Next month is going to be a busy – Atlanta, Helsinki, Saint Petersburg, Moscow, Sofia Bulgaria, and London

May 10th I will be speaking In Atlanta Georgia on Holistic Database Security at Georgia Oracle Users Group Tech Days 2017. I have not decided if I’m flying 81K down or flying commercial yet. I may just go ahead and fly commercial, because I won’t be able to get down to Atlanta until the afternoon of the 9th.

Next up, spend a few days at home, then fly over to Helsinki Finland for Harmony 2017 May 17-18. I’ll be speaking on PL/SQL Secure coding practices. We always have fun at Harmony, this time we are also planning on heading over to Heli and Marko’s place to have a BBQ. I’ll be cooking Firehouse Hamburgers for everyone.

The morning of the May 19, getting on the train to head over to Saint Petersburg to see the ballet “A Midsummers Night Dream” at The Mariinsky Theatre, spend the weekend and see the city.

May 22 taking the train down to Moscow. I’ve been working with the Oracle Office there to put together a three-hour security workshop for Oracle customers and partners. I’m really looking forward to this event. This workshop will be live translated to Russian. I’ve never had a talk translated, so this will be a new experience. Now I’ve been to Moscow a couple times for layovers, but never spent more than a day there so this time, I’ll spend a bit over a week and celebrate the 57th birthday there. I checked for tickets to the Bolshoi Theatre for Friday night to celebrate my birthday, but there were quite expensive, so I opted to get tickets to a modern ballet Saturday night at the Bolshoi Theatre.

May 31 it’s off to Sofia Bulgaria for BGOUG’s spring conference June 2-4. This conference is one of the finest in the world. If you are in or near Bulgaria, I highly recommend attending. I’ll be speaking on Cloud Security and Hacking the Human Brain.

June 4th off to Home, great part is, I’ll have a 23 hour layover in London, so get to see a bunch of friends at some random London pub. Life is good.

As most of you know, I prefer to fly Business Class Aeroflot on my trips to Europe, but this time it’s going to be British Airways so I can get my layover in London to see some friends.  See y’all soon.

@Oracle Cool new features to improve security. Part 2 TDE support to encrypt SYSTEM, SYSAUX, TEMP and UNDO tablespaces. #infosec

Are you gathering statistics on your data? Are you running Transparent Data Encryption, then it’s time to upgrade to Oracle

Pretty cool, eh? So what’s happening here? Statistics that were gathered on the hr.employees table are stored in the SYSAUX tablespace. If you are running Oracle 12.1 or bellow, SYSAUX can not be encrypted; therefore data that should be encrypted (statistics data) is spilling over to the unencrypted tablespace SYSAUX. Oracle 12.2 now supports encrypting SYSTEM, SYSAUX, TEMP and UNDO tablespaces to help prevent the spillage of data.

Every now and then “It happens.”

I have lost count of the number of times I’ve given the Holistic Database Security talk. The talk has evolved over the years, it continues to evolve, and is a mature presentation. Yesterday at Collaborate 2017, It Happened!

I was asked to have my presentation recorded to put out on the web. I’m always very agreeable to having my presentations recorded to reach a larger audience. A representative from Collaborate came up to me to plug a thumb drive into my laptop with the recording software. My reaction was, you got to be kidding, how do I know that thumb drive is safe? I travel with a sacrificial lamb computer, so I was not too worried about malware.  Turns out allowing this software to run on this machine was not such a great idea.

When I do my presentations, I typically have an Oracle 12c VM running to do my demos along with Chrome to display my slides. My sacrificial lamb computer is not the newest, or fastest laptop out there, in fact I’ve been using it for a few years now.

About 10 minutes into my presentation I noticed something was amiss; my laptop was running much slower than normal then locked up for several minutes. This through me for a loop. Finally, I pulled the thumb drive, and did a hard reboot of my computer. (holding the power button down, yea it was that bad)

Lessons learned:

  • Always have a hard copy of my presentation available.
  • Things go wrong, have a disaster recovery plan.
  • Doing a presentation in front of an audience is PRODUCTION and should be treated like production. Don’t introduce something to the environment that has not been fully tested.