Riga Dev Days 2018 : Day 2

Day 2 of Riga Dev Days 2018 was pretty much a repeat of day 1 for me. My mystery illness continues. I spent most of the day in bed, but went to the conference to present my session calledย Make the RDBMS Relevant Again with RESTful Web Services and JSON.

I think the session went OK, but my brain was on a go-slow and I was struggling for words a couple of times. Thanks to Chris for pointing out my “pistol fingers”, which I seem to be doing in every shot he took… Personally I think pistol fingers look better than Jazz Hands, which he does during his presentations… ๐Ÿ™‚

I got some questions at the end, one of which I have referred to the “ORDS Gods in the Sky” (see below for answer), and spent some time chatting outside the room after the session.

I headed upstairs to the balcony to discuss some stuff with Martin Bach and Neil Chandler before going back to the hotel to crash… Again…

It’s a bit disappointing that I didn’t get to see much of the conference this year, but the main thing was I made it to my sessions. I hope to be back again and in better health next time so I cab be a bit more involved and learn something myself! ๐Ÿ™‚

Cheers

Tim…

PS. Reply from theย “ORDS Gods in the Sky”…

Question: Does ORDS support HTTP2?

Answer: ORDS 18.1.1 Standalone Mode on JDK 9 or later supports HTTP/2 out of the box no additional configuration required. In the case of ORDS running under an application server, it comes down to whether the application server support HTTP/2. WebLogic does not support HTTP/2 yet. Tomcat recent versions with JDK 9 or later support HTTP/2…

Riga Dev Days 2018 : Day 1

I woke up at about 06:00 feeling pretty terrible. Not physically sick, but dizzy.

I lay in the bath for ages, hoping that it would bring me to life. It didn’t. I got out of the bath to find my case was locked. I must have somehow mixed up the combination the day before, and didn’t know what it was. After Googling how to break into the lock and failing, I started the process of trying every combination from 000-999. Luckily the number was only about a quarter of the way through…

With clean clothes I then noticed none of my stuff had charged overnight, so my laptop and phone were nearly dead. Are you starting to see why I think I have a conference curse this year? I charged them up for a bit, then headed off to the conference, grabbing some diet coke on the way, hoping the caffeine would help and it did a bit…

I bumped into the few people when I arrived at the conference, but pretty soon it was time to present my session on analytic functions. Once the adrenalin kicked in I felt fine, except for a couple of times when I turned my head too quickly and felt like I was going to fall over. I think the session went OK. All the usual problems you expect with a live demo, but I think I managed to roll with the punches. I even managed to accidentally out the post I’ve been writing about my current “midlife crisis”, which I wasn’t sure I was going to publish, but I guess I am now… ๐Ÿ™‚

The event is held at a cinema, so you are standing at the bottom corner of the room, with your slides on the cinema screen, which is really good when you have live demos. The room was pretty full, with a few people sitting on the stairs because they didn’t want to fight their way across the row. I got some questions at the end, including one about my midlife crisis. ๐Ÿ™‚

The conference seemed really busy. Excuse my shocking camera work, but here’s a shot of the main concourse.

After the session I sat down for a chat with Chris Thalinger. It’s kind-of scary how similar we are (not physically). Needless to say we will never meet or speak of this again… ๐Ÿ™‚ We were joined by Ted Neward, Kamil Stawiarski and Patrick Barel along the way. Despite sitting in the shade I managed to get sunburnt…

I had avoided food all day as I had the feeling as soon as I ate something I would feel dizzy again and want to sleep. When Chris went to do his session I grabbed some popcorn, and sure enough once I ate it I could feel my bed calling! I headed back to my hotel and crashed for the rest of the day…

So day 1 of Riga Dev Days 2018 was a very short day for me, which mostly involved sleeping… Sorry. Let’s hope tomorrow goes better.

Cheers

Tim…

PS. I figured out my charging issue. When I turn off the main light in my room all the power cuts out. That’s why none of my stuff charged…

Riga Dev Days 2018 : The Journey Begins

Having spent most of the previous day in bed with a headache, I woke up at 03:00 to get ready for my taxi at 03:00. Despite all the sleep I was not feeling too great.

The taxi driver was nice enough, but he didn’t have any receipts, which was annoying. I got to the airport just after 04:00 and it was really busy. Luckily the new queuing system at Birmingham Airport is really good and I got through security quickly.

The flight to Amsterdam took about an hour, followed by a couple of hours waiting for the next flight. Amsterdam airport was so incredibly hot, which made me feel terrible. It would have been a lot worse if I didn’t have an EU passport, as there was a massive queue at security. I guess I have that to look forward too. ๐Ÿ™

I got on the plane to Riga and managed to swap my window seat for an aisle, which was great. The flight took about 2 hours, but I was so tired it felt like a lot longer.

Once I arrived it was a quick taxi ride to hotel where I was greeted with a free upgrade to Debra Lilley status. Here’s a picture of my lounge. ๐Ÿ™‚

I have no idea why I got this upgrade because I booked the cheapest room they had and I have no status in this chain. I booked quite a long time ago, so maybe they ran out of cheap rooms and I was the first on the list to make way? ๐Ÿ™‚

It was only a little after midday when I arrived, so I did the obvious thing and went to bed for the rest of the day and night. I woke up at about 06:00 the following day, but that is a different story…

Cheers

Tim…

APEX 18.1 Docker Builds Updated

You’ve probably seen that APEX 18.1 was released recently. This is just a quick note to say I’ve updated my Docker builds to include the latest versions of all the software including APEX. You can find the builds here.

https://github.com/oraclebase/dockerfiles

I always install APEX into every database, so the database builds include APEX and the ORDS build includes the APEX images.

Remember, I’m not saying you should use these, but if you like to play around with Docker you might find them useful, along with my Docker articles here.

Regardless of how you like to use APEX, get on board with APEX 18.1… ๐Ÿ™‚

Cheers

Tim…

GDPR : The good, the good and the good!

As is the way with reporting these days, most of the posts about GDPR that have gained any sort of traction over the last few years/months/days have been focused on the doom and gloom side of things. I too have found myself focussing on this side of the issue, being the natural worrier that I am. Having said all that, I think it’s really important to take a step back and look at the issue as a whole…

I’ve seen a few comments from people outside the EU, and some inside, that can be summarised as, “F**k You EU!” I can understand that to a certain extent, but I think it’s important to remember what this is all about.

The Good : It’s about protecting you!

It’s really easy to gather massive amounts of data about you. This data is used to profile you and subsequently influence your decisions. There’s a reason why those pizza adverts keep coming to me, but I never see adverts for booze…

The stories about companies like Cambridge Analytica highlight how this data can be used to influence more than what food you buy. It can potentially influence who/what you vote for, and we can see how that has worked out for us in the UK and those in the USA recently…

I understand you may not like the implementation of GDPR from a business perspective, but surely you’ve got to agree that some control over the collection and use of this data has to be put in place?

Understanding what data is held about you and how it is processed is a good thing.

The Good: The technical stuff is easy

There are challenges associated with the technical side of GDPR, but for the most part we have the technology, tools and intellect to deal with this. Depending on how much work your company has put into security over the years, there may not actually be that much to do on the technical side.

For a number of people GDPR has been good leverage to finally deal with some important stuff that has been moved down the priority list for years, because it’s more important to add a new spangly widget to an application than to patch a server.

If nothing else, this type of work keeps us techies in work, which is a good thing. ๐Ÿ™‚

The Good: The business process is where it’s at

If you’re reading this you are probably involved in IT, so the technical side of things is probably your main focus. Where is the data, is it secured, does it need to be encrypted etc. This is the tip of the iceberg, and as mentioned previously it’s all pretty easy, but labour intensive, to identify and fix. The really tough stuff is to identify and secure the business processes…

Burt uses an APEX interactive report to display some data he’s interested in. He downloads it as a spreadsheet and emails it to Beryl because she is the “Seven of Nine” of Excel and has macros coming out of her ears. She works her Excel Borg magic and emails the resulting masterpiece back to Burt. Burt then emails it on to Barbara who downloads it on to her laptop so she can take a look through it on the train on the way to the next board meeting…

Is anyone seeing the problem with this all too common business process? It really doesn’t matter how secure your database and applications are if people are going to download the data onto their PC, play around with it, print it, email it to people and then lose their unprotected laptop or memory stick on the train…

GDPR incentivises you to identify these stupid processes and secure them, or preferably replace them by something more sensible. This is a good thing. It’s something we in the IT world have been trying to encourage for years. Not only is it a good idea, but it’s also going to keep us techies in work. Do you see a pattern here? ๐Ÿ™‚

Conclusion

I’m not saying GDPR is perfect. I understand it introduces a set of problems for companies. I realise it’s easy to go down the rabbit hole of doom and gloom, but this really is a good thing.

Speaking for myself, it’s been quite enlightening reading through the GDPR information and going through the process for my website and blog. I was surprised about how much data was being captured that I didn’t know about, especially considering this is just a crappy “read only” resource, not a proper business that needs to track customers/clients etc.

The next few years will prove interesting.

Cheers

Tim…

PS. I might have forgotten to mention it keeps us techies in work… ๐Ÿ™‚

Riga Dev Days

In about a week I’ll be at Riga Dev Days 2018 in Latvia.

It’s a very diverse event, covering a whole bunch of technologies over the three days, which includes a workshop day and the two conference days.

There is an Oracle track, so if that’s your thing you will find it there, but there’s also a bunch of different technologies discussed too, so there’s something for everyone. Check out the schedule here.

See you there!

Cheers

Tim…

New XPS 15 : The Wait is Over

Followers of the blog will know I’ve been moaning about my MacBook Pro and macOS for a while now, and talking about making a switch back to Windows. That time will arrive soon, becauseย I’ve just ordered one of these.

It’s a Dell XPS 15″ with 32G RAM, 1TB M.2 drive and an i9 (6 core) processor.

It’s a little over the top, but I tend to hold on to laptops for quite a while, assuming they work properly. I might have gone down-market a bit if Dell had released something in the middle range. In the UK they currently have low spec or mega spec in the new 15″ range, and I’m getting increasingly worried about my current MBP, so I just went for it. Working for a university has the distinct advantage that I get a fantastic Higher Education discount from Dell when buying kit for home use. We also get an OK discount from Apple, but who cares…

This will be my main desktop and travel laptop, so I’ll be interested to see how it stacks up. I know a couple of people with the 2017 model and they say it is awesome, so on paper this looks like it will be great, assuming it works. ๐Ÿ™‚

I was tempted to go for one of the 13″ versions, which Connor McDonaldย recommended. The extra portability would be nice, but having recently spent some time working from just the laptop with no extra screen, I would go mad on such a small screen, no matter how good the resolution was.

Of course I’ve bought a dock for home and I already have a great monitor, so hopefully is should all slot into the setup nicely. I probably won’t get to use it for the next couple of conferences because of delivery dates, setup and understanding what adapters I need to connect to the real world. I’m not carrying the dock around with me. ๐Ÿ™‚

I’ll no doubt write about the experience has it happens. I’m using Windows 10 at work, so I don’t think that will be an issue as it is working out fine. It’s always a bit of a concern when switching over to a new bit of kit. What if you get “the bad one”, which has certainly happened with this last MBP. Also, I’ve got my setup documented, but I always worry I will miss something out… ๐Ÿ™‚

Fingers crossed this will work out…

Cheers

Tim…

PS. For context, you might want to read my post hereย before you tell me how great your preferred desktop OS is… ๐Ÿ™‚

Chrome 68, HTTPS , Let’s Encrypt and ORDS

In February Google released a post about Chrome 68, due for release in July, which will increase the pressure to adopt HTTPS for all websites because of this behaviour change.

Basically HTTP sites will be marked as insecure, rather than just getting the (i) symbol.

Recently I’ve seen a bunch of sponsored posts talking about this in an attempt to sell certificates. GoDaddy are pushing the advertising hard. I just wanted to remind people there is a free alternative called Let’s Encrypt you might want to consider.

Let’s Encrypt

I’ve been using HTTPS for a few years now, but over a year ago I switched to using the free Let’s Encrypt service to get my certificates and so far I’ve had no problems. I wrote about this in a blog post here. That links to this article about using CertBot to automate the certificate renewal, which includes the Apache HTTP Server config.

The article also links to this article about configuring HTTPS for Tomcat, which includes an example of using a Let’s Encrypt certificate.

I always run Oracle REST Data Services (ORDS) under Tomcat, so this is how I HTTPS enable ORDS. If you would prefer to run ORDS in standalone mode, but still want to use a real certificate Kris Rice has your back with this article.

Of course, you shouldn’t be having direct traffic to Tomcat servers or standalone ORDS services you care about. They should be sitting behind some form of reverse proxy, or a load balancer acting as a reverse proxy, which is performing the SSL termination. In my company, we have the real certificates on the load balancers, which perform the SSL termination, then re-encrypt to speak to the services below them.

Thoughts

In general I think the push towards HTTPS is a good thing, but I do have a few reservations.

  • There are plenty of sites, like my own, that don’t really do anything that requires encrypted connections. You are just there to read publicly available stuff. Marking them as insecure seems a little stupid to me. Update: As pointed out in the comments, it does make it harder for people to intercept and change the information during transit.
  • A bigger beef is the fact that anything with a valid HTTPS certificate is marked as “Secure”. If you work in IT you understand this just means the connection is secure, but what does it mean to other people? I could understand it if some people thought it meant it was a safe website to visit, when it means nothing of the sort. If HTTPS is the new “normal”, I think the browser should stop marking it as secure, and only flag when it is insecure. Update: It seems this is going to change (here). Thanks to Gary for pointing this out.
  • It worries me that Google can make this decision and the rest of the world has to jump. This all started when they began to alter index ranking based on the presence of HTTPS, which is why I first enabled HTTPS on my website about 4-5 years ago I think. Now the Chrome market share of about 60% is such that they can make big changes like this without having to get buy in from the rest of the world. The motives are good, but I don’t like it.
  • I’m not saying you shouldn’t pay for certificates. My company still does. I’m just saying you have a choice, especially if it is something that you do for fun like this website. In this case the free option is always the good one. ๐Ÿ™‚

Happy encrypting…

Cheers

Tim…

Oracle Code : Warsaw – The Journey Home

I woke up at silly o’clock to begin my journey home. I checked out of the hotel and got a taxi to the airport, where I breezed through check-in and security and found myself at the boarding gate 2 hours before the flight. Another hour in bed would have been nice… ๐Ÿ™‚

As usual, out came the laptop and I played catch-up on the blog and some of the other stuff I had missed during the conference.

The flight from Warsaw to Frankfurt was a little under 2 hours. I don’t think I’ve flown with LOT before, and it was quite a nice experience. The plane had a clean and modern interior with power sockets at every seat, which was cool. I didn’t have an aisle seat, but the flight wasn’t full, so I was able to move to one. ๐Ÿ™‚

I had a 90 minutes stop over at Frankfurt, before starting the hour flight home to Birmingham. That fine was easy, even though I had a window seat.

A quick taxi ride home and Oracle Code : Warsaw was complete.

Thanks to the Oracle Code crew for inviting me to the event, and to the Oracle Developer Champion and Oracle ACE Programs for making this possible for me. Most importantly, thank to the attendees and speakers for coming to the event and making it all happen!

The posts for this event were:

Cheers

Tim…