Re: Re: Encrypt database table

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Boyd, Todd M. wrote:
-----Original Message-----
From: Nathan Rixham [mailto:nrixham@xxxxxxxxx]
Sent: Monday, September 22, 2008 12:23 PM
To: php-general@xxxxxxxxxxxxx
Subject: Re:  Re: Encrypt database table

Boyd, Todd M. wrote:
-----Original Message-----
From: Micah Gersten [mailto:micah@xxxxxxxxxxx]
Sent: Monday, September 22, 2008 11:22 AM
To: PHP General list
Subject: Re:  Re: Encrypt database table

You have the same worry of a DBA writing the root password on a
post
it
note.  In every organization, there has to be some level of trust.
Tell
the DBA to use Linux, there's a lock icon to enable the screensaver
in
most X environments. ;-)

Thank you,
Micah Gersten
onShore Networks
Internal Developer
http://www.onshore.com



Philip Thompson wrote:
I understand what you're saying, but I don't completely agree with
this. What happens when the DBA has a table of names and SSNs on
screen and then gets up from his desk to run to the bathroom? In
the
fear that he may ruin is best slacks (err, jeans), he forgets to
close
the DB viewer or lock his desktop. Mr. ShouldntBeInHere walks by,
sees
the monitor of data and takes a picture with his new iPhone 3G and
keeps walking. Well, now he just grabbed 50 names and SSNs. Uh oh!

Now, I understand that Mr. DBA should be held responsible for not
taking the necessary precautions to make sure that no one else got
to
his database. However, if the database had been encrypted, then
maybe,
just maybe those names wouldn't have been exploited. But, in an
effort
to make sure that he is taking all the necessary precautions,
shouldn't he have encrypted his database as well?


    Also, there was this same question last Friday (I think) about
encrypting DBs. Search the archives and/or ask a MySQL list.

But to not be a complete jerk... I use AES.
Windows Key + L = Lock. Yes, it exists in Windows. It's even fairly
well-documented. *gasp!* But, yeah... you should totally tell your
DBA
to change operating systems on the sheer premise of a minute
increase
in
functionality. ;P


Todd Boyd
Web Programmer



you know, way down inside you there is a little bit of you that's
scared
of linux; but really you love it; you want it; you crave the crazy
penguin and all his lightweight strongly coded goodness.

I have been a Linux user since I installed my first Slackware distro at
age 13. I've been using Debian (or some flavor of it--read: (x/k)ubuntu)
since. I just think it's pretty weak when people are pointing out "well,
that's something Linux does out-of-the-box" when, first of all, it's
NOT.. and second of all, Windows already does (out-of-the-box, for
realsies).

I'm familiar with both. I prefer Linux--not going to lie. However, I
*HAVE TO* use Windows for work and for several projects in school (trust
me, I've tried them with wine.. no dice). I am immersed in both worlds,
but see no reason for others to be when using Linux serves no practical
purpose for them whatsoever (esp. not a screen lock that MIGHT be
included with their chosen X distribution package)...

I know it was just a quip. So was my reply. So was yours. This is the
song that never ends...

Cheers.


Todd Boyd
Web Programmer



snap; windows xp at work, windows server 2003 enterprise at home; ubuntu box and multiple permanent putty windows open to keep me sane.

sigh bed time; back to the grind again tomorrow.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux