| Subject | Re: [Firebird-Architect] database encryption |
|---|---|
| Author | Jim Starkey |
| Post date | 2010-11-03T22:11:53Z |
Yup, give your password and account number to somebody untrustworthy,
you're going to find your bank account distressingly empty. Well, duh.
So let's assume, realistically or not, that all though the disk and wire
traffic can be intercepted, it isn't possible to install a hacked
executable on the server.
But also note that it doesn't protect against the situation where the
bad guy has access to a memory snapshot of a running broker or database
server. It also doesn't bring peace to the middle east, satisfy the Tea
Party, or eliminate man's inhumanity to man.
All it does is provide secure communications to a database that can't be
stolen without a compromised password.
you're going to find your bank account distressingly empty. Well, duh.
So let's assume, realistically or not, that all though the disk and wire
traffic can be intercepted, it isn't possible to install a hacked
executable on the server.
But also note that it doesn't protect against the situation where the
bad guy has access to a memory snapshot of a running broker or database
server. It also doesn't bring peace to the middle east, satisfy the Tea
Party, or eliminate man's inhumanity to man.
All it does is provide secure communications to a database that can't be
stolen without a compromised password.
On 11/3/2010 5:58 PM, Dimitry Sibiryakov wrote:
> 03.11.2010 22:26, Jim Starkey wrote:
>> The database file, broker store, and database executable
>> can be all be compromised or hacked without exposure of the database.
> How? As soon as hacked database server received key from broker - database is
> completely decrypted, protection is over.
>
--
Jim Starkey
Founder, NimbusDB, Inc.
978 526-1376