all file bugs that you see," Sengupta wrote in an MSDN posting yesterday. Testers do need an SSDS account in order to use the SDK, he noted. The SDK can be downloaded here.
More
Posted by Jeffrey Schwartz on 08/20/20082 comments
In the spirit of the back-to-school season, which is now upon us, I thought I'd share a story about how Gautam Arora, a Georgia Tech graduate student, spent his summer. Arora spent 11 weeks as a paid intern at Morgan Stanley, where he helped bridge the gap between the .NET-based order generation process used by portfolio managers with operational systems that are built in Java.
It's worth noting that Arora, a native of Bombay, India and currently attending Georgia Tech, is a Java developer who came to New York this summer with no prior .NET programming experience.
More
Posted by Jeffrey Schwartz on 08/13/20081 comments
It's official: Microsoft has released to manufacturing its SQL Server 2008 database. Developers can
download
the much-anticipated upgrade to the company's database server immediately from MSDN or TechNet.
Officials from Microsoft's Data Platform Group held a conference call for analysts and press to announce the RTM. The company had indicated last month that its release was imminent despite skepticism to the contrary.
More
Posted by Jeffrey Schwartz on 08/06/20080 comments
Microsoft's SQL Server database continued to outpace its larger rivals Oracle and IBM in the overall database market in 2007, according to this year's annual database server market share reports by IDC and Gartner. But providers of open source database servers, while still a small slice of the market, could have a significant impact over the coming years.
Both IT research firms last month released their annual market share reports for database software. SQL Server revenues grew 16.5 percent in 2007 over the prior year, compared to Oracle, which grew a more modest 14.9 percent, and IBM, which was up just 10 percent, according to Gartner analyst Donald Feinstein. However Oracle and IBM's revenues come from a much higher base -- $48.6 billion and $20.7 billion respectively, compared with SQL Server's $18.1 billion.
More
Posted by Jeffrey Schwartz on 07/24/20080 comments
When I spoke last week with Fausto Ibarra, Microsoft's new director of product management for SQL Server, I asked why move his predecessor Francois Ajenstat (who is now working on Microsoft's green initiatives) off the team before the official RTM of SQL Server 2008? Ibarra explained that the product was officially kicked off in February during the Heroes Happen Hear Launch and the timing was right for the transition.
For Ibarra's part, it's onward and upward to the next release of SQL Server, where, if history should be our guide, will come out somewhere around 2011 -- though to be clear, that's what observers suspect. That didn't come from Ibarra or anyone else at Microsoft. All he would offer up on that front is Microsoft's goal of making it easier to manage all content across multiple tiers ranging from mobile devices to the cloud.
More
Posted by Jeffrey Schwartz on 07/17/20080 comments
Six weeks ago
I raised the question
: Will SQL Server 2008 slip again? The skepticism arose because Microsoft announced plans to release Service Pack 3 SP3 of SQL Server 2005.
Also raising doubts were testers of SQL Server 2008, saying there were still numerous bugs in the CTP. But Redmond officials insisted that SQL Server 2008 was still on track to be released to manufacturing in the third quarter and urged testers to report any bugs.
More
Posted by Jeffrey Schwartz on 07/10/20081 comments
A vocal group of ADO.NET Entity Framework testers that has
issued
a "vote of no-confidence"
is illuminating a long-standing conflict
between a segment of the .NET development community and Redmond. The petition
raises a big question: Is there a storm brewing among developers of data-driven
applications looking toward the latest iterations of the .NET Framework, or
is this just a tempest in a teapot?
More
Posted by Jeffrey Schwartz on 06/26/20083 comments
Last
week
, I pointed to Microsoft's unexpected launch of Project Velocity, the
code-name for a distributed in-memory data caching platform, which it launched
at Tech-Ed Developers in Orlando.
Many jaws dropped when Microsoft unveiled Velocity -- not just as a project
but with enough
code to allow developers to test.
More
Posted by Jeffrey Schwartz on 06/19/20080 comments
On the data management front, one of the big surprises at last week's TechEd Developers conference in Orlando was Microsoft's release of Velocity, the code-name for a distributed, in-memory data caching platform that has been quietly under development in Redmond.
Velocity is designed to provide high-speed access to data developed in .NET via partitioned, replicated or local caches. "It's an application cache," said Anil Nori, a distinguished engineer in Microsoft's SQL Server group. Naturally, given his roots, I asked him if this is seen as an alternative to using the SQL Server repository. Nori explained the rational for data caching software, which he sees as a separate tier in the application stack.
More
Posted by Jeffrey Schwartz on 06/12/20081 comments
While Microsoft chairman Bill Gates yesterday talked up everything from Silverlight to robotics in
his TechEd keynote yesterday
, he also gave a plug for database development and the forthcoming SQL Server 2008 release.
"It's a very big release in terms of what people can do in the data center, how these various pieces connect together, different types of data that we can understand in a very rich way. And so this is central, and it's a big investment for us, something that is very key," Gates said.
More
Posted by Jeffrey Schwartz on 06/04/20080 comments
Database developers going to Microsoft's annual North American Tech-Ed conference will have plenty of opportunities to fine-tune their development skills. This year, Microsoft has split the Orlando, Fla., Tech-Ed into two weeks of events, the first week is Tech-Ed North America 2008 Developers, which begins on June 3 with a keynote address from departing chairman and founder Bill Gates.
While it remains to be seen what Gates may have to say about data-driven development, it wouldn't be surprising to hear him talk up Microsoft's Language-Integrated Query (LINQ) and Microsoft's "Oslo" project. Microsoft, of course, released LINQ with Visual Studio 2008 as a means of making it easier for developers to build database queries into their applications, and it's a significant extension to the .NET Framework. As for Oslo, Microsoft’s next-generation modeling platform for building service oriented architecture applications, it would be disappointing if some new details didn't emerge from Gates or chief software architect Ray Ozzie next week.
More
Posted by Jeffrey Schwartz on 05/28/20080 comments