Connection Failures and Data Manipulation at Non-Thread Safe Shared JDBC Connection

Pitfalls of sharing a connection among threads

Here is a review of the potential pitfalls of sharing a single Connection among multiple threads.

  • Committing or rolling back a transaction closes all open ResultSet objects and currently executing Statements, unless you are using held cursors.If one thread commits, it closes the Statements and ResultSets of all other threads using the same connection.
  • Executing a Statement automatically closes any existing open ResultSet generated by an earlier execution of that Statement.If threads share Statements, one thread could close another’s ResultSet.

In many cases, it is easier to assign each thread to a distinct Connection. If thread A does database work that is not transactionally related to thread B, assign them to different Connections. For example, if thread A is associated with a user input window that allows users to delete hotels and thread B is associated with a user window that allows users to view city information, assign those threads to different Connections. That way, when thread A commits, it does not affect any ResultSets or Statements of thread B.

Another strategy is to have one thread do queries and another thread do updates. Queries hold shared locks until the transaction commits in SERIALIZABLE isolation mode; use READ_COMMITTED instead.

Yet another strategy is to have only one thread do database access. Have other threads get information from the database access thread.

Multiple threads are permitted to share a Connection, Statement, or ResultSet. However, the application programmer must ensure that one thread does not affect the behavior of the others.

Recommended Practices (at Oracle)

Here are some tips for avoiding unexpected behavior:

  • Avoid sharing Statements (and their ResultSets) among threads.
  • Each time a thread executes a Statement, it should process the results before relinquishing the Connection.
  • Each time a thread accesses the Connection, it should consistently commit or not, depending on application protocol.
  • Have one thread be the “managing” database Connection thread that should handle the higher-level tasks, such as establishing the Connection, committing, rolling back, changing Connection properties such as auto-commit, closing the Connection, shutting down the database (in an embedded environment), and so on.
  • Close ResultSets and Statements that are no longer needed in order to release resources.
    • -> docs.oracle.com/javadb/10.8.3.0/devguide/cdevconcepts89498.html

 

Ref : oracle.com

Minimum Requirements to Run SQL Server 2012 Express and SQL Server Management Studio

Minimum Requirements to Run SQL Server 2012 Express and SQL Server Management Studio
To begin, please make sure the computer you will be using meets these minimum requirements:

  • Windows 7, Windows Server 2008 R2, Windows Server 2008 Service Pack 2 or Windows Vista (SP2 or later).
  • Internet Explorer 7 or higher. A free download is available from Microsoft — please click here.
  • For 32-bit systems, 1 GHz Intel or compatible processor (2 GHz or higher recommended).
  • For 64-bit systems, 1.4 GHz Intel or compatible processor (2 GHz or higher recommended).
  • 512 MB RAM (1 GB or more is recommended) and at least 2.2 GB of hard disk space for SQL Server Express and related components, plus at least 1 GB for ReliaSoft desktop applications.
  • SVGA display (1,024×768 pixels)
  • Microsoft .NET Framework 3.5 SP1 AND Microsoft .NET Framework 4.0. (.NET 3.5 is no longer included in the SQL Server installation; if it is not already on your computer, a free download is available from Microsoft– please click here. .NET 4.0 is included in the SQL Server 2012 installation files or a free download is also available separately from Microsoft — please click here.)
  • Microsoft Office 2000 or higher (Excel and Word) for automated report generation.

    These requirements satisfy the minimum specifications for SQL Server 2012 Express, SQL Server Management Studio Express and ReliaSoft desktop applications. For more details on Microsoft’s recommended minimum specifications for SQL Server 2012 Express, click here. For more details on our recommended minimum specifications for ReliaSoft applications, click here.

Mssql Server Comparison

Microsoft SQL server is the most popular and advanced Relational Database Management System (RDBMS)
by Microsoft. It is basically a software-based product and its primary role is storage and retrieval of data as per the request of the applications on
either the same system or a system on another network.

It supports large applications with millions of users or huge databases with advanced
features and security. SQL Server is fully compatible with MS Access database.
Data can be easily imported or exported between these two.

Microsoft SQL server is widely used for e-commerce, line-of-business, and data warehousing solutions.
There are dozens of different editions or versions of Microsoft SQL server provided by
Microsoft with different feature sets and pricing options. From many of them,
we are going to discuss two editions in this article. They are Microsoft SQL Server Express edition and Microsoft SQL Server Web edition.

Microsoft SQL Server Express edition

It is a scaled down, entry-level database option to learn and build desktop and small server
applications. It provides a number of features of the paid editions but some technical limitations
in terms of database size and the number of users make it unsuitable for large-scale installations.
Thus, it is a good choice for developers, independent software vendors (ISVs) and for those who build small client applications.

In case you need more advanced features of the database, SQL server express edition can be
upgraded to high-end versions. There are various versions of Microsoft SQL server express edition.
Here is a summary with the years in which they were released:

VERSIONS SERVICE PACKS
2017 None
2016 SP1
2014 SP1 and SP2
2012 SP1, SP2 and SP3
2008 R2 RTM, R2 SP1 and R2 SP2
2005 SP1, SP2, SP3 and SP4

Features:

  • There is no requirement of a license for using it, as it is free for distribution.
  • It is an easy to use version, designed for building simple data-driven applications up to 10 GB in size.
  • Includes SQL Server Management Studio. This helps administrators and developers of different skill levels use SQL Server efficiently.
  • Applications develop faster through the deep integration with Visual Web Developer, Visual Studio, and so on.
  • Enhanced reporting services help create and share reports that answer complex questions through rich visualizations.
  • Easy backup and restore functionality to Microsoft Azure.
  • It comes with same monitoring tools that come with Standard and Enterprise editions.
  • It comes with various security features  – row-level security, always encrypted, dynamic data masking, basic auditing, and fine-grained auditing. One also gets features like user- defined roles and contained databases.
  • It allows one to install Machine Learning services with both Python and R language.
  • It allows you to scale your applications across Server editions as you grow – without modifying application code.
  • It’s completely supported by Microsoft, including updates and patches from time to time.

Limitations:

  • SQL Server Express can be installed on a server with many CPUs. But, it can use only one CPU at a time.
  • 4GB database size limit was there for SQL2005/2008 but after 2008R2 it has been increased to up to 10GB for each database. The limit is applicable on database data files and not log files.
  • Can only use a maximum of 1410 MB memory per instance.
  • There’s no SQL Server Agent with the Express edition.
  • The performance analysis tool, Profiler, is not included with the SQL Server Express edition.
  • The functionality to create and attach a schedule to a job (Job Scheduler) is not available with the express edition.
  • Analysis and Integration Services are also not provided, but you can import or export the data with SQL Server Import and Export Wizard feature available with the SQL server express.

Microsoft SQL Server Web edition

Features:

  • You can centrally manage your business infrastructure with its SQL Management Studio and management packs.
  • Provides an added support for Windows PowerShell to automate various management tasks.
  • Has robust development tools integrated into Visual Studio to support next-generation enterprise, web, business intelligence, mobile applications and so on.
  • You get Distributed Replay feature that helps you assess the impact of future upgrades of server, hardware and operating system upgrades.
  • You get SQL Server Agent, which can be used for scheduling maintenance tasks like backups and monitoring their execution status.
  • You can optimize queries with DTA (Database Tuning Advisor).
  •   If you are a DB administrator, you can collect performance related data using in-build performance data collectors.
  • Provides strong support for content management.

Limitations:

  • Buffer pool extension is not available.
  • Analysis services are not there.
  • Not available to be purchased by the public. It is only for the web hosting providers through an SPLA (Service Provider License Agreement).

Important differences between MS SQL Server Express edition and Web edition 

  1. Cross box scale limits:
    Feature name Web edition Express edition
    Maximum memory utilized 64 GB 1410 MB
    Maximum compute capacity Limited to < 4 Sockets or 16 cores Limited to < 1 Socket or 4 cores
    Maximum relational database size 524 PB 10 GB
  2. Management tools:
    Feature name Web edition Express edition
    Distributed replay – Admin tool Yes No
    Distributed replay – Client Yes No
    Distributed replay – Controller Yes (1 Client) No
    SQL server agent Yes No
    Microsoft System Center Operations Manager Management Pack Yes No
  3. RDBMS Manageability:
    Feature name Web edition Express edition
    User instances No Yes
    Dedicated admin connection Yes Yes (with trace flag)
    Policy automation Yes No
    Performance data collector Yes No
    Standard performance reports Yes No
    PowerShell scripting support Yes Yes
    Direct query of indexed views Yes Yes
  4. Programmability:
    Feature name Web edition Express edition
    Full-text and semantic search Yes No
    Basic R & Python integration Yes No
    JSON Yes Yes
    Native XML support Yes Yes
    Specification of language in query Yes No
    Transact-SQL endpoints Yes No
  5. Reporting services:
    Feature name Web edition Express edition
    Supported catalog database Yes Yes
    Supported data source Yes Yes
    Role-based security Yes Yes (with advanced services)
    Export to Excel, PowerPoint, Word, PDF & images Yes Yes (with advanced services)
    Report server Yes Yes (with advanced services)
    Report designer Yes Yes (with advanced services)

Drive alternatives

Google Drive alternatives: Best picks

Google Drive alternatives: Best picks

Google Drive is free and convenient, but it doesn’t care about your privacy. It scans and analyzes your data and retains the right to do whatever it wants with it. However, there are secure cloud drives that protect your business contracts, budgets and personal journals. No one should be able to view your private files unless you want them to. To ensure that only you can access your files on a cloud storage service, use an alternative.

Contents

  • Why should you look for Google Drive alternatives?
    • Dropbox
    • Tresorit
    • pCloud
    • Box
    • Mega
    • Sync.com
    • SpiderOak One Backup

Why should you look for Google Drive alternatives?

It isn’t the best option for people who care about their privacy and here’s why:

1. Google scans and analyzes your data

Google admits to scanning all the documents you upload on your Drive. Any information collected about you is used to create your ‘user profile’ and show you personalised Google search results or Google ads. Some files you store on Google Drive might be very personal. Would you like such sensitive information to influence what’s served to you online and be made public?

The company says that it scans and analyzes your files to improve their services and provide you with “personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection.” However, it appears that Google bots that crawl your documentshave been trained to look for ‘objectionable’ content and then delete it without further explanation. What if a project you’ve been working on for months is suddenly irretrievably deleted?

Although Google encrypts your files, they are still not completely private. In their privacy statement, they admit that your documents could be accessed by Google in special circumstances, for example, if required by law enforcement agencies.

2. Google can manipulate your documents

Google’s privacy agreement also states that they have a worldwide license to “use, host, store, reproduce, modify, create derivative works […], communicate, publish, publicly perform, publicly display and distribute” your documents uploaded on Google Drive.

They also state that, by using Google services, you agree to share your data with unspecified third parties that “Google works with.” Such vague statements leave a lot of freedom for interpretation and show that what’s stored on Google Drive is essentially Google’s property.

RELATED ARTICLES

The best Gmail alternatives that you can really trustIn Depth · 7 min read
The complete guide to deleting your Google historyHow-To · 4 min read

3. You have little control over files you shared with others

Google allows you to quickly give viewing, editing or commenting permissions to your friends and colleagues. However, that presents even more privacy risks because these documents lack some basic security measures. It’s difficult to track what happens with your shared documents as anyone with editing permissions can easily share the document with anyone else.

You can amend sharing permissions by going to advanced settings. However, you won’t be notified if someone has shared your document, so you will have to keep an eye on who currently has access to it. What’s even worse is that if you make your documents public, anyone will be able to find them by simply using Google search.

4. Google Drive is more vulnerable than other cloud service providers

Google Drive is linked to your Gmail account, which means that if you forget to sign out of your account on a public computer or your account gets hacked, your Google Drive will be easily accessible too. There’s a saying that applies – don’t put all of your eggs in one basket.

There are so many Google Drive users that they’ve become targets for social engineering attacks. Phishing emails can masquerade as Google Drive or Gmail notifications and trick people into giving out their login details. If you care about your data, it’s time to choose a privacy-oriented cloud storage provider.

All apps featured in this post offer end-to-end encryption, but not all of them have zero-knowledge policies. When companies without zero-knowledge policies encrypt your files, they still hold the decryption keys and can read your files. Those with zero-knowledge policies cannot decrypt your documents as you’re the only one who has the key. If you lose it, your files will be lost too.

Dropbox

(Android, iOS, macOs, Windows, and even Linux)

google-drive-alternatives-dropbox

Dropbox, the pioneer of cloud storage, invented block-level file transfer algorithms, which are now widely used by other cloud storage apps. With Dropbox, you can have a local folder on your computer, which automatically syncs all your files to the cloud, or you can simply use it online. The first time you upload something, it will transfer the whole file, but later, only the edits will be synced.

Dropbox is a great competitor to Google Drive. It’s easy to use, encrypts your data in transit and at rest, and offers two-factor authentication. It also has much stricter rules on who can share and edit your documents. However, only Dropbox Professional or Business customers can use extra features like link sharing, manual sharing permission changes, or remote file wiping. It’s also good to know that Dropbox runs on open-source software, meaning that anyone can look for vulnerabilities in its code.

However, there are still a few things Dropbox could work on:

  • Teams that use Dropbox for business can all see, edit and share each other’s documents. Great for collaboration but not so great for privacy.
  • Dropbox claims that they take their security seriously and they would never snoop on your files, unless, of course, required by law enforcement agencies.
  • They don’t scan any uploaded documents for viruses or malware, meaning that any other devices linked to your account could be infected if you open a malicious file. However, this also probably means that your files won’t be scanned by bots and will remain private.

Tresorit

(Windows, macOS, Linux, Android, and iOS)

google-drive-alternatives-tresorit

Tresorit is probably one of the safest and most private cloud drive service providers on the market. Its main features are its military-grade encryption and public key cryptography. This means that your files are encrypted before they leave the device and no one, not even Tresorit employees, can read the data stored on their servers. Tresorit trusts their encryption so much that it has offered $50,000 to anyone able to break it. According to them, more than 1,000 hackers, including people from MIT, Stanford, and Harvard, have tried and failed.

Tresorit’s file sharing security measures are significant. You can share files as you would on Google Drive, but it’s much harder for someone else to transfer the ownership of your data. When you share a link to a file on Tresorit’s server, a secret key is generated for that person exclusively. You can also check when and who downloaded the file you shared. If you’re worried that the file might have leaked to someone else, you can immediately revoke access.

Tresorit’s data centers are based in Europe, and the company falls under Swiss jurisdiction, so they have to comply with GDPR rules and regulations. This makes less likely that anything will be done with your data without your consent.

pCloud

(Android, iOS, Windows, macOS, and Linux)

google-drive-alternatives-pcloud

If Tresorit focuses more on businesses, then pCloud is the perfect alternative for individuals. It offers an easy to use software with encryption as strong as Tresorit’s. Unfortunately, the encryption service, called pCloud Crypto, is hidden behind a paywall. The app providers trust that it’s unbreakable and have offered $100,000 to anyone who manages to decrypt it. They even have a count of how many people have tried it so far – as of now, almost 3,000 hackers have tried and failed.

They are also serious when they say they care about your privacy. They have a zero-knowledge-protection policy, which means your files are encrypted before they leave your device. No one except you will ever be able to decrypt them.

If you need to share files with your team members or clients, you might want to consider pCloud Business. It will allow you to set up folders that you can share with your colleagues. The whole team can have the same editing permissions, or you can set them individually. It’s great for collaboration too, as it lets team members view a detailed log of edits and comment on shared files. If needed, you can even restore previous sessions for up to 180 days.

Another interesting thing about pCloud is that it’s the only provider that offers a one-off lifetime subscription. Unfortunately, if you wish to use pCloud Crypto, you will still have to pay extra on a monthly or yearly basis.

Box

(Android, iOS, Windows, and macOS)

google-drive-alternatives-Box

The Box is an excellent alternative for businesses and small teams. It offers a secure storage platform, lets you choose where your data will be stored, and gives you a plethora of collaboration tools.

With Box, you can create files that will instantly be shared with your teammates. They can then edit and comment on your documents in real time. The Box is probably one of the most integrated apps on this list, too. With over 1,000 leading software providers like Office 365, Salesforce and Adobe Sign, your teammates will be able to edit documents without leaving the platform. It also gives you detailed version tracking so you can see every sync and change ever made.

If you wish to share a file externally, you can do so by sending a link or creating a custom URL. As such links can still raise security concerns, Box allows you to set passwords on shared files too. If you accidentally send it to the wrong person, change their permission settings or simply revoke access.

What makes Box really stand out from its competitors is the use of machine learning. It makes workflows a breeze – tasks assignment, deadline setting and progress tracking – all can be done in Box. It will even help you automate tasks, direct them to the right people and generate new contracts. However, this feature raises some privacy concern. The company doesn’t identify how the software collects and analyzes this information.

Mega

(Android, iOS, Windows, macOS, and Linux)

google-drive-alternatives-Mega

Mega is probably the best option if you are looking for a free and secure service with a lot of storage. It encrypts your data in transit and at rest, offers collaboration tools and lets you share your files. It’s also the only cloud storage service that offers you a generous 50GB completely free. You can add even more storage if you invite your friends or download their mobile app. However, Mega has some limitations:

  • Collaboration tools are great as they let you see edits in real time, but they are nowhere near as advanced as Box’s.
  • You can share files by sending a link, but it doesn’t have any extra security features like password protection.
  • It has a bandwidth limitation of 10GB, which refreshes every 30 min. This might be bothersome for those who want to transfer huge amounts of data. Other providers offer unlimited bandwidth.

Even though Mega’s headquarters are in New Zealand, the company complies with GDPR rules. It’s also great that Mega was built on public source code, so anyone can have a peak and look for its vulnerabilities.

Sync.com

(Android, iOS, Windows, and macOS)

google-drive-alternatives-Sync.com

If you are looking for functionality similar to Dropbox, highly secure encryption like Tresorit, and a lot of storage, Sync.com is your best bet. This cloud storage provider places a folder in your device and uploads any documents you add to it to the cloud. All your files can then be synced over multiple devices. It also offers end-to-end encryption and zero-knowledge policy, so no one, not even Sync employees, will be able to see your files. You can store up to 2TB of data for only $8 a month.

You can also share files and entire folders with others and protect them with passwords. You can decide on the level of access you want to give them, set permission expiry dates, or simply revoke them at any time. Sync.com also allows you to remotely disconnect your devices in case they’ve been lost or stolen.

SpiderOak One Backup

(Android, iOS, Windows, macOS, and Linux)

google-drive-alternatives-SpiderOak

SpiderOak is yet another product that offers strong end-to-end encryption and a zero-knowledge policy. So any documents backed up on SpiderOak servers will not be seen by its employees or anyone trying to intercept it. (Though be aware that this cloud storage provider is based in the US and doesn’t comply with GDPR rules as its European counterparts.)

Unfortunately, strong encryption might be the only significant feature SpiderOak has to offer. Its interface is harder to use than Google Drive or Dropbox, and it doesn’t have team collaboration embedded in the app. Instead, SpiderOak designed two more, completely separate products – SpiderOak Share and SpiderOak Semaphor messaging. The former provides encrypted document sharing and collaboration while the later is a secure messaging app. It’s surprising that they opted for such a solution as other providers have all these features integrated into one platform.

 

References

  • https://nordvpn.com/blog/google-drive-alternatives/

 

CRC32 & CRC64 and other checksum methods

What is CRC-64?

cyclic redundancy check (CRC) is an error-detecting code used to detect data corruption. When sending data, short checksum is generated based on data content and sent along with data. When receiving data, checksum is generated again and compared with sent checksum. If the two are equal, then there is no data corruption. The CRC-64 algorithm itself converts a variable-length string into an 16-character string.

 


 


 

 

File : PDF : Click :  Cyclic-Redundancy-Code-CRC-Polynomial-Selection-For-Embedded-Networks_koopman04_crc_poly_embedded

File : sha1_comparison_Which_is-a-more-accurate-method-of-duplicate-file-detection_ SHA1 or CRC32_ – Quora

File:CRC Data Sets Tests : PDF-DOWNLOAD_kutayzorlu.com_18.2_million_dataset_CRC-64_test_Program_source

File : Amazon Red Shift :  Pdf Download : kutayzorlu.com_amazon_red_redshift-dg

 

SHA1- JAVA checksum verify

SHA1- TEXT String

SHA1 – File – JAVA

 

 

 

References

  • https://crc64.online/
  • http://www.unit-conversion.info/texttools/crc/
  • https://www.nitrxgen.net/hashgen/
  • http://www.sha1-online.com/
  • https://toolslick.com/programming/hashing/crc-calculator#
  • https://en.wikipedia.org/wiki/Cyclic_redundancy_check
  • https://searchcode.com/codesearch/view/22078345/
  • https://jar-download.com/artifacts/com.github.tonivade/claudb/1.0.2/source-code/com/github/tonivade/claudb/persistence/CRC64.java
  • https://stackoverflow.com/questions/2321676/data-length-vs-crc-length
  • https://stackoverflow.com/questions/20562546/how-to-get-crc64-distributed-calculation-use-its-linearity-property
  • http://www.sha1-online.com/sha1-java/

 

Docker – Mssql – Server : Environment Variables

Environment Variables

You can use environment variables to configure SQL Server on Linux Containers.

ACCEPT_EULA confirms your acceptance of the End-User Licensing Agreement.

SA_PASSWORD is the database system administrator (userid = ‘sa’) password used to connect to SQL Server once the container is running. Important note: This password needs to include at least 8 characters of at least three of these four categories: uppercase letters, lowercase letters, numbers and non-alphanumeric symbols.

MSSQL_PID is the Product ID (PID) or Edition that the container will run with. Acceptable values:

  • Developer : This will run the container using the Developer Edition (this is the default if no MSSQL_PID environment variable is supplied)
  • Express : This will run the container using the Express Edition
  • Standard : This will run the container using the Standard Edition
  • Enterprise : This will run the container using the Enterprise Edition
  • EnterpriseCore : This will run the container using the Enterprise Edition Core : This will run the container with the edition that is associated with the PID

 

For a complete list of environment variables that can be used, refer to the documentation here.

 

Download PDF: This Post as PDF  and More (Configure SQL Server settings with environment variables – SQL Server _ Microsoft Docs)

 

Hacking ECDSA based Digital Signature Algorithm

  • ECDSA is newer and is based on DSA. It has the same weaknesses as DSA, but it is generally thought to be more secure, even at smaller key sizes. It uses the NIST curves (P256).
  • RSA is well-regarded and supported everywhere. It is considered quite secure. Common key sizes go up to 4096 bits and as low as 1024. The key size is adjustable. You should choose RSA.
  • DSA is not in common use anymore, as poor randomness when generating a signature can leak the private key. In the past, it was guaranteed to work everywhere as per RFC 4251, but this is no longer the case. DSA has been standardized as being only 1024 bits (in FIPS 186-2, though FIPS 186-3 has increased that limit). OpenSSH 7.0 and newer actually disable this algorithm.
  • Ed25519, while not one you listed, is available on newer OpenSSH installations. It is similar to ECDSA but uses a superior curve, and it does not have the same weaknesses when weak RNGs are used as DSA/ECDSA. It is generally considered to be the strongest mathematically.

The video contains very nice example.