>InterBase used to checksum every page, which would have caught this
>hack. It was dropped when it was found to to be a major performance
>bottleneck. Do keep in mind that a simple checksum is probably
>a hundred times cheaper to computer than a page encryption.
>

Would it not be possible to give the DBA the option of turning checksums
on or off in a similar manner to the way that Forced Writes are turned on
or off

> For that point, if the operating system security
>is not properly used, encryption wouldn't work because the key
>would be compromised.

I disagree. Even for Win95/98 users using PGP 6.0 or Syncrypt, their
keys are not compromised merely by someone poking through their encrypted
files and the encryption routines. If memory serves, its possible to bury
the
key in such a way that its unrecoverable without the password.

PS - I sense a Charlie/Jim/Deej thread on Shared Nothing architectures
coming
up....