Tag Archives: security

Dear IT Security Industry…

Posted on September 10, 2009 by Domas Mituzas

… You are full of shit. I don’t know how effective your scare-mongering cash-extortion tactics are, but they don’t really help neither your users, nor vendors, nor anyone else. It all starts when major vulnerability databases start authoritatively spouting out … Continue reading

Posted in mysql | Tagged | 9 Comments

MySQL password security

Posted on March 8, 2009 by Domas Mituzas

Simple password authentication schemes are usually guarding against one of two evils – either leaked password tables, or sniffed network traffic. In 4.1 MySQL introduced challenge-response scheme, that is guarding against both, just not both at the same time. How … Continue reading

Posted in mysql | Tagged | 4 Comments

Packing for MySQL Conference 2009

Posted on December 16, 2008 by Domas Mituzas

Yay, coming to Santa Clara again (4th conference in a row!:). I can’t imagine my year without MySQL Conference trip anymore. To get a free ticket I’ll present on two topics, MySQL Security (lately I have related role, and have … Continue reading

Posted in mysql | Tagged , , | 2 Comments

Tim is now vocal

Posted on December 16, 2008 by Domas Mituzas

Tim is one of most humble and intelligent developers I’ve ever met – and we’re extremely happy having him at Wikimedia. Now he has a blog, where the first entry is already epic by any standards. I mentioned the IE … Continue reading

Posted in mysql, wikipedia, wikitech | Tagged , , | Comments Off

IE finds JS in Images (old xss bug!)

Posted on January 3, 2008 by Domas Mituzas

Well, this fix was done more than three years ago, but this is one of most evil IE bugs in existence. Even better, it seems to have never been fixed, exists in IE7, and is being discussed in various places … Continue reading

Posted in misc | Tagged , , | 6 Comments