October 26, 2010 at 11:42 pm
Jeff Moden (10/26/2010)
As a side bar, the article also states...Computers with ethernet/token ring addresses generate UUIDs that are guaranteed to be globally unique.
Yup.
So, does anyone know of an article that guarantees that ethernet addresses a globally unique because that's the only way such a guarantee could be made.
Aside from the article you just read you mean? 😛
There's plenty out there - use your favourite search engine 🙂
I also don't like the idea of the MAC address being involved and need to find out if the MAC address could be reverse engineering on sequential GUIDS. I know they could be reverse engineered on true type 1 GUIDs, but I don't know if these are true type 1 GUIDS.
Yes there are, and yes it is. There is some byte re-ordering performed in SQL Server to fool other parts of the engine into believing they are sequential, but it's not at all hard to undo that, and obtain the MAC address. The following code snippet demonstrates the byte reordering performed:
WITH FiveGUIDs (the_guid)
AS (
SELECT NEWID() UNION ALL
SELECT NEWID() UNION ALL
SELECT NEWID() UNION ALL
SELECT NEWID() UNION ALL
SELECT NEWID()
)
SELECT -- The GUID in string form
G.the_guid,
-- Converted diectly to BINARY(16)
CA.as_binary16,
-- The 'correct' decoding
decoded =
SUBSTRING(CA.as_binary16, 11, 6) +
SUBSTRING(CA.as_binary16, 09, 2) +
SUBSTRING(CA.as_binary16, 07, 2) +
SUBSTRING(CA.as_binary16, 05, 2) +
SUBSTRING(CA.as_binary16, 01, 4)
FROM FiveGUIDs G
CROSS
APPLY (
SELECT CONVERT(BINARY(16), G.the_guid)
) CA (as_binary16)
ORDER BY
G.the_guid;
Personally, I don't care that someone could decode my MAC address and work out at what time I generated the GUID, but your paranoia level may vary.
October 26, 2010 at 11:51 pm
The whole reason that MS changed the NEWID() from Type 1 to Type 4 was because of the security risks of exposing the MAC address. If they thought it was that much of a security risk as to make such a change as the GUID no longer being globablly unique, I'll probably go along with the notion that it actually was a security risk and not use Type 1's.
Heh... listen to me ... what am I saying???? Despite living through several company migrations, I haven't even found the need for Type 4's, yet, never mind Type 1's. 😉
--Jeff Moden
Change is inevitable... Change for the better is not.
October 27, 2010 at 12:08 am
Jeff Moden (10/26/2010)
]If they thought it was that much of a security risk as to make such a change as the GUID no longer being globablly unique, I'll probably go along with the notion that it actually was a security risk and not use Type 1's.
What do you mean by "GUID no longer being globally unique"? :unsure:
October 27, 2010 at 12:18 am
Paul White NZ (10/26/2010)
So, does anyone know of an article that guarantees that ethernet addresses a globally unique because that's the only way such a guarantee could be made.
Aside from the article you just read you mean? 😛
BWAA-HAAA!!! Oh no... Not quite what I meant. I know that 48 bit MAC addresses are larger than they'll ever use and when they run out of those in about a billion years, they can switch over the the 64 bit version. 😉 What I meant was the safe-guards a manufacturer uses to not accidentally repeat numbers. Some of the less popular brands may not be so careful.
--Jeff Moden
Change is inevitable... Change for the better is not.
October 27, 2010 at 1:15 am
Jeff Moden (10/27/2010)
BWAA-HAAA!!! Oh no... Not quite what I meant. I know that 48 bit MAC addresses are larger than they'll ever use and when they run out of those in about a billion years, they can switch over the the 64 bit version. 😉 What I meant was the safe-guards a manufacturer uses to not accidentally repeat numbers. Some of the less popular brands may not be so careful.
There are some details on how ranges are assigned here: http://en.wikipedia.org/wiki/MAC_address
As far as the finest level of detail is concerned - how the individual manufacturers ensure that burned-in addresses are never assigned more than once - I have no idea.
October 27, 2010 at 8:01 am
Some of the smaller manufacturers aren't careful. In the 90s we had two separate NICs have duplicate MACs when we bought an off brand.
October 27, 2010 at 8:09 pm
Steve Jones - SSC Editor (10/27/2010)
Some of the smaller manufacturers aren't careful. In the 90s we had two separate NICs have duplicate MACs when we bought an off brand.
I know I'm simple to please but you have no idea how happy that paragraph just made me. 🙂
--Jeff Moden
Change is inevitable... Change for the better is not.
October 27, 2010 at 8:28 pm
Jeff Moden (10/27/2010)
Steve Jones - SSC Editor (10/27/2010)
Some of the smaller manufacturers aren't careful. In the 90s we had two separate NICs have duplicate MACs when we bought an off brand.I know I'm simple to please but you have no idea how happy that paragraph just made me. 🙂
Why? The network card address is just one component of a version 1 GUID - what conclusions are you drawing here?
October 28, 2010 at 8:00 am
I still think that combining a logical identifier like client_id or store_id with another column containing either a date/time stamp or sequential integer makes more sense than stamping the network card's MAC address and random data on every transaction record. If someone on the implementation team screws up and assigns the wrong client or store id, then the installation and data needs to be straightened out before it's consolidated into another database. If you're merging data from multiple independent sources, then the ETL process can insert an additional column identifying the data source. Using GUIDs as identifiers makes sense in non-relational scenarios, like identifying your Windows installation or as an object class id.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
October 28, 2010 at 8:11 am
Steve Jones - SSC Editor (10/27/2010)
Some of the smaller manufacturers aren't careful. In the 90s we had two separate NICs have duplicate MACs when we bought an off brand.
Of course, the MAC address can also be spoofed at the operting system level and stubbed with some number like "000000000000". I don't know why, but where there's a way, there's a will.
http://www.klcconsulting.net/Change_MAC_w2k.htm
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
October 28, 2010 at 9:23 am
Eric Russell 13013 (10/28/2010)
I still think that combining a logical identifier like client_id or store_id with another column containing either a date/time stamp or sequential integer makes more sense than stamping the network card's MAC address and random data on every transaction record.
Indeed. I don't think anyone is suggesting replacing perfectly good keys with GUIDs just for the sake of it. That's not to say that GUID keys haven't ever been used inappropriately - they sure have.
Nevertheless, there are some systems that are much better suited to GUID keys than any alternative scheme. Until you have worked on such a system, I accept that it may be hard to visualise quite why it should be so.
October 28, 2010 at 11:16 pm
Eric Russell 13013 (10/28/2010)
I still think that combining a logical identifier like client_id or store_id with another column containing either a date/time stamp or sequential integer makes more sense than stamping the network card's MAC address and random data on every transaction record. If someone on the implementation team screws up and assigns the wrong client or store id, then the installation and data needs to be straightened out before it's consolidated into another database. If you're merging data from multiple independent sources, then the ETL process can insert an additional column identifying the data source. Using GUIDs as identifiers makes sense in non-relational scenarios, like identifying your Windows installation or as an object class id.
My experience is that this does not work in a multi-tenant scenario where the tenants are separate corporations. If you have multiple stores in the same organization, you can ensure that each store have a unique identifier. If you have multiple customers from desperate corporations using your database product solution, ensuring the mutually exclusive tenant identifiers is not realistic.
October 29, 2010 at 6:04 am
Paul White NZ (10/27/2010)
Jeff Moden (10/27/2010)
Steve Jones - SSC Editor (10/27/2010)
Some of the smaller manufacturers aren't careful. In the 90s we had two separate NICs have duplicate MACs when we bought an off brand.I know I'm simple to please but you have no idea how happy that paragraph just made me. 🙂
Why? The network card address is just one component of a version 1 GUID - what conclusions are you drawing here?
I won a $100 bet on it. 😉
--Jeff Moden
Change is inevitable... Change for the better is not.
October 29, 2010 at 6:33 am
Jeff Moden (10/29/2010)
Paul White NZ (10/27/2010)
Jeff Moden (10/27/2010)
Steve Jones - SSC Editor (10/27/2010)
Some of the smaller manufacturers aren't careful. In the 90s we had two separate NICs have duplicate MACs when we bought an off brand.I know I'm simple to please but you have no idea how happy that paragraph just made me. 🙂
Why? The network card address is just one component of a version 1 GUID - what conclusions are you drawing here?
I won a $100 bet on it. 😉
Let's see if I can get this right:
BWWAAAAAAAAHAAAAAAAAA!!!!!
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
October 29, 2010 at 6:49 am
Jeff Moden (10/29/2010)
I won a $100 bet on it. 😉
Wow!
Viewing 15 posts - 121 through 135 (of 169 total)
You must be logged in to reply to this topic. Login to reply