Facebook and Airbnb login bug, now you are someone else

Well, everyone nowadays is running around trying to spot and fix bugs for money and I just stumble upon someone else's information for free.

This is an unexpected Christmas gift given it happened close to this huge fail from VISA, which makes it possible to guess full credit card details in a frighteningly fast amount of time. So read that article first, and then image what could someone do if they had all your personal info, including partial credit card data.


[Oracle] Initialise DB statistics to improve performance

A couple days ago we were analysing a customer issue concerning DB performance on simple and already optimised queries (indexes + hints).

Somehow, the customer had bad performance even after calculating statistics for tables and indexes. Turns out that everything was good except for the fact that Oracle can't imagine future statistics without some help; if a table is only filled after some time that the applications run, it is important to gather statistics again after the first initialisation.

It is also possible however to provide fake statistics immediately after the objects are created or modified so that the DB already has an idea of how the objects will look like and choose different query execution plans than the ones it would use for freshly created objects.

That's what the DBMS_STATS package and its EXPORT__STATS and IMPORT__STATS procedures are for.

[Oracle] List uploaded Java resources

After extending functionality on an Oracle DB with Java resources, it is possible to list the available ones and their status with a query on the user_objects table:

  (    object_name NOT LIKE 'SYS_%' 
   AND object_name NOT LIKE 'CREATE$%' 
   AND object_name NOT LIKE 'JAVA$%' 
   AND object_name NOT LIKE 'LOADLOB%'
AND object_type LIKE 'JAVA%'