> -----Original Message----- > From: Nathan Rixham [mailto:nrixham@xxxxxxxxx] > Sent: Monday, September 22, 2008 12:23 PM > To: php-general@xxxxxxxxxxxxx > Subject: Re: Re: Encrypt database table > > Boyd, Todd M. wrote: > >> -----Original Message----- > >> From: Micah Gersten [mailto:micah@xxxxxxxxxxx] > >> Sent: Monday, September 22, 2008 11:22 AM > >> To: PHP General list > >> Subject: Re: Re: Encrypt database table > >> > >> You have the same worry of a DBA writing the root password on a post > > it > >> note. In every organization, there has to be some level of trust. > >> Tell > >> the DBA to use Linux, there's a lock icon to enable the screensaver > in > >> most X environments. ;-) > >> > >> Thank you, > >> Micah Gersten > >> onShore Networks > >> Internal Developer > >> http://www.onshore.com > >> > >> > >> > >> Philip Thompson wrote: > >>> I understand what you're saying, but I don't completely agree with > >>> this. What happens when the DBA has a table of names and SSNs on > >>> screen and then gets up from his desk to run to the bathroom? In > the > >>> fear that he may ruin is best slacks (err, jeans), he forgets to > >> close > >>> the DB viewer or lock his desktop. Mr. ShouldntBeInHere walks by, > >> sees > >>> the monitor of data and takes a picture with his new iPhone 3G and > >>> keeps walking. Well, now he just grabbed 50 names and SSNs. Uh oh! > >>> > >>> Now, I understand that Mr. DBA should be held responsible for not > >>> taking the necessary precautions to make sure that no one else got > > to > >>> his database. However, if the database had been encrypted, then > >> maybe, > >>> just maybe those names wouldn't have been exploited. But, in an > >> effort > >>> to make sure that he is taking all the necessary precautions, > >>> shouldn't he have encrypted his database as well? > >>> > >>> > >>> Also, there was this same question last Friday (I think) about > >>> encrypting DBs. Search the archives and/or ask a MySQL list. > >>> > >>> But to not be a complete jerk... I use AES. > > > > Windows Key + L = Lock. Yes, it exists in Windows. It's even fairly > > well-documented. *gasp!* But, yeah... you should totally tell your > DBA > > to change operating systems on the sheer premise of a minute increase > in > > functionality. ;P > > > > > > Todd Boyd > > Web Programmer > > > > > > > > you know, way down inside you there is a little bit of you that's > scared > of linux; but really you love it; you want it; you crave the crazy > penguin and all his lightweight strongly coded goodness. I have been a Linux user since I installed my first Slackware distro at age 13. I've been using Debian (or some flavor of it--read: (x/k)ubuntu) since. I just think it's pretty weak when people are pointing out "well, that's something Linux does out-of-the-box" when, first of all, it's NOT.. and second of all, Windows already does (out-of-the-box, for realsies). I'm familiar with both. I prefer Linux--not going to lie. However, I *HAVE TO* use Windows for work and for several projects in school (trust me, I've tried them with wine.. no dice). I am immersed in both worlds, but see no reason for others to be when using Linux serves no practical purpose for them whatsoever (esp. not a screen lock that MIGHT be included with their chosen X distribution package)... I know it was just a quip. So was my reply. So was yours. This is the song that never ends... Cheers. Todd Boyd Web Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
