Re: Re: Encrypt database table

[Nathan Rixham <nrixham@xxxxxxxxx>]

Boyd, Todd M. wrote:
> > -----Original Message-----
> > From: Nathan Rixham [mailto:nrixham@xxxxxxxxx]
> > Sent: Monday, September 22, 2008 12:23 PM
> > To: php-general@xxxxxxxxxxxxx
> > Subject: Re:  Re: Encrypt database table
> >
> > Boyd, Todd M. wrote:
> > > > -----Original Message-----
> > > > From: Micah Gersten [mailto:micah@xxxxxxxxxxx]
> > > > Sent: Monday, September 22, 2008 11:22 AM
> > > > To: PHP General list
> > > > Subject: Re:  Re: Encrypt database table
> > > >
> > > > You have the same worry of a DBA writing the root password on a
> post
> > > it
> > > > note.  In every organization, there has to be some level of trust.
> > > > Tell
> > > > the DBA to use Linux, there's a lock icon to enable the screensaver
> > in
> > > > most X environments. ;-)
> > > >
> > > > Thank you,
> > > > Micah Gersten
> > > > onShore Networks
> > > > Internal Developer
> > > > http://www.onshore.com
> > > >
> > > >
> > > >
> > > > Philip Thompson wrote:
> > > > > I understand what you're saying, but I don't completely agree with
> > > > > this. What happens when the DBA has a table of names and SSNs on
> > > > > screen and then gets up from his desk to run to the bathroom? In
> > the
> > > > > fear that he may ruin is best slacks (err, jeans), he forgets to
> > > > close
> > > > > the DB viewer or lock his desktop. Mr. ShouldntBeInHere walks by,
> > > > sees
> > > > > the monitor of data and takes a picture with his new iPhone 3G and
> > > > > keeps walking. Well, now he just grabbed 50 names and SSNs. Uh oh!
> > > > >
> > > > > Now, I understand that Mr. DBA should be held responsible for not
> > > > > taking the necessary precautions to make sure that no one else got
> > > to
> > > > > his database. However, if the database had been encrypted, then
> > > > maybe,
> > > > > just maybe those names wouldn't have been exploited. But, in an
> > > > effort
> > > > > to make sure that he is taking all the necessary precautions,
> > > > > shouldn't he have encrypted his database as well?
> > > > >
> > > > >
> > > > >     Also, there was this same question last Friday (I think) about
> > > > > encrypting DBs. Search the archives and/or ask a MySQL list.
> > > > >
> > > > > But to not be a complete jerk... I use AES.
> > > Windows Key + L = Lock. Yes, it exists in Windows. It's even fairly
> > > well-documented. *gasp!* But, yeah... you should totally tell your
> > DBA
> > > to change operating systems on the sheer premise of a minute
> increase
> > in
> > > functionality. ;P
> > >
> > >
> > > Todd Boyd
> > > Web Programmer
> > you know, way down inside you there is a little bit of you that's
> > scared
> > of linux; but really you love it; you want it; you crave the crazy
> > penguin and all his lightweight strongly coded goodness.
>
> I have been a Linux user since I installed my first Slackware distro at
> age 13. I've been using Debian (or some flavor of it--read: (x/k)ubuntu)
> since. I just think it's pretty weak when people are pointing out "well,
> that's something Linux does out-of-the-box" when, first of all, it's
> NOT.. and second of all, Windows already does (out-of-the-box, for
> realsies).
>
> I'm familiar with both. I prefer Linux--not going to lie. However, I
> *HAVE TO* use Windows for work and for several projects in school (trust
> me, I've tried them with wine.. no dice). I am immersed in both worlds,
> but see no reason for others to be when using Linux serves no practical
> purpose for them whatsoever (esp. not a screen lock that MIGHT be
> included with their chosen X distribution package)...
>
> I know it was just a quip. So was my reply. So was yours. This is the
> song that never ends...
>
> Cheers.
>
>
> Todd Boyd
> Web Programmer
snap; windows xp at work, windows server 2003 enterprise at home; ubuntu 
box and multiple permanent putty windows open to keep me sane.

sigh bed time; back to the grind again tomorrow.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php