#Drones are not welcome at airshows.

I’m going to take a tangent from my normal Oracle related posts because this is important. The FAA and the International Council of Airshows are working to keep drones away from airshows. As a pilot I can tell you; when I’m close to the ground I don’t want any distractions. airshow pilots are flying very close to the ground performing aerobatic maneuvers and flying at high speeds. Please keep your drones at home.


Notice Number: NOTC6750

Proliferation of privately-owned unmanned systems causing safety concerns at air show venues
LEESBURG, Va. – Sept. 28, 2016 – Leave the flying to the professionals. That’s the message coming from The International Council of Air Shows (ICAS) out of concern for spectator safety and the safety of air show pilots who will fly nearly 10,000 performances at over 300 North American events this year.
Carrying forward and supporting the Federal Aviation Administration’s (FAA) “No Drone Zone,” “Leave Your Drone at Home,” and “Know Before You Fly” initiatives, ICAS wants air show spectators and those in an air show venue’s surrounding area to understand that flying an unmanned aircraft in unauthorized air space is not just illegal, but unnecessarily puts people at risk.
“Even one close call is too many,” said John Cudahy, ICAS president and CEO. “While performing, air show pilots require total concentration and precision. If a drone interferes with an aircraft’s flight path, that’s a distraction that could have disastrous consequences. If a drone actually collides with a plane while that plane is performing an aerobatic maneuver, the result could be catastrophic for the pilot and the viewing public.”
North American air shows are highly regulated and regarded as the safest in the world. Air show pilots go through a battery of medical assessments, aerobatic competency evaluations and certifications before being able to perform. There hasn’t been a spectator fatality in North America since 1952.   
Pilot reports of unmanned aircraft increased dramatically in 2015, from a total of 238 sightings in all of 2014, to more than 650 by August of 2015. The FAA in recent months has sent out a clear message that operating drones around airplanes and helicopters is dangerous and illegal. Unauthorized operators may be subject to stiff fines and criminal charges, including possible jail time.
“We want everyone at air shows to enjoy their experience without having to worry about or experience the repercussions of a drone-related accident,” said Cudahy. “There are plenty of outlets to see great air show video footage and photos taken by professionals. Leave the flying and photography to the professionals and come see the air show in person.”
The FAA is leading a public outreach campaign to promote safe and responsible use of unmanned aircraft systems and offers a digital toolkit with downloadable outreach materials to federal, state, and other partners to educate unmanned aircraft operators that flying in certain areas is prohibited.
About the International Council of Air Shows
Headquartered in Leesburg, Va., ICAS was founded in 1967 as a trade and professional association by industry professionals to protect and promote their interests in the growing North American air show marketplace.”

November is going to be a busy month. #ECOUG and #BGOUG

I stopped tracking the the miles I fly years ago. It seems every other month I’m in another timezone at a conference, learning from the best in the industry. Well in November I will be fortunate to stay in my timezone; speaking at the East Coast Oracle Users Group in Raleigh, North Carolina. https://www.eastcoastoracle.org/index.htm Once I return from ECOUG, I’m on a flight to Sofia Bulgaria for the Bulgarian Oracle Users Group Autumn conference http://www.bgoug.org/en/events/details/98.html, seven hour time difference from Baltimore, Maryland.

What do we get out of my spending so much time traveling?

  1. I get privilege of teaching people how to secure their data. We are seeing the same security mistakes everywhere we go. Therefore I’ve dedicated some of my time to show you these mistakes and how to correct them.
    1. Setting up the Oracle Database environment. A lot of these mistakes are the result of an attitude of, we have strong parameter security, so the proper effort is not put into securing the database. Other mistakes are the result of not understanding how the database works. Sample question: If you take existing data and put it into an encrypted tablespace, is your data encrypted? The answer is yes and no. Yes your data is now encrypted but you still have unencrypted ghost data. I’ll walk you through how to address this ghost data. Most of these mistakes can be easily corrected, others require more engineering.
    2. Application Architecture. We have been designing applications the same way for over thirty years and then wonder why data is spilling. We need to fundamentally rethink how we design database applications. I will show you a secure application architecture that will dramatically improve the security of your data.
    3. Coding Standards. The biggest issue I see in database applications is SQL Injection bugs. I remember sitting in a meeting when the Director of Application Development told me. “There are no SQL Injection bugs in our applications.” We started the pen test and it did not take us very long to extract all of their source code from the database and from there we started extracting their data. Don’t be too confidant, there will always someone out there smarter then you (and smarter than me.)
  2. We get the privilege of learning from the best in the industry. The list of speakers at ECOUG AND BGOUG reads like a Who’s Who from the Oracle space. There are ACE Directors, ACE’s, ACE Associates and Oracle Product Mangers from all over the world along with some that are rising to ACE status. If you want to learn from the best of the best, come on out. Here is the best part, these guys are not only the smartest they are also the nicest people you will encounter. We are always happy to sit down over a beer or two and discuss your specific situation or just chew the fat.

Do you want to kick your career up a several notches? Ask us how to get involved with speaking at Oracle Users Groups.

The BGOUG Conference Agenda: http://www.bgoug.org/upload/events_files/1019_Agenda_201611_Pravets_EN_3.pdf

The ECOUG Conference Agenda: https://www.eastcoastoracle.org/PDF_files/2016/ECO_16_SAG_v2.pdf

Turn off the #http #listener in #Oracle #STIG

Locking down a database (applying STIGs) you need to check to see if the listener is running http. If you don’t need the http service, turn it off. Turning off http will reduce the attack surface.

Step 1) Is http running?
[oracle@vbgeneric db_1]$ lsnrctl stat | grep HTTP
[oracle@vbgeneric db_1]$

Step 2) Turn off http
RLOCKARD@orcl> select version from v$instance;

RLOCKARD@orcl12c> sho parameter dispatchers

———————————— ———– ——————————
dispatchers string (PROTOCOL=TCP)
max_dispatchers integer

RLOCKARD@orcl12c> exec dbms_xdb.sethttpport(0);
PL/SQL procedure successfully completed.

RLOCKARD@orcl12c> exit
Disconnected from Oracle Database 12c Enterprise Edition Release – 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options

SYS@orcl12c> sho parameter dispatchers

———————————— ———– ——————————
dispatchers string (PROTOCOL=TCP)
max_dispatchers integer

[oracle@vbgeneric db_1]$ lsnrctl stop

LSNRCTL for Linux: Version – Production on 15-SEP-2016 09:25:29

Copyright (c) 1991, 2014, Oracle. All rights reserved.

The command completed successfully
[oracle@vbgeneric db_1]$ lsnrctl start

LSNRCTL for Linux: Version – Production on 15-SEP-2016 09:25:34

Copyright (c) 1991, 2014, Oracle. All rights reserved.

Starting /u01/app/oracle/product/ please wait…

TNSLSNR for Linux: Version – Production
System parameter file is /u01/app/oracle/product/
Log messages written to /u01/app/oracle/diag/tnslsnr/vbgeneric/listener/alert/log.xml
Notice it’s gone
Version TNSLSNR for Linux: Version – Production
Start Date 15-SEP-2016 09:25:34
Uptime 0 days 0 hr. 0 min. 0 sec
Trace Level off
Security ON: Local OS Authentication
Default Service orcl12c
Listener Parameter File /u01/app/oracle/product/
Listener Log File /u01/app/oracle/diag/tnslsnr/vbgeneric/listener/alert/log.xml
Listening Endpoints Summary…
Services Summary…
Service “orcl12c” has 1 instance(s).
Instance “orcl12c”, status UNKNOWN, has 1 handler(s) for this service…
The command completed successfully

That was easy.

#infosec #Oracle #Migration #Encryption #2MTT

I have seen this twice in the past week. A customer requirement is to migrate their Oracle database to a new server and they want encryption implemented.The steps defined in the request is Migrate then Encrypt. This is backwards. You should setup your encryption then migrate your data into the new server. Why is this? Well if you move your data and then put it into encrypted tablespaces you are going to be chasing ghost data.

Here is a two minute tech tip I did for Oracle Technology Network explaining the problem.

Rating the international Air Carriers I use. @aeroflot @Icelandair and @British_Airways


This is a departure from my usual database security post; hope you don’t mind my switching gears today.

Here is the ranking of the airlines that I currently use. Scores are 0 – 10 with ten being over the top great.

I spend way too much time on the road. Yes, I do enjoy it but let’s just say I would prefer to sleep in my own bead. I have become all too familiar with different airlines and airports. Understand, everything here is my personal opinion. I’m rating these airlines by customer service at the airport and customer service on the flight, seat comfort, boarding process, food, and pricing.

My first choice is always going to be fly myself. I purchased my 1948 Navion, N4281K about 25 years ago and fly it every chance I get.  81 Kelo is capable of 1,000 nm nonstop and still have twenty gallons of reserve fuel. She’s IFR certified, reliable and roomy. When flying her, I always arrive in comfort, style and at times very tired. I really need to get an autopilot installed. When weather or distance becomes an issue I let the professionals fly. I have lost too many friends too “I got to get there.” Remember takeoffs are optional, landings are mandatory.


Category: International Travel

If I am going to be stuck in a metal tube hurtling through space at five hundred miles an hour  for fourteen hours, by golly I’m going to be comfortable.



Aeroflot is becoming my goto carrier for international travel.. Some of y’all are saying “what #1 for Aeroflot on international trips? I have even got that from friends in the airline industry. First off to dispel that issue. Aeroflot is flying new Boeings and new Airbus planes. When flying to Tallinn Estonia a couple years ago, Aeroflot had the best prices for the this trip. I took one for the team and was very pleasantly surprised at the high quality of their customer service. In November, I will be flying Aeroflot again to Sofia Bulgaria. Note: I have only flown Aeroflot in the Business Class cabin.

  • Customer Service at airport score 5

Checking in with Aeroflot is pretty standard; nothing stands out either great or poor. The business class lounge in Moscow is quite comfortable with professional attendants. The food is standard fare for a business class lounge, pretty average, not great but not bad either.   

  •  Customer Service on plane score 9.5

All I can say is WOW! This level of service disappeared from US carriers decades ago. I wish other carriers would take some notes from Aeroflot, they are doing a lot of things right. First, when you get on the plane you are greeted by white glove wearing Stewards and Stewardesses. After being seated, if you are wearing a jacket, it’s hung up and the Stewardess asks you “How shale I address you.” Paying attention to little details like this make me appreciate their service.

  • Seat Comfort score 7 

Business Class on Aeroflot international flights is the standard lay flat seat. They’re very comfortable and I have no problem sleeping on them. Yes I can completely stretch out my 6 foot 3 inch frame in their business class seat.

  •  Boarding Process score 7

It’s about standard, except the greeting you get when you get on the plane is much nicer than most any other airline.

  •  Food score 8

The food served was as close to gourmet as you can get on an airline. My last trip dinner was blackened sea bass and guacamole, and a great mimosa was served with my breakfast.

  • Pricing score 5

Pricing is competitive for business class travel; there are cheaper options for international business class travel.

I have not used Aeroflot’s site to book tickets. I normally start at http://flights.google.com and pick one of the sites like expedia to book. I’ve had issues in the past booking with a carrier who is not US Based, where my credit card get denied and then have to call up the bank to resolve it.

  • Tidbits

When connecting in Moscow make sure you have a paper copy of your boarding pass for your connection. My first trip through I did not have the paper copy of my boarding pass for my connection. The young lady at passport control did not speak any English but I could tell she was not pleased with me She was holding up my phone and kept telling me нет.. I had to go back and find an Aeroflot employee to print the paper copy to get through passport control to get my connection.

There are few things I would like to see. One is it would be great if Aeroflot offered more flights into and out of Washington DC and operated out of BWI, the other is needing a visa to get out of the international terminal. I realize there is nothing Aeroflot can do about the visa issue. Remember if you are flying Aeroflot international, you will be connecting in Moscow. The international terminal in Moscow is a depressing place to be. Fortunately I have been able to escape to the business class lounge.



I took Icelandair for the first time last May to Helsinki and really enjoyed the flight and the service. In the morning the flight attendant gave me a shot of carrot juice with ginger that I loved and to date I have not been able to duplicate it at home. Besides receiving a travel pack for Saga Class, you also get a noise canceling headset.

  • Customer Service at airport score 5

If you are flying Saga Class be sure to stop in the Saga Class lounge in Reykjavik. The food there is great and the seats are very comfortable; it’s my favorite lounge of all.

  • Customer Service on plane score 6

The flight attendants on Icelandair are professional and friendly. While flying home from Helsinki, one took the time to explain some of Iceland’s history and the belief in Elves. It’s the attention to little details that count.

  • Seat Comfort score   6

The Saga Class seats are the same seats you would expect on a domestic first class flight.

  • Boarding Process    score   1

So why would I rate a boarding process. Where the British have mastered the use of the queue, Icelandair takes the Viking approach, everyone storms the gate. Yes, at first I thought this is quite odd, then realized it’s just the way they do it. There is nothing that even remotely resembles a queue.

  • Food score 8

The food served on Icelandair is really quite good. I really don’t remember what I had to eat, only that I enjoyed it quite a bit.

  • Pricing score 7

The cost of flying Icelandair is quite competitive, but you need to be aware, the Saga Class seats are pretty much the same as premium economy on other airlines. So, when you shop for prices that is your point of comparison.

  • Tidbits

If you find yourself on a layover in Reykjavik make a point to go to the Blue Lagoon http://www.bluelagoon.com/. I had a two hour in water massage when I had my layover and it was outstanding. Now only if I could convince other airlines to offer massages during long layovers.

British Airways


BA operates out of BWI, so when I traveling to London I will go ahead and fly BA. However I had a very bad experience with BA a couple of years ago when I took my mother to Helsinki with me. My mother needs a wheelchair; during our layover the BA contractor who takes care of the wheelchairs was very rude to my mother. This is a case of, one strike you’re out.

  • Customer Service at airport            score   5

All BA employees are professional and attentive. Note to BA, when I served in the US Navy I picked up an expression. One oh shit can destroy one thousand complements. Now that said, earlier this year I was flying from BWI to London and there was a blizzard moving into BWI the day before my flight. I contacted BA to change my flight and was told it would be $800 to change my flight. I than lodged a complaint on twitter, tagging BA. The social media team contacted me and move my flight no charge. Fixing an issue before it becomes an issue is important. We saw there was going to be a blizzard. I would have scored this 0 because of that one rude contractor however; on average BA is about average when it comes to customer service at the airport.

  • Customer Service on plane score 7

What can I say; British Airways flight crews are very British. On my last trip to London, I remember getting on the plane and the flight attendant offering me a glass of champagne, nice touch. I have flown BA in both Business Class and Premium Economy. There is a difference in the level of service, but I don’t have any complaints.

  • Seat Comfort           score   6

I’m 6’ 3” tall, in the business class section I can not completely stretch out when I turn the seat into a bed. The seats in premium economy are the same seats you would expect when flying domestic first class.

  • Boarding Process score 8

I believe the British invented queueing and they have it down to a science.

  • Food score   5

There is nothing spectacular about the food on BA; really it’s about average. I can’t think of anything that stands out either good or bad about their food.

  • Pricing          score   3

BA Business Class always seems to be a little more expensive than other options. I normally wind up flying premium economy when flying BA and sometimes upgrading my ticket at the airport.

You can use #sqlcl with #mkstore

I was struggling last week getting mkstore and sqlcl to work together. sqlcl is Oracle’s new command line interface. For more on sqlcl see http://www.oracle.com/technetwork/issue-archive/2015/15-sep/o55sql-dev-2692807.html. I have been using sqlcl almost exclusively for the past year and love it. I also have a lot of my connections in keystore to handle cron jobs along with a few other use cases.

To get sqlcl and keystore to work together is quite easy.

  • Add the wallet location and sqlnet.wallet_override=true to sqlnet.ora
    • WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY =/u01/app/oracle/wallet)))


  • Create a keystore
    • mkstore -wrl $ORACLE_BASE/wallet –create
    • enter the password and verify.
  • add the username/password@service to keystore
    • mkstore -wrl $ORACLE_BASE/wallet -createCredential localhost:1521/orcl rlockard mySecretPassword
    • enter the wallet password

Then connect

  • sql /@localhost:1521/orcl



#phishing #infosec short post

Phishing has gotten more sophisticated over the years. Spelling and grammar has gotten better making phishing attempts more difficult to spot. There are some out there who did not get the memo and very easy to spot.


You still need to be diligent. If you are not sure it’s secure, don’t click any links and don’t open any attachments.

An enhancement I would love to see in Business class lounges. @aeroflot @icelandair @AmericanAir @KLM @airfrance @british_airways

It goes without saying I spend way too much time traveling and fortunately, most of the time I can fly myself in my 1948 Navion when the hop is less then 1,000 nautical miles.

Now quite frankly I love the travel, seeing different cities and countries, learning about different cultures and making new friends all over the world. However there is one thing that I really don’t enjoy. Multi-hour layovers (I think my record layover was over 11 hours in Moscow), they are a fact of life and to be honest, y’all have great lounges to make the wait more tolerable. There is one enhancement I believe a large part of your customer base will take advantage of.

Please give us a place to exercise. I’m not talking about a full blown gym, but a room with some exercise equipment where we can, well exercise during a layover. I would definitely take advantage of a gym. As another advantage y’all would be promoting good heath for your customers.

Thanks, –Rob

Upcoming speaking engagements two confirmed #oow16 #ecoug16 three waiting #bgoug, #rmoug and ???

The fall is filling out fast. I will be speaking at Oracle Open World 2016 on Holistic Database Security. Then speaking in November at the East Coast Oracle User Group on Holistic Database Security.

I currently have papers in to Bulgarian Oracle Users Group Autumn Conference November 11 – 13  on Holistic Database Security, Transparent Data Encryption and PL/SQL Secure Coding practices. I have heard many fine things about BGOUG conference. Everyone I have spoken to who’s been there can’t wait to go back.

I have also submitted to Rocky Mountain Oracle Users Group February 7 – 9 on Holistic Database Security and PL/SQL Secure Coding practices. RMOUG is the largest grass roots Oracle Users Group out there and every year they put on a wonderful conference.

Now, I’ve been told there will be a security conference coming in Rovaniemi Finland next year. Once I have more details, I’ll submit abstracts for that.