01.24.14

^{Gemini version available ♊︎}

Finding Database Software Without Back Doors

Posted in Database, Oracle, Security at 9:19 am by Dr. Roy Schestowitz

Summary: A survey of competition in the area of databases, with emphasis on Free software and on security

ORACLE, far more so than Red Hat, has been in bed with the NSA. Oracle’s very identity (its name) is that of a CIA project — a fact that many people either don’t know or are shocked to discover. Actually, a lot of VC funds for database projects comes from the VC arm of the CIA nowadays. There are decent alternatives to Oracle’s databases, such as PostgreSQL [1], NoSQL [2], various Open Source Database management systems [3], and also GPL-licensed contenders such as RethinkDB, which has just received a lot of funding [4]. Oracle, which grabbed the most popular GPL-licensed database (MySQL), is still facing strong competition [5] and these are just examples from the past month’s news, not going further back than that. Then there’s the market share of Microsoft in database. Microsoft is famously facilitating NSA snooping, so it seems safe to say that using any database from the top proprietary providers (Oracle and Microsoft) is foolish and irresponsible when security and privacy are important. Back doors are now a fact, they are not a speculation. The trust is done.

SkySQL and MariaDB now directly challenge MySQL [6], which Oracle has neglected for the most part since it took over Sun and broke it to bits [7,8]. Oracle’s record when it comes to running big projects is not exactly good anymore [9] (and suffice to say its build/clone of RHEL cannot be trusted), so it seems safe to claims that for security and privacy one should choose the primarily Europe-based — with offices in 10 European countries — SkySQL (or even PostgreSQL), not MySQL. One little cause for concern is that a board member of SkySQL “worked as a management consultant with Indevo AB, At Kearney Inc. and Booz Allen,” according to this page. Booz Allen is the infamous NSA contractor.

It’s interesting that only few people entertain the possibility that there may be NSA back doors in the databases themselves, and given the role that the CIA played (historically and at present) in databases development we should pay close attention to that. █

Related/contextual items from the news:

PostgreSQL 9.1 Advances Open Source Database Innovation
How NoSQL will power the Internet of Things

Open-source NoSQL databases such as Apache Cassandra are (and will be) key enablers of the Internet of Things.

This is the view of Jonathan Ellis, CTO at DataStax, a company known for distributing a commercially supported version of the open source Apache Cassandra NoSQL Database Management System.
Open Source Database Management Systems Gaining Traction
RethinkDB grabs $8M to show its stuff against other NoSQL databases

RethinkDB open-sourced the database under a GNU license in November 2012, and the community is 4,000 developers strong…
Meet the Open Source Trio Primed to Topple Oracle

Over the past few years, we’ve seen an explosion of new databases. Several companies are offering relational databases that directly challenge traditional offerings from Oracle — databases that designed to store information in neat rows and columns on a single machine. And thanks to research papers detailing software built by Google and Amazon, we also have a slew of open source NoSQL databases — databases designed to store massive amounts of information across tens of hundreds of machines.
SkySQL goes after Oracle MySQL with enterprise release

SkySQL, the MariaDB MySQL fork company, isn’t just for open-source database management system (DBMS) experts anymore. With the release of its MariaDB Enterprise product, SkySQL is going straight for Oracle’s MySQL enterprise customers.
The mixed fate of Sun tech under Oracle
James Gosling grades Oracle’s handling of Sun’s technology

The Java founder assesses how well Oracle has managed the technologies it acquired in the four years since it bought Sun
Oracle’s Oregon Website Failure

For now, though, Oregon is stuck with a very expensive white elephant and most of its residents will not be able to take advantage of the benefits of the Affordable Care Act until 2015.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink Mail Send this to a friend

ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

What Else is New

Links 20/1/2022: 'Pluton' Pushback and Red Hat Satellite 6.10.2

Links for the day
The Web is a Corporate Misinformation/Disinformation Platform, Biased Against Communities, Facts, and Science

Misinformation/disinformation in so-called 'news' sites is a pandemic which spreads; in the process, the founder of GNU/Linux gets defamed and GNU/Linux itself is described as the problem, not the solution to the actual problems
Links 20/1/2022: McKinsey Openwashing and Stable Kernels

Links for the day
IRC Proceedings: Wednesday, January 19, 2022

IRC logs for Wednesday, January 19, 2022
Links 20/1/2022: Linuxfx 11.1 WxDesktop 11.0.3 and FreeIPMI 1.6.9 Released

Links for the day
Links 19/1/2022: XWayland 22.1 RC1 and OnlyOffice 7.0 Release

Links for the day
Links 19/1/2022: ArchLabs 2022.01.18 and KDE's 15-Minute Bug Initiative

Links for the day
When Twitter Protects Abusers and Abuse (and Twitter's Sponsors)

Twitter is an out-of-control censorship machine and it should be treated accordingly even by those who merely "read" or "follow" Twitter accounts; Twitter is a filter, not a news/media platform or even means of communication
IRC Proceedings: Tuesday, January 18, 2022

IRC logs for Tuesday, January 18, 2022
Links 19/1/2022: Wine 7.x Era Begins and Istio 1.12.2 is Out

Links for the day
Another Video IBM Does Not Want You to Watch

It seems very much possible that IBM (or someone close to IBM) is trying to purge me from Twitter, so let’s examine what they may be trying to distract from. As we put it 2 years ago, "Watson" is a lot more offensive than those supposedly offensive words IBM is working to purge; think about those hundreds of Red Hat workers who are black and were never told about ethnic purges of blacks facilitated by IBM (their new boss).
What IBM Does Not Want You to Watch

Let's 'Streisand it'...
Good News, Bad News (and Back to Normal)

When many services are reliant on the integrity of a single, very tiny MicroSD card you're only moments away from 2 days of intensive labour (recovery, investigation, migration, and further coding); we've learned our lessons and took advantage of this incident to upgrade the operating system, double the storage space, even improve the code slightly (for compatibility with newer systems)
Someone Is Very Desperate to Knock My Account Off Twitter

Many reports against me — some successful — are putting my free speech (and factual statements) at risk
Links 18/1/2022: Deepin 20.4 and Qubes OS 4.1.0 RC4

Links for the day
Links 18/1/2022: GNOME 42 Alpha and KStars 3.5.7

Links for the day
IRC Proceedings: Monday, January 17, 2022

IRC logs for Monday, January 17, 2022
Links 17/1/2022: More Microsoft-Connected FUD Against Linux as Its Share Continues to Fall

Links for the day
The GUI Challenge

The latest article from Andy concerns the Command Line Challenge
Links 17/1/2022: digiKam 7.5.0 and GhostBSD 22.01.12 Released

Links for the day
IRC Proceedings: Sunday, January 16, 2022

IRC logs for Sunday, January 16, 2022
Links 17/1/2022: postmarketOS 21.12 Service Pack 1 and Mumble 1.4 Released

Links for the day
[Meme] Gemini Space (or Geminispace): From 441 Working Capsules to 1,600 Working Capsules in Just 12 Months

Gemini space now boasts 1,600 working capsules, a massive growth compared to last January, as we noted the other day (1,600 is now official)
[Meme] European Patent Office Space

The EPO maintains a culture of illegal surveillance, inherited from Benoît Battistelli and taken to a whole new level by António Campinos
Gemini Rings (Like Webrings) and Shared Spaces in Geminspace

Much like the Web of 20+ years ago, Gemini lets online communities — real communities (not abused tenants, groomed to be ‘monetised’ like in Facebook or Flickr) — form networks, guilds, and rings
Links 16/1/2022: Latte Dock 0.11 and librest 0.9.0

Links for the day
The Corporate Cabal (and Spy Agencies-Enabled Monopolies) Engages in Raiding of the Free Software Community and Hacker Culture

In an overt attack on the people who actually did all the work — the geeks who built excellent software to be gradually privatised through the Linux Foundation (a sort of price-fixing and openwashing cartel for shared interests of proprietary software firms) — is receiving more widespread condemnation; even the OSI has been bribed to become a part-time Microsoft outsourcer as organisations are easier to corrupt than communities
EPO's Web Site Constantly Spammed by Lies About Privacy While EPO Breaks the Law and Outsources Data to the United States

The António Campinos-led EPO works for imperialism, it not only protects the rich; sadly, António’s father isn’t alive anymore and surely he would blast his son for doing what he does to progress his career while lying to staff and European citizens
Links 16/1/2022: Tsunami and Patents

Links for the day
IRC Proceedings: Saturday, January 15, 2022

IRC logs for Saturday, January 15, 2022