March 12, 2019 at 9:43 pm
Comments posted to this topic are about the item Badly Encrypted Databases
March 13, 2019 at 6:21 am
Personally I would be more worried when a new query shows up, as opposed to similar queries being repeated. One solution to this could be banning ad-hoc queries completely and exposing everything through stored procedures. Security may not always be at odds with performance, but I think it is at odds with flexibility.
March 13, 2019 at 6:34 am
The whole paradigm of security as currently envisioned is "not even wrong", the wonderful phrase by Dr. Pauli.
It should not be the job of company IT staff to design and implement security, to pile one pile of slop on top of another and hope there's enough crap to drown hackers.
The whole security issue needs to be redone, from the ground up. The companies who create OSes should be the ones creating solutions to the problems in their own code that let attackers through. It should be the database software creators that provide impenetrable security.
It should be, but it can't be. Because the way software has been designed has always had security as a poor cousin, tossed a few crumbs when the PTB deign to think about it.
The current approach is broken. TDE is worthless, it's a performance hog, guarding the keys introduces yet another point of attack, and it only reduces (not eliminates) another attack vector.
Layered security is a good thing, don't get me wrong, but expecting every Tom, Dick, and Harry end-user/IT staffer to be security experts isn't just stupid, it's criminally negligent on the part of software vendors. As proven by the security apocalypse we find ourselves in.
March 13, 2019 at 12:02 pm
Not a security guy, but had to make a comment on the article. How about a better job of proofreading. When you have to re-read a sentence 3-4 times and guess what was trying to be said, it gets frustrating. The first time, you think, "Okay, we are all human and can make mistakes." The second time, you wonder, and the third time, you imagine maybe the article was put together while the author was sleeping.
"I think that security a series of layers, and as noted by the author of the blog,most criminals are lazy."
"We shouldn't be most clients to make large queries of all data in a table."
"Really at this point, we ought to have build in limitations of queries to ensure thatusers are exporting all data from a table."
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply