Observations of a geek.

Automated backups of MySQL databases

Unless you have intelligent backup software that can do something smart to backup your databases, restoring a backup of a running MySQL server is like restarting your database after a hard system crash, it's a crap shoot. Since I don't have any fancy backup software that can help I decided to use mysqldump to create a snapshot of my database server and write it out to a compressed SQL file. Then my (dumb) backup software can continue to be used and I will be able to recover easily if my server dies.

Here's the quick and dirty script:

#!/bin/sh
#
# This script automates a call to mysqldump
# and sends the output to a file in a backup
# directory. The script is set up to keep
# seven days of history.
#
# Before you can run this script you must
# set up a MySQL user that can perform the
# backup. This user must have permission to
# SELECT and LOCK TABLES. The user should not
# be permitted to access MySQL in any way other
# than through the local socket. Here's how the
# user should be created:
#
# GRANT SELECT,LOCK TABLES ON *.* TO 'SomeUser'@'localhost' IDENTIFIED BY 'SomePassword'
# FLUSH PRIVILEGES;
#
# This script should be owned by root and only
# root should be able to read, write, and
# execute it. (i.e., chmod 700)
#

Upgrading MySQL from version 3.23 to 5.0.x

I recently had to upgrade a moldy old MySQL database server from version 3.23 to 5.0.x. Instead of stepping from 3.23 to 4.0, then from 4.0 to 4.1, and finally from 4.1 to 5.0.x I decided to use mysqldump.

I ran the following command on the old database server:
/path/to/mysqldump -u root -p -h oldserver.example.com --opt --all-databases > bigdump.sql

Then all I had to do was move the bigdump.sql file over to the new server and run the following command:
/path/to/mysql -u root -p -h newserver.example.com < bigdump.sql

Now all that is necessary is to flush the privileges so that users can access the databases. I logged into MySQL:
/path/to/mysql -u root -p -h newserver.example.com mysql

The problem with security questions

In this video Software Architect, Steve Moitozo, addresses the problem of providing secure answers to "security questions" on Web sites? He's written about this issue in the past in Death to the Secret Question and thought it would be helpful if I addressed it here in video form.

Gaming Social Networks

Brad Ward's post shows how easy it can be to game a social network. I suspect this kind of gaming is already going on in various other types of groups within social networks like Facebook and MySpace.

Estimated Relative Impact on Resources

Problem:It is difficult to prioritize projects without some concept of the relative impact each one will have on the group doing (or commissioning) the work. For instance, if I have three projects and one is huge while two are small is it reasonable to think that the two small ones could be completed in parallel; assuming there are no dependency or resource contention issues?

Checkwashing Countermeasure... A Pen!

I less than four minutes a crook can steal your check, selectively erase your writing, and make the check out to himself for any amount. That's checkwashing and it's preventable.

Most pens use dye, not pigmented ink. The uni-ball® 207™ uses ink with certain color pigments that bond with the paper fibers in checks making it very hard to "wash" the ink off. This pen, and others like it, could be a simple defense against the threat of checkwashing, which is simple and fast to do. The use of a pen like this, combined with the habit of properly filling in all the blanks on each check, and routine audits of bank statements will help you defend against checkwashing.

E-petitions Don't Work

Imagine being frustrated about a new tax and going into the basement to scream. Great, you've had a little therapeutic outlet but unless the people who levied the tax are in your basement it will not change anything.

I'm just as irritated as the next guy when it looks like an injustice might be perpetrated through the passage of a new bill or some court ruling. I want to do something and I want to be efficient when I do it.

At first blush the e-petition seems like a great way to influence the powers that be. Get thousands of people who agree with you and have them all sign it, but there are a number of problems with it.