Well, UUID stands for something UNIQUE. How that happened that it simply
doesn’t work? Or even worse: it doesn’t work sometimes.
I had to use a program which generates some random data in the database. The primary key is UUID, so the program generates a lot of UUIDs. It uses the standard Java’s way of generating UUIDs, the function: UUID.randomUUID().
I was told many times that Java primitives are better and faster than objects, but I haven’t found any benchmarks for that. So I made my own. I was trying to check how much slower it is to use the objects like Integer, Long, Double instead of int, long, or double.
In many web sites, passwords are usually stored in a database. I think this is well known to anybody who ever created any web page with user accounts.
Storing passwords in plain text is considered harmful. The only reason that I find is when someone gets the access to the database, or has the database backup, the passwords are just in plain text, so everyone can read them.
Quite a nice solution to this problem is hashing the passwords. The database stores no plain text passwords, but the result of some hash function.
hashed_value = HASH_FUNCTION(password);
The hash function is a one way function. This means that it’s very easy to calculate the hash value and it’s very hard to make the opposite calculation.
In all kinds of tutorials and blog posts the mostly used hash function is, unfortunately still, md5(). It returns 128 bit hash value. It means that there are only 2^128 possible values… what is quite a huge number: 340,282,366,920,938,463,463,374,607,431,768,211,456. The md5 algorithm contains some flaws and currently is not so secure. In fact it never was meant to be secure.
A very interesting keynote from RailsConf 2010 given by Robert Martin. The conference was named RAILS Conf but the keynote is not only about Rails or Ruby. It is about the community.
While looking for some information on the web, I found quite a nice piece of SQL, something like:
-- Session scope for the purpose of this article
SET sql_mode='STRICT_ALL_TABLES';
This sql_mode looked quite interesting. I’ve checked that in the MySQL documentation and well… it is a little bit terrifying.