Posted by David Portas on 12/10/05 13:04

Christopher Browne wrote:
> > Martin wrote:
> >> I'd venture to say that most db's
> >> are not designed to have strong security at the file level. I understand
> >> why (cpu and system load in managing constant encrypt/decrypt processing)
> >> but it is disturbing nevertheless.
> >>
> >> -Martin
> >
> > SQL Server 2005 has strong encryption built in to the database. The
> > user decides whether that applies to all of the database or just
> > selected data.
>
> Unfortunately, that means that you have to trust the database engine
> with the cryptographic keys.
>
> That means the DB engine is free to do whatever it likes with them,
> which is an inherent, vast, gaping security hole.
>
> It's so gaping that it obviates any value to the use of encryption.
> --

You mean to say that you only run open source and you inspect every
line of code that runs on your hardware? If not, how can you trust any
of it?

--
David Portas
SQL Server MVP
--

[Back to original message]