SQL Server 2016 heads for release, but Linux version is still under wraps

Linux version of SQL Server 2016 still under wraps

SQL Server 2016, Microsoft’s newest database software, is set to become available on June 1 along with a no-cost, developers-only version.

With its new features and revised product editions, Microsoft is determined to expand SQL Server appeal to the largest possible number of customers running in a range of environments. But there’s still no word on the promised SQL Server for Linux, a version of the popular database that Microsoft is hoping will open SQL Server to an entirely new audience.

A broader SQL Server market awaits

Much of what’s new in SQL Server 2016 is aimed at roughly two classes of users: those doing their data collection and storage in the cloud (or moving to the cloud) and those doing analytics work that benefits from being performed in-memory. Features like Stretch Database will appeal to the former, as SQL Server tables can be expanded incrementally into Microsoft Azure — a more appealing option than a disruptive all-or-nothing migration.

Big data features include expanded capabilities for the Hekaton in-memory functions introduced in SQL Server 2014, plus in-memory columnstore functions for real-time analytics. And SQL Server’s close integration with the R language tools that Microsoft recently acquired opens up the database to a range of new applications from a thriving software ecosystem.

The forthcoming Linux version of SQL Server, though, is how Microsoft really plans to expand to an untapped market. And not just Linux users, but a specific kind of Linux user: those who use Oracle on Linux but are tired of Oracle’s unpredictable licensing. Oracle has been trying to change its tune, but there’s a lot to be said for being able to run SQL Server without also needing to run Windows.

Which versions and when?

Two big questions still remain about SQL Server for Linux. The first is when will it see the light of day; Microsoft hasn’t provided a timeframe yet. (A Microsoft spokesperson could provide no new comment.)

The second is what its pricing and SKUs will look like; will the feature set match what’s available on Windows or will it be a stripped-down version? Microsoft has versions of SQL Server to match most any workload or budget, from the free-to-use Express edition to the full-blown Enterprise variety.

With SQL Server 2014 — and now with 2016 as well — the company introduced a free-to-use developer version of the Enterprise SKU intended solely for dev and testing work. It’s unclear whether SQL Server on Linux will also include a developer version or only include editions specifically for commercial use.

Whatever happens with SQL Server on Linux, Microsoft’s already making aggressive efforts to woo Oracle users into its camp. The company has a limited-time Oracle-to-SQL-Server migration offer, where Microsoft Software Assurance customers can swap Oracle licenses for SQL Server licenses at no cost. It’ll be intriguing if a similar offer pops up again after Microsoft releases SQL Server for Linux.

 

 
[Source:- Infoworld]

Apache Spark powers live SQL analytics in SnappyData

Apache Spark powers live SQL analytics in SnappyData

The team behind Pivotal’s GemFire in-memory transactional data store recently unveiled a new database solution powered by GemFire and Apache Spark, called SnappyData.

SnappyData is another recent example of Spark employed as a component in a larger database solution, with or without other pieces from Apache Hadoop.

Snap and spark

SnappyData — the name of both the new database and the organization producing it — was built to span two worlds. It uses the Apache Spark in-memory data-analytics engine so that it can perform live SQL analytics on both static data sets and streams. Queries against SnappyData can be written as conventional SQL or as Spark abstractions, so existing work done in both paradigms can be reused, alone or together, on the same data.

To store and retrieve the data, SnappyData has a distributed data store called Snappy-Store, derived from a variant of Pivotal’s GemFire technology. It works as either its own data store or as a sort of asynchronous write-back cache to other data sources, such as Hadoop/HDFS. This implies that existing data sets could be accessed through SnappyData without having to be formally migrated.

SnappyData also tries to offer novel solutions to problems that can arise when using streaming data. For instance, if there’s too much data coming through to get a real-time response to a query in a timely fashion, SnappyData uses approximate query processing (AQP) or a method of sampling streaming data to generate an answer.

The results are less exact than operating on the entire data set, and AQP isn’t available for every kind of query. That said, AQP queries are intended to be faster to run and are less demanding of CPU and memory than working on the full data set.

One among many

This isn’t the first time Spark has been used at the heart of a data analysis solution that covers both OLTP and OLAP workloads. In-memory database system Splice Machine was originally built on top of Hadoop components and leveraged them to scale out and be able to run both OLTP and OLAP jobs under the same hood. Version 2.0 of that product added Spark as an OLAP processing engine.

Where SnappyData diverges from Splice Machine, though, is in how Spark is used. SnappyData claims it’s extending Spark Streaming in various manners, such as allowing streams to be manipulated and queried as though they were tables, including operations like joins.

SnappyData also seems like a good environment to leverage changes that are slated for Apache Spark in the near term. For instance, Spark 2.0, scheduled to come out later this year, will heavily rework how Spark handles memory management and introduce changes to its streaming system that make it easier to pull down streaming data.

 
[Source:- Infoworld]

 

Go 1.8 goes for efficiency and convenience

Go 1.8 goes for efficiency and convenience

Go 1.8, the next version of Google’s open source language, is moving toward general availability, with a release candidate featuring improvements in compilation and HTTP. The final Version 1.8 is due in February.

According to draft notes, the release candidate features updates to the compiler back end for more efficient code. The back end, initially developed for Go 1.7 for 64-bit x86 systems, is based on static single assignment (SSA) form to generate more efficient code and to serve as a platform for optimizations like bounds check elimination. It now works on all architectures.

“The new back end reduces the CPU time required by our benchmark programs by 20 to 30 percent on 32-bit ARM systems,” the release notes say. “For 64-bit x86 systems, which already used the SSA back end in Go 1.7, the gains are a more modest 0 to 10 percent. Other architectures will likely see improvements closer to the 32-bit ARM numbers.”

Version 1.8 also introduces a new compiler front end as a foundation for future performance enhancements, and it features shorter garbage collection pauses by eliminating “stop the world” stack rescanning.

The release notes also cite HTTP2 Push support, in which the net/http package can send HTTP/2 server pushes from a handler, which responds to an HTTP request. Additionally, HTTP server shutdown can be enabled in a “graceful” fashion via a Server.Shutdown method and abruptly using a Server.Close method.

Version 1.8 adds support for the Mips 32-bit architecture on Linux and offers more context support for packages like Server.Shutdown, database/sql, and .net.resolver. Go’s sort package adds a convenience function, Slice, to sort a slice given a less function. “In many cases this means that writing a new sorter type is not necessary.” Runtime and tools in Go 1.8 support profiling of contended mutexes, which provide a mutual exclusion lock.

Most of the upgrade’s changes are in the implementation of the toolchain, runtime, and libraries. “There are two minor changes to the language specification,” the release notes state. “As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before.” Language changes include conversion of a value from one type to another, with Go tags now ignored. Also, the language specification now only requires that implementations support up to 16-bit exponents in floating-point constants.

 

 

[Source:- JW]

Microsoft’s latest Windows update breaks multi-monitor gaming

SeriousSam

We’ve been talking about the problem of forced non-security updates since Windows 10 launched, so I won’t belabor the point again here. Instead, I’d like to point out that the issue here isn’t even just a question of forcing an update — it’s about forcing updates that break existing system configurations. If you’ve used Microsoft Windows for any length of time, you’re aware that the OS has its own built-in mechanisms for determining which software and hardware are already installed in your machine. Try to install a Windows Update that’s already been installed, and the computer informs you of that fact. Try to install an application, and you get a similar message. If you try to install old graphics drivers on top of newer drivers and you’ll get an error message. Windows is required to know how many displays you have connected to it, or it wouldn’t be able to offer color profile management or an appropriately scaled desktop. Similarly, the OS has to remember which windows belong on which screens to display information appropriately and it has information on what kind of GPU is installed.

There is, in other words, no reason why Microsoft should be pushing this update as mandatory for people who game on multiple displays. In fact, given the company’s 18-month fetish for telemetry collection, there’s no reason why Redmond couldn’t notifygamers that they may not be able to play certain titles without using workarounds to do so. This hits one of the most annoying points of these so-called “service” models — despite calling it a “service,” the service doesn’t actually serve the end customer. If Microsoft wanted to get end-users onboard with its telemetry collection, it could start by using that data in ways that actually improve their customer experience.

But since Microsoft doesn’t do that, if you’re a widescreen gamer, your choices are to disable Windows Update altogether or to hope this update doesn’t impact any titles you like playing in that configuration. There aren’t many people playing games on more than one monitor, to be sure, but this kind of regression is why people don’t like mandatory updates in the first place. We’ve seen some signs of late that MS is bending a bit on this issue by giving people the ability to defer updates by 35 days once the Creators Update (Redstone 2) drops later this year. Hopefully that’s just the first step back towards a more sane update policy.

 

[Source:- Extremetech]

 

Microsoft SQL Server 2016 finally gets a release date

Microsoft SQL Server 2016 finally gets a release date

Database fans, start your clocks: Microsoft announced Monday that its new version of SQL Server will be out of beta and ready for commercial release on June 1.

The news means that companies waiting to pick up SQL Server 2016 until its general availability can start planning their adoption.

SQL Server 2016 comes with a suite of new features over its predecessor, including a new Stretch Database function that allows users to store some of their data in a database on-premises and send infrequently used  data to Microsoft’s Azure cloud. An application connected to a database using that feature can still see all the data from different sources, though.

Another marquee feature is the new Always Encrypted function, which makes it possible for users to encrypt data at the column level both at rest and in memory. That’s still only scratching the surface of the software, which also supports creating mobile business intelligence dashboards and new functionality for big data applications.

SQL Server 2016 will come in four editions: Enterprise, Standard, Developer and Express. The latter two will be available for free, similar to what Microsoft offered with SQL Server 2014.

In addition to its on-premises release, Microsoft will also have a virtual machine available on June 1 through its Azure cloud platform that will make it easy for companies to deploy SQL Server 2016 in the cloud.

Many of the new features in SQL Server 2016 like Always Encrypted and Stretch Database are already available in Microsoft’s Azure SQL Database managed service, but the virtual machine will be useful for companies that prefer to manage their own database infrastructure or that plan to roll out SQL Server 2016 on premises and want to test it in the cloud.

All of this comes a few months after Microsoft shocked the world by announcing that it would also release SQL Server on Linux in the future. That’s a powerful sign of Microsoft’s strategy of making its tools available to users on a wide variety of platforms, even those that the company doesn’t control.

 

 

[Source:- Infoworld]

The Nintendo Switch will need its smartphone app for online matchmaking

The Nintendo Switch companion app is fast turning into a pretty essential part of the Switch.

As well as the previously announced news that you’ll need to use the app in order to enable voice-chat on the console, in a recent interview Nintendo of America’s President Reggie Fils-Aime suggested that the app would be used for a lot more besides voice chat.

In fact, the app’s functionality actually goes as far as enabling matchmaking and allowing you to create lobbies, suggesting that your online options are going to be pretty slim without your smartphone.

Smart (phone) justifications

Fils-Aime justified the decision to rely on the app for voice chat by saying that most people will have a headset that connects to their phone on them at all times.

As such using the phone for voice chat makes sense, as it means you don’t have to carry around an extra Switch-specific headset.

But while these justifications make a certain amount of sense for using the console while on the go, the same can’t be said for docked play, where people are used to having a dedicated headset and a console that can handle everything without needing accessories.

Fils-Aime’s use of the word ‘hotspot’ also suggests that Nintendo expects people to tether their console to their phone to get online while on the go, which might prove challenging for anyone with a limited amount of data.

It’s beginning to feel as though in its quest to make a hybrid console, the Nintendo Switch is fast becoming a device that has limitations in both form-factors.

We’ve contacted Nintendo to ask for clarification on what exactly the mobile app will enable, and what form of online play will be possible without the app.

 

[Source:- Techrader]

 

 

Now we know what Microsoft’s upcoming ‘Game Mode’ for Windows 10 will do

Windows 10 Game Mode

A few weeks ago, sharp-eyed users spotted something new in a Windows 10 Insider Preview build — reference to a new “Game Mode.” Discussions on what the feature might do, or how it could improve performance, have made the rounds since. But a new investigation suggests the new feature won’t make much difference for the vast majority of Windows 10 gamers.

PCGamesN has details on the latest Insider Preview build (15007) and what it exposes in the OS. While Game Mode can’t be enabled yet, you can read the description of what it’s going to do. Basically, it performs some low-level services tailoring to make the system work smarter when you’re actively using Microsoft’s GameDVR function.

This is more-or-less as expected, and fairly worthless in any case. Both Nvidia and AMD have shipped software solutions with their own, low-level DVR capture capability, with a minimum impact on their own hardware. Microsoft’s decision to bake in its own solution is probably a boon to Intel gamers or to people who aren’t aware of Radeon ReLive or Nvidia ShadowPlay, but it’s not much benefit to anyone else. If you want to get back the performance improvement of Game Mode before Microsoft ships the feature, you can disable the DVR altogether using these instructions.

As for the amount of performance you’ll get back by making these changes, it’s unlikely you’d ever notice. Heck, it’s not even likely that you’d notice if you benchmarked the game. Barring an unusual situation, DVR recording and other background Windows services are meant to run in the background, where they’re unlikely to consume resources or cause issues. Part of the reason why this simply doesn’t matter on modern hardware is because Windows’ hardware specifications have only changed slightly since the introduction of Windows Vista in 2006. (The idea of running Vista on hardware from 1995 would’ve been beyond hilarious, but you can run Windows 10 on equipment sold 11 years ago, if you have to). Microsoft hasn’t done much moving of the goalposts, and later versions of Windows are generally viewed as improvements to Vista, as far as running on low-end hardware.

Don’t get us wrong — if Microsoft is enabling this feature because it has data suggesting that its DVR software doesn’t play nice with specific titles, that’s a fine thing. But we’d prefer the company just say that, as opposed to pushing the idea of a Game Mode that’s going to make most titles run faster. If you’re trying to play modern games on a computer that was cutting-edge in 2008 and hasn’t been upgraded since, DVR support is the least of your worries. If that doesn’t describe you, then these optimizations aren’t likely to matter.

What we would like to see, if Microsoft is taking notes, is a Game Mode that prevented Windows Update from rebooting the computer while resource-intensive applications or games are running. If you’ve ever had a Windows 10 system suddenly decide it’s time for a reboot in the middle of a game or benchmark run (and I’ve seen multiple testbeds pull this trick with zero warning), you know how infuriating it can be. Fix that problem, and you’ve got a Game Mode worth deploying.

[Source:- Extremetech]

Oracle to Java devs: Stop signing JAR files with MD5

Oracle to Java devs: Stop signing JAR files with MD5

Starting in April, Oracle will treat JAR files signed with the MD5 hashing algorithm as if they were unsigned, which means modern releases of the Java Runtime Environment (JRE) will block those JAR files from running. The shift is long overdue, as MD5’s security weaknesses are well-known, and more secure algorithms should be used for code signing instead.

“Starting with the April Critical Patch Update releases, planned for April 18, 2017, all JRE versions will treat JARs signed with MD5 as unsigned,” Oracle wrote on its Java download page.

Code-signing JAR files bundled with Java libraries and applets is a basic security practice as it lets users know who actually wrote the code, and it has not been altered or corrupted since it was written. In recent years, Oracle has been beefing up Java’s security model to better protect systems from external exploits and to allow only signed code to execute certain types of operations. An application without a valid certificate is potentially unsafe.

Newer versions of Java now require all JAR files to be signed with a valid code-signing key, and starting with Java 7 Update 51, unsigned or self-signed applications are blocked from running.

Code signing is an important part of Java’s security architecture, but the MD5 hash weakens the very protections code signing is supposed to provide. Dating back to 1992, MD5 is used for one-way hashing: taking an input and generating a unique cryptographic representation that can be treated as an identifying signature. No two inputs should result in the same hash, but since 2005, security researchers have repeatedly demonstrated that the file could be modified and still have the same hash in collisions attacks. While MD5 is no longer used for TLS/SSL—Microsoft deprecated MD5 for TLS in 2014—it remains prevalent in other security areas despite its weaknesses.

With Oracle’s change, “affected MD-5 signed JAR files will no longer be considered trusted [by the Oracle JRE] and will not be able to run by default, such as in the case of Java applets, or Java Web Start applications,” Erik Costlow, an Oracle product manager with the Java Platform Group, wrote back in October.

Developers need to verify that their JAR files have not been signed using MD5, and if it has, re-sign affected files with a more modern algorithm. Administrators need to check with vendors to ensure the files are not MD5-signed. If the files are still running MD5 at the time of the switchover, users will see an error message that the application could not go. Oracle has already informed vendors and source licensees of the change, Costlow said.

In cases where the vendor is defunct or unwilling to re-sign the application, administrators can disable the process that checks for signed applications (which has serious security implications), set up custom Deployment Rule Setsfor the application’s location, or maintain an Exception Site List, Costlow wrote.

There was plenty of warning. Oracle stopped using MD5 with RSA algorithm as the default JAR signing option with Java SE6, which was released in 2006. The MD5 deprecation was originally announced as part of the October 2016 Critical Patch Update and was scheduled to take effect this month as part of the January CPU. To ensure developers and administrators were ready for the shift, the company has decided to delay the switch to the April Critical Patch Update, with Oracle Java SE 8u131 and corresponding releases of Oracle Java SE 7, Oracle Java SE 6, and Oracle JRockit R28.

“The CA Security Council applauds Oracle for its decision to treat MD5 as unsigned. MD5 has been deprecated for years, making the move away from MD5 a critical upgrade for Java users,” said Jeremy Rowley, executive vice president of emerging markets at Digicert and a member of the CA Security Council.

Deprecating MD5 has been a long time coming, but it isn’t enough. Oracle should also look at deprecating SHA-1, which has its own set of issues, and adopt SHA-2 for code signing. That course of action would be in line with the current migration, as major browsers have pledged to stop supporting websites using SHA-1 certificates. With most organizations already involved with the SHA-1 migration for TLS/SSL, it makes sense for them to also shift the rest of their certificate and key signing infrastructure to SHA-2.

The good news is that Oracle plans to disable SHA-1 in certificate chains anchored by roots included by default in Oracle’s JDK at the same time MD5 gets deprecated, according to the JRE and JDK Crypto Roadmap, which outlines technical instructions and information about ongoing cryptographic work for Oracle JRE and Oracle JDK. The minimum key length for Diffie-Hellman will also be increased to 1,024 bits later in 2017.

The road map also claims Oracle recently added support for the SHA224withDSA and SHA256withDSA signature algorithms to Java 7, and disabled Elliptic Curve (EC) for keys of less than 256 bits for SSL/TLS for Java 6, 7, and 8.

 

 

[Source:- JW]

CrateDB packs NoSQL flexibility, SQL familiarity

CrateDB packs NoSQL flexibility, SQL familiarity

CrateDB, an open source, clustered database designed for missions like fast text search and analytics, released its first full 1.0 version last week after three years in development.

It’s built upon several existing open source technologies — Elasticsearch and Lucene, for instance — but no direct knowledge of them is needed to deploy it, as CrateDB offers more than a repackaging of those products.

The database caught the attention of InfoWorld’s Peter Wayner back in 2015 because it promised “a search engine like [Apache] Lucene [and ‘its larger, scalable, and distributed cousin Elasticsearch’], but with the structure and querying ease of SQL.”

The idea is to provide more than a full-text search system. CrateDB’s use cases include big data analytics and scalable aggregations across large data sets. It allows querying via standard ANSI SQL, but it uses a distributed, horizontally scalable architecture, so that any number of nodes can be spun up and run side by side with minimal work.

CrateDB gets two major advantages from the NoSQL side. One is support for unstructured data via JSON documents and BLOB storage, with JSON data queryable through SQL as well. Another is support for high-speed writing, to make the database a suitable target for high-speed data ingestion a la Hadoop.

But CrateDB’s biggest draw may be the setup process and the overall level of get-in-and-go usability. The only prerequisite is Java 8, or you can use Docker to run a provided container image. Nodes automatically discover each other as long as they’re on a network that supports multicast. The web UI can bootstrap a cluster with sample data (courtesy of Twitter), and the command-line shell uses conventional SQL syntax for inserting and querying data. Also included is support for PostgreSQL’s wire protocol, although any actual SQL commands sent through it need to adhere to CrateDB’s implementation of SQL.

CrateDB’s one of a flood of recent database products that all address specific issues that have sprung up: scalability, resiliency, mixing modalities (NoSQL vs. SQL, document vs. graph), high-speed writes, and so on. The philosophy behind such products generally runs like this: Existing solutions are too old, hidebound, or legacy-oriented to solve current and future problems, so we need a clean slate. The trick will be to see whether the benefits of the clean slate outweigh the difficulties of moving to it — hence, CrateDB’s emphasis on usability and quick starts.

 

[Source:- Infoworld]

 

Snapchat is now using the third-party ad targeting it once called ‘creepy’

Snapchat is now accessing its users’ offline purchase data to improve the targeting of its ads, despite its CEO having previously deemed this kind of advertising “creepy.”

Following in the footsteps of tech and social media giants such as Facebook, Twitter, and Google, Snap Inc has partnered with a third party offline data provider called Oracle Data Cloud according to the Wall Street Journal.

This partnership will allow Snapchat advertisers to access data about what users buy offline in order to more accurately target ads.

Snapchat gets specific

Now rather than seeing generally less invasive advertisements appear on Snapchat which have a broad consumer appeal, you’re more likely to see ads that make you think “how did they know?” as you’ll now be assigned a specific consumer demographic such as “consumer tech purchaser.”

This decision shows the company is taking its growth seriously as it’s a different approach CEO Evan Spiegel laid out in June 2015. Back then, Spiegel stated his distaste for such personalized advertising saying “I got an ad this morning for something I was thinking about buying yesterday, and it’s really annoying. We care about not being creepy. That’s something that’s really important to us.”

Now, however, Snap Inc has to do all it can to guarantee that its stock is worth buying when it goes public later this year. Such an advertising approach is a good way to do so because it should make Snapchat a more attractive option to advertisers as targeted adverts are more likely to earn more per view.

Fortunately, if this kind of advertising doesn’t sit well with you whether because you consider it invasive or because you’re just incredibly susceptible, Snapchat is giving its users the ability to opt out. It’s already started rolling out the changed adverts so you’ll be able to change it now.

To do so, simply go into the settings section within the Snapchat app, go to Manage Preferences, select Ad Preferences and switch off the Snap Audience Match function.

 

 

[Source:- Techrader]