Tuesday, September 16, 2008

Re: [GENERAL] [LIKELY_SPAM]Re: Oracle and Postgresql

Jon.Roberts@asurion.com ("Roberts, Jon") writes:
> Roberts, Jon wrote:
>> > My top 10 reasons why companies pick Oracle.
>> Do you mean they actually get these things, or they imagine they do?
> Huh? Companies buy Oracle all of the time.

That's not the point.

The question isn't whether they buy *Oracle* or not, as the sales
figures obviously indicate that they do.

The question is whether or not the actually get the 10 things that you

I don't expect that they actually get all 10 of them, nor that they
get particularly close to getting all 10 of them.

>> There certainly are a lot of false perceptions out in the world about
>> Oracle, and about proprietary software in general.
>> > 1. 24x7 Support
>> At several different places over the years, I've seen their top-tier
>> support simply not respond.
> That is highly unusual. I've always had excellent experience with
> Oracle's support especially their top tier support.

I can't comment on that usefully.

>> > 2. Security: Patches,
>> When they get good and ready. There are outstanding security issues
>> in Oracle that have been there for years.
> I'm not saying Oracle is more or less secure. I think people feel
> better about security from a company like Oracle rather than a bunch of
> hackers on an email list. It is perceived as more secure by many,
> especially large companies.

Fortunately for sales, perception is much more important than reality.
The customers may not be *getting* better or more-quickly-available
security patches, but if they feel more comfortable, they may be

>> > Row Level Security,
>> I think you mean access control. Access control has so little overlap
>> with security that they really need to be discussed as separate
>> subjects.
>> > Roles,
>> We have 'em.
>> > encryption,
>> We have it.
> PG can't encrypt code.

It's not evident that "encrypting code" actually provides security.
In order for the code to *run*, any encryption keys need to reside
some place accessible by the server, which therefore implies that the
keys are accessible to operations staff.

This is a common problem with the use of encryption.

>> > protection of database code, etc.
>> Are you saying that the fact that the source isn't legally available
>> to the population at large is a feature? If you are, it's an argument
>> for security by obscurity, a system with a lot of deep known flaws.
> No, I'm saying that if I create a function in PG, ANYONE with access to
> the database can see my code. That is not secure. It is a security
> hole for the database.

Is this truly a security hole?

It is not at all evident to me that this indicates a security hole,
and simply asserting this to be so does not make it so.

>> > 3. Software indemnification (which is open source's biggest
>> > problem)
>> Are you kidding?!? Read the EULA for Oracle or any other proprietary
>> software package and then read the BSD license. They both indemnify
>> about the same thing, i.e. nothing. If you have any examples in case
>> law that show otherwise, they'd be a great thing to bring forth.
> The contracts you sign when you buy Oracle indemnify you from lawsuits.
> For instance, Oracle bundles Apache with various products. If someone
> sues a company for using Oracle HTTP Server because it uses Apache and
> Apache was allegedly illegally contributed to by a rogue employee, then
> Oracle protects their customers.
> After SCO went after companies using Linux, it is a concern of large
> companies and worth the extra cost of paying Oracle for Apache rather
> than using Apache all by itself.

SCO *lost* their case, and got slapped down plenty hard enough by
people intent on doing so that SCO no longer represents any sort of
example, aside from being an example that "in the Land of the
Litigious, anyone with deep pockets can potentially sue anyone over
anything," which isn't useful guidance.

You haven't pointed to any case law.

>> > 4. Scalability of shared disk (Oracle RAC)
>> RAC doesn't scale outside Oracle's sales literature, as far as I've
>> seen.
> I have.

And you can't prove it without breaking contracts that were signed
promising not to publish results, so you don't have any *useful*

>> > 5. Works extremely well from anything from hosting LDAP to OLTP
>> > applications to data warehouses with ROLAP and MOLAP
>> Now we're vaguely getting somewhere within shouting range of reality.
>> While the first half of that is hotly debatable, they've got decent
>> *OLAP.
> Oracle Internet Directory is LDAP compliant and stored in an Oracle
> database. They have rollback which provides similar MVCC functionality
> of PG. It has also been around longer than PG MVCC.

Stone tablets have been around longer than MVCC, but that's not an
example of anything.

>> > 6. Best, oldest, and most proven concurrency model for any
>> > commercial database product
>> It's none of those things.
> Which commercial database is better? MS SQL Server, Sybase, DB2, what?

You set a much higher bar than that. You claimed it was best, oldest,
and most proven in concurrency model.

>> > 7. Runs great on various platforms not just Linux or just Windows
>> Is this different from some other RDBMS(s) out there, and if so, which
>> one(s)? The only "just Windows" RDBMS I've ever heard of is MS SQL
>> Server, and I know of no "just Linux" ones.
> PG doesn't scale well on Windows. DB2 seems to work best on a
> mainframe. Sybase works best on Unix. MS SQL Server only runs on
> Windows.
>> > 8. Recruiting a senior level Oracle professional with over 10 years
>> > of experience is not very difficult
>> Finding somebody with 10 years' experience is no problem. Finding
>> somebody half-way competent is a different story.
>> > 9. Deep, deep discounts. I've never seen any company pay list
>> > price for Oracle products. It has always been at least 50% off if
>> > not more.
>> 50% off a price that's bloated by 1000% or more isn't much of a
>> muchness.
> It is only the perception of a good deal. So what?

It's *ALL* about perception, indeed. All 10 items you mention are, to
the extent that they are *perceived* to be true, a victory of
perception over reality.

>> > 10. Sales employees that will do anything to retain or grow your
>> > business.
>> That's just great if you prefer hookers and blow to a working RDBMS.
> LOL. That is pretty funny. I'm talking about doing free work like a
> proof of concepts, demonstrations of products, etc. I've even seen
> technical sales guys help out onsite for free for performance tuning an
> application.

There's the old tale of the "lady of the evening" who offered to "do
anything" for $100, and the gentleman in question said, "Great! My
house needs painting!"

Unfortunately, "do anything" has some questionable ethical
implications, and "hookers and blow" *do* lie down that road :-(.

>> > The initial price of the product factors into the equation for big
>> > companies but when you look at all the value add of Oracle, it is
>> > very tempting.
>> Their sales and marketing people have certainly done an excellent job
>> creating the perceptions above, among others, and spreading them
>> around the industry.
> Perception = sales.

100% agreed.

But we're not sales people, so we're not overly interested in that

We're much more interested in the technical realities.
output = ("cbbrowne" "@" "acm.org")
Rules of the Evil Overlord #64. "I will see a competent psychiatrist
and get cured of all extremely unusual phobias and bizarre compulsive
habits which could prove to be a disadvantage."

Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:

No comments: