PlanetMysql.ru — информация о СУБД MySQL

I’m in the process of getting the tests passing for the 0.03 release of NIST::NVD::Store::SQLite3 wherein our hero imports the CWE data and cross-indexes it with CVEs and CPEs.

Follow along and suggest some patches. I’m developing on Debian Wheezy, but I would very much like input from devs on other platforms.

http://git.colliertech.org/?p=NIST-NVD-Store-SQLite3.git;a=summary

cjac@foxtrot:/tmp$ time git clone http://git.colliertech.org/git/NIST-NVD-Store-SQLite3.git
Cloning into 'NIST-NVD-Store-SQLite3'...

real	0m32.757s
user	0m0.200s
sys	0m0.088s
cjac@foxtrot:/tmp$ ls NIST-NVD-Store-SQLite3/t/data/
cwec_v2.1.xml  nvdcve-2.0-test.xml

Publish your patches and I’ll fetch them, or you can submit them in udiff format and I’ll review/apply. Thanks for playing along!

[edit 20120216T1456 -0800]
Seems I need to update the NIST::NVD package as well.

cjac@foxtrot:/usr/src/git/f5/NIST-NVD-Store-SQLite3$ rm t/data/*.db *.db ; perl Makefile.PL ; make ; time perl -Iblib/lib /usr/src/git/f5/NIST-NVD-Store-SQLite3/blib/script/convert-nvdcve --nvd /usr/src/git/f5/NIST-NVD-Store-SQLite3/t/data/nvdcve-2.0-test.xml --cwe /usr/src/git/f5/NIST-NVD-Store-SQLite3/t/data/cwec_v2.1.xml --store SQLite3
rm: cannot remove `t/data/*.db': No such file or directory
Writing Makefile for NIST::NVD::Store::SQLite3
Writing MYMETA.yml and MYMETA.json
Skip blib/lib/NIST/NVD/Store/SQLite3.pm (unchanged)
cp bin/convert-nvdcve blib/script/convert-nvdcve
/usr/bin/perl -MExtUtils::MY -e 'MY->fixin(shift)' -- blib/script/convert-nvdcve
Manifying blib/man3/NIST::NVD::Store::SQLite3.3pm
using store [SQLite3]
reading NVDs from file: /usr/src/git/f5/NIST-NVD-Store-SQLite3/t/data/nvdcve-2.0-test.xml.......................................................................read 68 entries
Processing CWE file...vvvvvvvvvvvvvvvvvvvvvvvvvvvcccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwweeeeeeeeeDone.
Writing CPE URNs to disk...Done.
Writing NVD entries to disk....................................................................... Done.
Writing CPE index to disk...Done.
Writing CWE index to disk...Can't locate object method "put_idx_cwe" via package "NIST::NVD::Update" at /usr/src/git/f5/NIST-NVD-Store-SQLite3/blib/script/convert-nvdcve line 77.

real	0m13.072s
user	0m12.421s
sys	0m0.044s

$ time git clone http://git.colliertech.org/git/NIST-NVD.git
Cloning into 'NIST-NVD'...

real	0m2.921s
user	0m0.016s
sys	0m0.024s

PlanetMySQL Voting: Vote UP / Vote DOWN

There is a room dedicated to MySQL at FOSDEM 2012. (Thanks to @lefred for organizing).The CfP has received 37 submissions, but there will be time slots only for 12 to 15 talks. So now it's up to the community. If you want to attend a particular talk, you should vote for it.Like in previous years, the selection of the talks is public. You can see the list of the proposals, with the instructions, which I repeat here.You can vote either publicly, using Twitter, or privately, by sending an email. Each talk proposal will be referred by the number immediately after the title in this page. This number indicates the order in which the proposals were received. In public, you should send a tweet to @opensqlcamp, indicating a maximum of 12 talks that you would like to see, in the order you like them. e.g. "@opensqlcamp #FOSDEM2012 1,2,3,4,5,6,7,8,9,10,11,12 http://bit.ly/mysql_fosdem_2012" (adding the link will help others to find the page.In private, by email at mysqlfriends AT gmail DOT com, using the same method used for Twitter. Maximum 12 talks, in the order of your preference.In both cases, votes for your preferences will result in 1 point for each talk. In case of equal voting, we will assign 12 points to the first in the list, 11 to the second, and so on. We'll do the tally, and choose the most popular ones.Anonymous votes either by Twitter or email won't be counted. If you want your vote to count, make sure your twitter account has a recognized name (or known nick) on it. If your email address doesn't spell your name, please sign the message with your real one.DEADLINE: Your votes must be entered by January 8th, 2011.

PlanetMySQL Voting: Vote UP / Vote DOWN

When participating recently in a sprint held at Google to document four free software projects, I thought about what might have prompted Google to invest in this effort. Their willingness to provide a hotel, work space, and food for some thirty participants, along with staff support all week long, demonstrates their commitment to nurturing open source.

Google is one of several companies for which I'll coin the term "closed core." The code on which they build their business and make their money is secret. (And given the enormous infrastructure it takes to provide a search service, opening the source code wouldn't do much to stimulate competition, as I point out in a posting on O'Reilly's radar blog). But they depend on a huge range of free software, ranging from Linux running on their racks to numerous programming languages and libraries that they've drawn on to develop their services.

So Google contributes a lot back to the free software community. The release code for many non-essential functions. They promote the adoption of standards such as HTML 5. They have been among the first companies to offer APIs for important functions, including their popular Google Maps. They have opened the source code to Android (although its development remains under their control), which has been the determining factor in making Android devices compete with the arguably more highly-functioning iOS products. They even created a whole new programming language (Go) and are working on another.

Google is not the only "closed core" company (for instance, Facebook has also built their service around APIs and released their Cassandra project). Microsoft has a whole open source program, including some important contributions to health IT. Scads of other companies, such as IBM, Hewlett Packard, and VMware, have complex relationships to open source software that don't fit a simple "open core" or "closed core" model. But the closed core trend represents a fertile collaboration between communities and companies that have businesses in specific areas. The closed core model requires businesses to determine where their unique value lies and to be generous in offering the public extra code that supports their infrastructure but does not drive revenue.

This model may prove more robust and lasting than open core, which attracts companies occupying minor positions in their industries. The shining example of open core is MySQL, but its complex status, including a long history of dual licensing and simultaneous development by several organizations, make it a difficult model from which to draw lessons about the whole movement. In particular, Software as a Service redefines the relationships that the free software movement has traditionally defined between open and proprietary. Deploying and monitoring the core SaaS software creates large areas for potential innovation, as we saw with Cassandra, where a company can benefit from turning their code into a community project.

PlanetMySQL Voting: Vote UP / Vote DOWN

I will be a speaker at Percona Live - London 2011, and I am looking forward to the event, which is packed with great content. A whopping 40 session of MySQL content, plus 3 keynotes and 14 tutorials. It's enough to keep every MySQL enthusiast busy.Continuent speakers will be particularly busy, as between me and Robert Hodges, we will be on stage four times on Tuesday, October 25th. Robert, at 10:15am: Teaching an Old Dog New Tricks: Tungsten Enterprise Clusters for MySQL, Bishopsgate Suite Robert, at 1:30pm: MySQL Parallel Replication in 5 Minutes or Less, Newgate Suite me, at 2:30pm: MySQL Replication outside the box : multiple masters, fan-in, parallel apply, Ludgate Suite me, at 4:30pm: MySQL Sandbox: a framework for productive laziness,Ludgate Suite This event feels good from the beginning. There are plenty of participants, many names from all over the MySQL community, covering large and small companies, experienced speakers, well known names in the MySQL engineering arena, and a wealth of topics that will make me feel sorry for not being able to attend them all. It's the usual dilemma that attendees have at this kind of conferences. Not so much at Oracle Open World 2011, where there weren't that many MySQL sessions to choose from, although it was great for networking.

Our talks

Robert will open the dances with Teaching an Old Dog New Tricks: Tungsten Enterprise Clusters for MySQL, a talk about Tungsten Enterprise, my company's commercial product, which is a professional managing tool for demanding companies.Robert, again in the afternoon, with one of the most amazing features of our open source product, Tungsten Replicator: MySQL Parallel Replication in 5 Minutes or Less. This is a feature for large replication systems where the slave can't cope with large data streams, due to the singled-thread MySQL slave. This talk will show how easy is it to plug Tungsten Replicator to a lagging slave, start parallel replication until the lag has been zeroed, and then hand over the control to the native replication again.Then it will be my turn, with a general presentation about Tungsten Replicator, the open source product. I like the idea of calling it MySQL Replication outside the box : multiple masters, fan-in, parallel apply. The reasoning is that MySQL replication, although wildly successful in the web economy of the last decade, it is also constrained by several limits, which Tungsten, acting outside the boundaries, sets free. This will be a quick intro to Tungsten and its new user-friendly installation, with a few demos.Finally, a classic presentation with some new content, on MySQL Sandbox: a framework for productive laziness. The news is that MySQL Sandbox now supports Percona and MariaDB builds. Again, some demos will be shown, with old and new features mixed together.
PlanetMySQL Voting: Vote UP / Vote DOWN

I chatted today about VMware's Cloud Foundry with Roger Bodamer, the EVP of products and technology at 10Gen. 10Gen's MongoDB is one of three back-ends (along with MySQL and Redis) supported from the start by Cloud Foundry.

If I understand Cloud Foundry and VMware's declared "Open PaaS" strategy, it should fill a gap in services. Suppose you are a developer who wants to loosen the bonds between your programs and the hardware they run on, for the sake of flexibility, fast ramp-up, or cost savings. Your choices are:

• An IaaS (Infrastructure as a Service) product, which hands you an emulation of bare metal where you run an appliance (which you may need to build up yourself) combining an operating system, application, and related services such as DNS, firewall, and a database.

  You can implement IaaS on your own hardware using a virtualization solution such as VMware's products, Azure, Eucalyptus, or RPM. Alternatively, you can rent space on a service such as Amazon's EC2 or Rackspace.

• A PaaS (Platform as a Service) product, which operates at a much higher level. A vendor such as handles all the back-end services and just exposes an API to which you program.

By now, the popular APIs for IaaS have been satisfactorily emulated so that you can move your application fairly easily from one vendor to another. Some APIs, notably OpenStack, were designed explicitly to eliminate the friction of moving an app and increase the competition in the IaaS space.

Until now, the PaaS situation was much more closed. VMware claims to do for PaaS what Eucalyptus and OpenStack want to do for IaaS. Vmware has a conventional cloud service called Cloud Foundry, but will offer the code under an open source license. Right Scale has already announced that you can use it to run a Cloud Foundry application on EC2. And a large site could run Cloud Foundry on its own hardware, just as it runs VMware.

Cloud Foundry is aggressively open middleware, offering a flexible way to administer applications with a variety of options on the top and bottom. As mentioned already, you can interact with MongoDB, MySQL, or Redis as your storage. (However, you have to use the particular API offered by each back-end; there is no common Cloud Foundry interface that can be translated to the chosen back end.) You can use Spring, Rails, or Node.js as your programming environment.

So open source Cloud Foundry may prove to be a step toward more openness in the cloud arena, as many people call for and I analyzed in a series of articles last year. VMware will, if the gamble pays off, gain more customers by hedging against lock-in and will sell its tools to those who host PaaS on their own servers. The success of the effort will depend on the robustness of the solution, ease of management, and the rate of adoption by programmers and sites.

PlanetMySQL Voting: Vote UP / Vote DOWN

I chatted today about VMware's Cloud Foundry with Roger Bodamer, the EVP of products and technology at 10Gen. 10Gen's MongoDB is one of three back-ends (along with MySQL and Redis) supported from the start by Cloud Foundry.

If I understand Cloud Foundry and VMware's declared "Open PaaS" strategy, it should fill a gap in services. Suppose you are a developer who wants to loosen the bonds between your programs and the hardware they run on, for the sake of flexibility, fast ramp-up, or cost savings. Your choices are:

• An IaaS (Infrastructure as a Service) product, which hands you an emulation of bare metal where you run an appliance (which you may need to build up yourself) combining an operating system, application, and related services such as DNS, firewall, and a database.

  You can implement IaaS on your own hardware using a virtualization solution such as VMware's products, Azure, Eucalyptus, or RPM. Alternatively, you can rent space on a service such as Amazon's EC2 or Rackspace.

• A PaaS (Platform as a Service) product, which operates at a much higher level. A vendor such as handles all the back-end services and just exposes an API to which you program.

By now, the popular APIs for IaaS have been satisfactorily emulated so that you can move your application fairly easily from one vendor to another. Some APIs, notably OpenStack, were designed explicitly to eliminate the friction of moving an app and increase the competition in the IaaS space.

Until now, the PaaS situation was much more closed. VMware claims to do for PaaS what Eucalyptus and OpenStack want to do for IaaS. Vmware has a conventional cloud service called Cloud Foundry, but will offer the code under an open source license. Right Scale has already announced that you can use it to run a Cloud Foundry application on EC2. And a large site could run Cloud Foundry on its own hardware, just as it runs VMware.

Cloud Foundry is aggressively open middleware, offering a flexible way to administer applications with a variety of options on the top and bottom. As mentioned already, you can interact with MongoDB, MySQL, or Redis as your storage. (However, you have to use the particular API offered by each back-end; there is no common Cloud Foundry interface that can be translated to the chosen back end.) You can use Spring, Rails, or Node.js as your programming environment.

So open source Cloud Foundry may prove to be a step toward more openness in the cloud arena, as many people call for and I analyzed in a series of articles last year. VMware will, if the gamble pays off, gain more customers by hedging against lock-in and will sell its tools to those who host PaaS on their own servers. The success of the effort will depend on the robustness of the solution, ease of management, and the rate of adoption by programmers and sites.

PlanetMySQL Voting: Vote UP / Vote DOWN

The history and accomplishments attributed to VistA, the Veterans
Administration's core administrative software, mark it as one of the
most impressive software projects in history. Still, lots of smart
people in the health care field deprecate VistA and cast doubt that it
could ever be widely adopted. Having spent some time with people on
both sides, I'll look at their arguments in this blog, and then
summarize other talks I heard today at the href="http://www.oscon.com/oscon2010">Open Source Convention
health care track.

Yesterday, as href="http://radar.oreilly.com/2010/07/day-one-of-the-health-care-it.html">I
described in my previous blog, we heard an overview of trends in
health care and its open source side in particular. Two open source
free software projects offering electronic health records were
presented, Tolven and href="http://www.oemr.org/">openEMR. Today was VistA day, and
those who stayed all the way through were entertained by accolades of
increasing fervor from the heads of href="http://www.oscon.com/oscon2010/public/schedule/detail/15291">vxVistA,
href="http://www.oscon.com/oscon2010/public/schedule/detail/15255">Medsphere,
and href="http://www.oscon.com/oscon2010/public/schedule/detail/15255">ClearHealth. (Anyone
who claims that VistA is cumbersome and obsolete will have to explain
why it seems to back up so many successful companies.) In general, a
nice theme to see today was so many open source companies making a go
of it in the health care field.

VistA: historical anomaly or the future of electronic medical systems?

We started our exploration of VistA with a href="http://www.oscon.com/oscon2010/public/schedule/detail/15274p">stirring
overview by Phillip Longman, author of the popular paperback book,
Best Care Anywhere: Why VA Health Care is Better Than
Yours. The story of VistA's development is a true medical
thriller, with scenes ranging from sudden firings to actual fires
(arson). As several speakers stressed, the story is also about how the
doctors at the VA independently developed the key aspects of open
source development: programming by the users of the software, loose
coordination of independent coders, freedom to fork, and so on.

Longman is convinced that VistA could and should be the basis of
universal health records in the U.S., and rains down omens of doom on
the comprehensive health care bill if it drives physicians to buy
proprietary health record systems.

VistA is much more than an electronic health record system, and even
bigger than a medical system. It is really a constellation of hundreds
of applications, including food preparation, library administration,
policing, and more.

The two main objections to VistA are:

That it is clunky old code based on an obsolete language and database technology

As a project begun by amateurs, VistA probably contains some fearsome
passages. Furthermore, it is written in MUMPS (standardized by ANSI as
simply M), a language that dates from the time of LISP and
COBOL. Predating relational databases, MUMPS contains a hierarchical
database based on a B*-tree data structure.

Supporters of Vista argue that anything qualifying as "legacy code"
can just as well be called "stable." They can also answer each of
these criticisms:

• The code has been used heavily by the VA long enough to prove that
  it is extendable and maintainable.

• It is strangely hypocritical to hear VistA's use of MUMPS criticized
  by proprietary vendors when so any of them are equally dependent on
  that language. Indeed, the best-known vendors of proprietary health
  care software, including Epic and InterSystems, use MUMPS. Need I
  remind readers that we put a man on the moon using 1960s-style
  FORTRAN?

  It's interesting to learn, however, that ClearHealth is migrating
  parts of VistA away from MUMPS and does most of its coding in
  higher-level languages (and many modern programmers would hardly offer
  praise for the language chosen for ClearHealth's interface, PHP).

• Similarly, many current vendors use the Cache hierarchical
  database. Aspersions concerning pre-relational databases sound less
  damning nowadays in an age of burgeoning interest in various NoSQL
  projects. Still, Medsphere and the community-based href="http://www.worldvista.org/">WorldVistA project are
  creating a SPARQL interface and a mechanism for extracting data from
  VistA into a MySQL database.

That it works well only in the unique environment of the Veterans Administration

This critique seems to be easier to validate through experience. The
VA is a monolithic, self-contained environment reflected in VistA. For
instance, the critical task of ordering prescriptions in VistA depends
on the pharmacy also running VistA.

Commercial pharmacies could theoretically interact with VistA, but it
would require effort on the part of those companies, which in turn
would depend on VistA being adopted by a substantial customer base of
private hospitals.

Several successful deployments of VistA by U.S. hospitals, as well as
adoption by whole networks of hospitals in several other countries,
indicate that it's still a viable option. And the presence of several
companies in the space shows that adopters can count on support.

On the other hand, the competing implementations by vxVistA,
Medsphere, and ClearHealth complicate the development landscape. It
might have been easier if a single organization such as WorldVistA
could have unified development as the Apache or GNOME foundation does.

vxVistA has come in for particular criticism among open source
advocates. In fact, the speakers at today's conference started
out defensive, making me feel some sympathy for them.

vxVistA's developers, the company DSS, kept their version of VistA
closed for some time until they had some established customers.
Speaker Deanne Clark argued that they did this to make sure they had
enough control over their product to produce some early successes,
warning that any failure would hurt the image of the whole VistA
community. I don't know why a closed development process is necessary
to ensure quality, but I'll accept her explanation. And DSS seems to
be regarded highly for its quality work by everyone, including those
who embroil

More galling to other open source advocates is that when DSS did
release vxVistA as open source, they did so under an Eclipse license
that is incompatible with the GPL used by WorldVistA.

I wouldn't dare guess whether VistA will continue as a niche product
or will suddenly emerge to eat up the U.S. market for electronic
medical systems. But I think it's definitely something to watch.

The odd position of the VA as the source for new versions of VistA, as
well as its role as VistA's overwhelmingly largest user, could also
introduce distortions into the open source development pattern outside
the VA. For instance, commercial backers of VistA are determined to
get it certified for meaningful use so that their clients can win
financial rewards from the Department of Health and Human
Services. But the VA doesn't have to be certified for meaningful use
and doesn't care about it. (As David Uhlman of ClearHealth pointed
out, nearly everything in the meaningful use criteria was done thirty
years ago by the VA using VistA.)

The VA even goes through periods of refusing bug fixes and
improvements from the outside community. Luckily, the VA lets some of
its programmers participate on WorldVistA forums, and seems interested
in getting more involved.

Other presentations

Attendance varies between 30 and 70 people for today's health care
session. Roni Zeiger of Google brought out a big crowd for his href="http://www.oscon.com/oscon2010/public/schedule/detail/15272">discussion
of Google's interest in health care, with a focus on how its API
accepts data from devices.

Zeiger pointed out that we lead most of our lives outside doctor's
offices (unless we're very unlucky) and that health information should
be drawn from everyday life as well. A wide range of devices can
measure everything from how fast we walk to our glucose levels. Even
if all you have is a smart phone, there are a lot of things you can
record. Collecting this kind of data, called Observations of Daily
Living, is becoming more and more popular.

• One app uses GPS to show your path during a run.

• Another app uses the accelerometer to show your elevation during a
  bike ride.

• One researcher uses a sensor, stuck into an inhaler, to feed data to a
  phone and collect information on where and when people have asthma
  attacks. If we collect a lot of data from a lot of people over time,
  we may learn more about what triggers these attacks.

• On the fun side, a Google employee figured out how to measure the
  rotation of bike pedals using the magnet in an Android phone. This
  lets employees maintain the right aerobic speed and record what how
  fast and their friends are peddling.

You can set up Google Health to accept data from these
devices. Ultimately, we can also feed the data automatically to our
doctors, but first they'll need to set up systems to accept such
information on a regular basis.

Will Ross href="http://www.oscon.com/oscon2010/public/schedule/detail/14944">described
a project to connect health care providers across a mostly rural
county in California and exchange patient data. The consortium
found that they had barely enough money to pay a proprietary vendor of
Health Information Exchange systems, and no money for maintenance. So
they contracted with Mirth
Corporation to use an open source solution. Mirth supports
CONNECT, which I described in
href="http://radar.oreilly.com/2010/07/day-one-of-the-health-care-it.html">yesterday's
blog, and provides tools for extracting data from structured
documents as well as exchanging it.

Nagesh Bashyam, who runs the large consulting practice that Harris
Corporation provides to CONNECT, href="http://www.oscon.com/oscon2010/public/schedule/detail/15267">talked
about how it can lead to more than data exchange--it can let a doctor
combine information from many sources and therefore be a platform for
value-added services.

Turning to academic and non-profit research efforts, we also heard
today from href="http://www.oscon.com/oscon2010/public/schedule/detail/15279">
Andrew Hart of NASA's Jet Propulsion Laboratory and some colleagues at
Children's Hospital Los Angeles. Hart described a reference
architecture that has supported the sharing of research data among
institutions on a number of large projects. The system has to be able
to translate between formats seamlessly so that researchers can
quickly query different sites for related data and combine it.

Sam Faus of Sujansky & Associates href="http://www.oscon.com/oscon2010/public/schedule/detail/15275">recounted
a project to create a Common Platform for sharing Observations of
Daily Living between research projects. Sponsored by the Robert Wood
Johnson Foundation to tie together a number of other projects in the
health care space, Sujansky started its work in 2006 before there were
systems such as Google Health and Microsoft Health Vault. Even after
these services were opened, however, the foundation decided to
continue and create its own platform.

Currently, there are several emerging standards for ODL, measuring
different things and organizing them in different ways. Faus said this
is a reasonable state of affairs because we are so early in the
patient-centered movement.

I talked about standards later with David Riley, the government's
CONNECT initiative lead. HHS can influence the adoption of standards
through regulation. But Riley's office has adopted a distributed and
participatory approach to finding new standards. Whenever they see a
need, they can propose an area of standardization to HHS's
specification advisory body. The body can prioritize these
requests and conduct meetings to hammer out a standard. To actually
enter a standard into a regulation, however, HHS has to follow the
federal government's rule-making procedures, which require an
eighteen-month period of releasing draft regulations and accepting
comments.

It's the odd trait of standards that discussions excite violent
emotions among insiders while driving outsiders to desperate
boredom. For participants in this evening's Birds of a Feather
session, the hour passed quickly discussing standards.

The 800-pound gorilla of health care standards is the HL7 series,
which CONNECT supports. Zeiger said that Google (which currently
supports just the CCR, a lighter-weight standard) will have to HL7's
version of the continuity of care record, the CCD. HL7 standards have
undergone massive changes over the decades, though, and are likely to
change again quite soon. From what I hear, this is urgently
necessary. In its current version, the HL7 committee layered a
superficial XML syntax over ill-structured standards.

A major problem with many health care standards, including HL7, is the
business decision by standard-setting bodies to fund their activities
by charging fees that put standards outside the reach of open source
projects, as well as ordinary patients and consumers. Many standards
bodies require $5.00 or $10.00 per seat.

Brian Behlendorf discussed the recent decision of the NHIN Direct
committee to support both SOAP versus SMTP for data exchange. Their
goal was to create a common core that lets proponents of each system
do essentially the same thing--authenticate health care providers and
exchange data securely--while also leaving room for further
development.

PlanetMySQL Voting: Vote UP / Vote DOWN

Dear Commissioner Kroes,

Last week, former MySQL CEO Mårten Mickos wrote you a letter urging approval of Oracle’s takeover of Sun Microsystems¹, asserting that Oracle’s ownership of MySQL (as part of the Sun acquisition) will increase competition in the market.

As a long-time MySQL user, a former MySQL AB staff member² and a participant in a wide range of other open source and free software projects³, I find Mårten’s conclusion to be incorrect as well as unsupported by his arguments.

In making this point, I’ll challenge the three key arguments made by Mårten:

1. MySQL and Oracle do not compete
2. Oracle has as many compelling business reasons to continue the ramp-up of the MySQL business
3. Oracle’s ownership of MySQL will increase competition in the market

Also, please note that I have no financial interest in Oracle or Sun and I haven’t been paid to write this article.⁴

MySQL and Oracle Compete

Oracle’s ownership of MySQL will lead to what the commission fears – greater costs and less choice in the DBMS market.

First, it is very clear that MySQL is a difficult and disruptive competitor for Oracle. Imagine yourself Oracle’s position: most of your present and future customers use MySQL at no cost, and the combination of open source communities and the commercial entities backing MySQL work in a distributed fashion to erode your key advantages and populate many niches in the market.

Oracle’s acquisition of Sun would provide them with a way to control this competition.

We don’t have to rely on  imagination to see the competition between MySQL and Oracle. Even a cursory examination of the market leads one to the same initial conclusion reached by the commission that, “… Oracle databases and Sun’s MySQL compete directly in many sectors of the database market …”⁵

A volume of evidence demonstrating the heated competition between Oracle and MySQL can be found online, including Oracle’s acquisitions of key pieces of  technology licensed to MySQL⁶, benchmarks⁷, case studies⁸, migration toolkits⁹, presentations given by MySQL staff at the MySQL conference¹⁰, attendance of the MySQL User Conference by key Oracle management¹¹, articles in trade publications and recently leaked Sun Microsystems internal documents¹².

Oracle’s Compelling Business Reasons

Mårten wrote that, “Oracle has as many compelling business reasons to continue the ramp-up of the MySQL business as Sun Microsystems and MySQL previously did, or even more”, but did not elaborate on what these business reasons would be.

We know that Oracle will seek to use MySQL to provide maximum value to their shareholders, but this is not the same as a “compelling business reasons to continue the ramp-up of the MySQL business” nor is it the same as, “(increasing) competition in the database market.”

Oracle has a large and successful business. Its net income for the first fiscal quarter of 2009 was reported at 1.1bn USD¹³ The direct commercial value from licensing and services that it would be able to extract from MySQL would be trivial compared to this (and would likely be at a much lower margin than services and licensing it is accustomed to.)

Some reasonable tactics and strategies for an Oracle who has acquired MySQL would include:

• Using MySQL to price-target customers, ensuring that each customer pays as much as possible to Oracle. In the past, Oracle has reduced prices on a case-by-case basis to help retain customers who have “defected” to MySQL. The reduced competition in the marketplace will give Oracle more control, especially over large institutions who currently rely on MySQL Enterprise.
• Using control of the non-software MySQL assets (such as domain names, documentation, trademarks, conferences, …) to  manage competition in the MySQL space.
• Managing the rate of innovation in the MySQL product, so as to ensure that price-targeting can be effective.
• Continued support of the open source version of MySQL, so as to ensure that other open source competitors do not become prominent enough to challenge Oracle’s business.

Oracle will engage in strategies such as these for as long as it has a compelling business reason to do so, but certainly not out of concern for or in service to the market.

Closing

Commissioner Kroes, I won’t presume to advise the commission on the best path forward, however I do hope that you have a clearer view of the facts.

Open source and the market forces that supported MySQL’s rise to prominence and allowed it to compete with Oracle will exist regardless of what the commission chooses to do.

If Oracle acquires MySQL, then the market will be hindered for the next three to five years. Customers will pay higher prices. The open source community will need a few years to route around Oracle’s control. Current MySQL customers will be faced with challenges as they decide whether or not to stay with an aggressive vendor who now has much more control of a database that they often rely on to serve the online market.

If Oracle does not acquire MySQL then it will still have significant influence, as it controls a key MySQL resource in the form of InnoDB. This is something that the open source space is still wrestling with, as various engines and forks attempt to deal with the problem.

If the commission truly wants to foster competition, a middle road would be to allow Oracle to acquire MySQL on the condition that the database, engines and documentation are released under a permissive open source licence, such as the New BSD license¹⁴. This would allow Oracle to make the acquisition that it so desires without having to spin off MySQL and would foster a great deal of competition in the market, as no single party would be able to control the integration of MySQL with other products.

1. via Matt Asay’s CNET Blog – Mickos letter to EU: “Approve Oracle-Sun deal”
2. from 2001 to 2004, I served as MySQL’s community liaison
3. including multiple years serving on Free Software Foundation’s license compliance team, working as a Mozilla Foundation staff member and volunteering for the Open Source Initiative
4. The founders of MySQL and many of the early MySQL staff are friends, which likely influences my thinking. I don’t know what options or financial arrangements friends and former colleagues who have a stake in Oracle or Sun have in place, but I’m sure that some friends will have significant benefit from a sale of Sun to Oracle.
5. EC Press Release: European Commission opens in-depth investigation into proposed takeover of Sun Microsystems by Oracle
6. Oracle acquired Innobase OY in 2005, followed by Sleepycat Software Inc. in 2006. These vendors licensed transactional database engine technology to MySQL that allowed MySQL to more effectively compete in Oracle’s space.
7. MySQL.com: February 2002 eWeek Benchmarks
8. Mysql.com case studies: ThePhoneHouse consolidates its eCommerce Systems on MySQL Enterprise, MySQL.com: Citysearch Saves Over $1 Million Using MySQL (pdf), …
9. MySQL.com: Introduction to the MySQL Migration Toolkit, Oracle.com: Oracle Migration Workbench
10. MySQL User Conference 2005: Migration from Oracle to MySQL, MySQL User Conference 2006: MySQL Migration Toolkit, MySQL User Conference 2007: MySQL for Oracle DBAs and Developers
11. Oracle VP Ken Jacobs has attended and spoken at multiple MySQL User Conferences
12. Wikileaks.org: Sun/Microsystems ‘Project Peter’ targets Oracle to MySQL migrations to boost sales
13. As reported by BusinessWeek: Oracle’s Earnings: Summer Doldrums Set In. Note that this was a rather weak quarter, as previous recent quarters reported nearly twice the income.
14. http://www.opensource.org/licenses/bsd-license.php

PlanetMySQL Voting: Vote UP / Vote DOWN

The first Free Software Conference in Kosovo is being held on August 29-30 in Prishtina, Kosovo. The newborn state, which declared independence in 2008, is growing in several ways. Besides economic and political growth, also technology is expanding. In this fresh environment, free and open source software can have an important role. The conference schedule includes local and international speakers.

I have a strong professional and personal relationship with Kosovo. Before and after the war, from 1998 to 2002, I was part of the OSCE-UN mission that helped the country in its first steps towards independence. And there I found my wife. Thus, it's with great pleasure that I will do a keynote on the theme of Freedom beyond free of charge.
And although the talk won't be about MySQL, it will nonetheless have a role in the story. Some of the freedom that was achieved during the UN Mission in Kosovo days is also due a combination of Linux, FreeBSD, MySQL, and many more free software projects.
PlanetMySQL Voting: Vote UP / Vote DOWN