Subject RE: [firebird-support] Re: Undocumented internal encrypt/decrypt in FB
Author Alan McDonald
> Sure. The problem is that I described a completely different
> attack. Suppose
> that you have Firebird running the way you described, with NTFS encrypted
> database. What the attacker does is:
>
> 1) Stop Firebird
> 2) Delete the security database
> 3) Copy the default security database in Firebird's folders
> 4) Restart Firebird
> 5) Use GBAK with SYSDBA/masterkey to backup the "protected" database
> 6) Restore the backup on any other computer
>
> Result: The data is completely copied. The attacker didn't even have to
> bother with finding the encryption key (hell, he didn't even need to know
> that the encryption is in place - the very same sequence would
> work for ANY
> Firebird installation there is!) That's why we need an encryption
> where key
> is supplied with each connection.
>
> Pepak

excuse me but if this "attacker" can do all this, then he/she should also
just be able to walk out the door with the PC,.. no?
Alan