> Btw, someone sent me a backup of his MSSQL database yesterday.
>
> I was able to restore it and connect to the database via the "sa" user
> account on my local MSSQL installation without problems. I wouldn't call
> that "secure" either.

I would expect all Client/Server databases act like that. Thye doe not
assume that there exists any data to be hidden from the machine's
"owner" which does have pyisical or superuser access.

The "Encryption-way" is known from some file-databases (as MS-Access).
But, for these there are tools available to break the protection
automatically - keys stored inside some DLL are not really secret.

Elmar