>>Some people have requested that FB provide the ability to
>>encrypt the database. But even if it did this you cannot
>>protect the database from authorised users.

> here here!

>> You could obscure the decryption key inside the executable,

> Usually, it's stored elsewhere... hardware or certificate/ASN
> schemes for most part.

> AFAIC, this is doable. It's also important:

I am not clear what you mean here. Are you suggesting that
such schemes could somehow assist in the original question
(protecting against users accessing metdata)?

From the earlier "here here!" I am guessing you are simply
clarifying the fact that my security by obscurity suggestion
is not a good idea.

I was not trying to suggest that it was a properly secure
implementation. In some limited circumstances security by
obscurity can be enough to prevent uneducated users from
tampering, just dont use it to hide your credit card details
on the net ;-)

--
Geoff Worboys
Telesis Computing