Cloud Database, Flight 93 Security, Brouter, Cybersecurity


  1. One project got huge database, and high I/O latency (@ Wikipedia) due to cloud hosted database. It finally forced me to create all the SQL commands to use remote stored procedures, and handled as much data on the server side using minimal network round trips. Using temp tables, and several + long chained SQL statements in one execute statement. As I mentioned before, quite often the database is local, and quite small. Which allows using the SQL database like key value storage or like RPC, which minimal SQL code. But in this case, everything that can be pushed to SQL server, needs to be pushed to it. Moving data between the process and SQL server is slow and every round trip takes quite a while. I haven't ever really written this heavy SQL statements or actual SQL programs, because often even soft joins with caching work great. But now the scale of the database is totally different than what I've used to in our ETL tasks. Or often it's two huge tables, and bunch of small "static" reference tables, which can be often cached, or even loaded into memory using one call and mapped into Python dictionary for quick lookup during rest of the ETL job. UPDATE FROM JOINs etc. Again, syntax is bit different when using MySQL, PostgreSQL, SQLite and T-SQL (SQL Server 2019) and Oracle. Yet I mostly read from different sources and update the primary store. Also acquiring and holding locks correctly is important in this case, because dead lock detection wastes (a lot of) time.

  2. Watched new documentary with new details about Flight 93 (@ Wikipedia). So classic. It's like IT security. "Door must be locked for security reasons". Yet, every door had the same lock, and every flight attendant had that key, plus for "security reasons" backup key was always held next to the door in every airplane. - Sounds just so classic. It's secured using "key" yet, everyone got this key, and backup copy is available easily, in case you don't happen to have that generally and easily available key already. - I wonder why this sounds so darn familiar pattern. - Yet some interesting details still remain classified.

  3. I've been using - Brouter-Web (@ brouter.de) - routing my walks & bicycling trips. Seems to be pretty handy tool. First you'll add start and stop points, and if you're not totally happy with the route, then just drop a few extra waypoints to redirect it. Gives you good distance and travel time estimations, and if those won't match your pace. There's no reason why you can't create your own travel profile with suitable values. Yet it's not great avoiding "annoying traffic situations" and or "scenic routes", which are the most common reasons for re-planning the route. When bicycling, it doesn't matter if trip is bit longer, but if it contains stressful and or actually dangerous traffic situations, what's much worse than cycling 500 meters more.

  4. IT security is something which is way too large for a single person to handle: I've got a great chart about Cybersecurity (@ Wikipedia) Domains, which contains: CASB, Federated Identity, Cloud Security, Data Protection, Network Design, Secure Application Development, Baseline Configuration, Security Architecture, Secure System Build, Access Control, Identity Management, Privileged Access Management, Identity & Access Management, Security Engineering, Cryptography, Physical Security, Training, Certification, Conferences, Peer Groups, Self Study, Career Development, NIST, ISO/IEC, COBIT, SANS/CSC, Framework and Standard, Vulnerability Scan, Assets Inventory, 4th Party Risk, Blue team, Social Engineering, 3rd Party Risk, Risk Assessment, Penetration Test, Red team, Application, Source Code Scan, Data-Centric Risk Assessment, Data-Flow Map, Blackbox, Whitebox, Governance, Laws and Regulations, Industry Specific, Federal, State, Audit, EU, Risk Informed, Executive Management Involvement, Company's Written Supervisory Procedures (WSPs), Reports and Scorecards, Policy, Procedure, Standard, Guideline, Compliance & Enforcement, KPIs/KRIs, Threat Intelligence, External, Internal, Contextual, IOCs, Intel Sharing, User Education, Training, Awareness, DR, Recovery, BCP, Prevention, Detection, Protection, Security Operation, Active Defense, Data Leakage, SIEM, SOC, Vulnerability Management, Incident Response, Breach Notification, Containment, Investigation, Eradication, Forensics.

2021-12-19