July 16, 2014 at 10:29 am
Lynn Pettis (7/16/2014)
TomThomson (7/16/2014)
Jack Corbett (7/16/2014)
Steve Jones - SSC Editor (7/16/2014)
GilaMonster (7/16/2014)
Jeff Moden (7/15/2014)
To be honest, I'm glad this person is taking such caution and has such FUD about it.I would be, if he were worrying in the right area, but he's not. The technical aspect of encryption is the easy part. The key management, the who are you protecting the data against, the what risks are you trying to mitigate, etc, that's the hard part of encryption.
Completely agree with Gail. Key management is hard.
I think encryption should be done in the app, not the database. I think Jeff mentioned it in that thread, that if encryption is happening in the database it means everything is being passed over the wire in clear text. Just something I'd rather see not happen. The only issue is if you do reporting using another tool and have to work out decrypting those values in the reporting tool (SSRS even).
Doing decryption in the database doesn't necessarily mean that stuff on the wire is in plaintext. In a lot of systems (including some outdated versions of Windows) it's possible to have an encryption layer in the comms stack immediately above transport, so that everything on the wire - even stuff not encrypted in storage - is encrypted. I don't know whether current versions of windows support this, but I imagine they do. A lot of people believe that the risk of data bing intercepted on the wire is much higher than the risk of someone gaining access to data on storage media and insist on everything being encrypted on the wire whether it's encrypted in strorage or not. And third party apps are often a nightmare from the point of view of encryption in the app. I guess encryption in the app is sometimes better than encryption in teh db, but not very often.
Wham-o, course change in midstream. Now we are suddenly talking SSIS in the same thread with little info to start.
That's bad form on his part.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
July 16, 2014 at 10:31 am
Lynn Pettis (7/16/2014)
TomThomson (7/16/2014)
Jack Corbett (7/16/2014)
Steve Jones - SSC Editor (7/16/2014)
GilaMonster (7/16/2014)
Jeff Moden (7/15/2014)
To be honest, I'm glad this person is taking such caution and has such FUD about it.I would be, if he were worrying in the right area, but he's not. The technical aspect of encryption is the easy part. The key management, the who are you protecting the data against, the what risks are you trying to mitigate, etc, that's the hard part of encryption.
Completely agree with Gail. Key management is hard.
I think encryption should be done in the app, not the database. I think Jeff mentioned it in that thread, that if encryption is happening in the database it means everything is being passed over the wire in clear text. Just something I'd rather see not happen. The only issue is if you do reporting using another tool and have to work out decrypting those values in the reporting tool (SSRS even).
Doing decryption in the database doesn't necessarily mean that stuff on the wire is in plaintext. In a lot of systems (including some outdated versions of Windows) it's possible to have an encryption layer in the comms stack immediately above transport, so that everything on the wire - even stuff not encrypted in storage - is encrypted. I don't know whether current versions of windows support this, but I imagine they do. A lot of people believe that the risk of data bing intercepted on the wire is much higher than the risk of someone gaining access to data on storage media and insist on everything being encrypted on the wire whether it's encrypted in strorage or not. And third party apps are often a nightmare from the point of view of encryption in the app. I guess encryption in the app is sometimes better than encryption in teh db, but not very often.
Wham-o, course change in midstream. Now we are suddenly talking SSIS in the same thread with little info to start.
I can see it coming, in about 300 posts the question will be "how to decrypt...."
On the other hand and doing a JM's style shift of gears, I feel that no question should be considered stupid and any reference to an OP should be done with caution and consideration. Just my 2cents.
๐
July 16, 2014 at 10:39 am
Eirikur Eiriksson (7/16/2014)
Lynn Pettis (7/16/2014)
TomThomson (7/16/2014)
Jack Corbett (7/16/2014)
Steve Jones - SSC Editor (7/16/2014)
GilaMonster (7/16/2014)
Jeff Moden (7/15/2014)
To be honest, I'm glad this person is taking such caution and has such FUD about it.I would be, if he were worrying in the right area, but he's not. The technical aspect of encryption is the easy part. The key management, the who are you protecting the data against, the what risks are you trying to mitigate, etc, that's the hard part of encryption.
Completely agree with Gail. Key management is hard.
I think encryption should be done in the app, not the database. I think Jeff mentioned it in that thread, that if encryption is happening in the database it means everything is being passed over the wire in clear text. Just something I'd rather see not happen. The only issue is if you do reporting using another tool and have to work out decrypting those values in the reporting tool (SSRS even).
Doing decryption in the database doesn't necessarily mean that stuff on the wire is in plaintext. In a lot of systems (including some outdated versions of Windows) it's possible to have an encryption layer in the comms stack immediately above transport, so that everything on the wire - even stuff not encrypted in storage - is encrypted. I don't know whether current versions of windows support this, but I imagine they do. A lot of people believe that the risk of data bing intercepted on the wire is much higher than the risk of someone gaining access to data on storage media and insist on everything being encrypted on the wire whether it's encrypted in strorage or not. And third party apps are often a nightmare from the point of view of encryption in the app. I guess encryption in the app is sometimes better than encryption in teh db, but not very often.
Wham-o, course change in midstream. Now we are suddenly talking SSIS in the same thread with little info to start.
I can see it coming, in about 300 posts the question will be "how to decrypt...."
On the other hand and doing a JM's style shift of gears, I feel that no question should be considered stupid and any reference to an OP should be done with caution and consideration. Just my 2cents.
๐
Never said that the question was stupid. Some of us have been dealing with WC for many years and the frustration is that he rarely shows initiative to figure things out. It would be different if the questions were more specific and he showed what he had done to the point where he ran into problems and needed some guidance to get past a specific road block in a process.
In another post I gave him exactly what he needed, just not in a full script and he asked for a script using it. No initiative on his part to take what was given and apply it to his problem.
That's part of what this thread is about. A water cooler, a place to vent a bit with others and to be able to step back and maybe dive back in and try to help, or as happened here, others stepping in and helping.
July 16, 2014 at 11:07 am
Lynn Pettis (7/16/2014)
Eirikur Eiriksson (7/16/2014)
Lynn Pettis (7/16/2014)
TomThomson (7/16/2014)
Jack Corbett (7/16/2014)
Steve Jones - SSC Editor (7/16/2014)
GilaMonster (7/16/2014)
Jeff Moden (7/15/2014)
To be honest, I'm glad this person is taking such caution and has such FUD about it.I would be, if he were worrying in the right area, but he's not. The technical aspect of encryption is the easy part. The key management, the who are you protecting the data against, the what risks are you trying to mitigate, etc, that's the hard part of encryption.
Completely agree with Gail. Key management is hard.
I think encryption should be done in the app, not the database. I think Jeff mentioned it in that thread, that if encryption is happening in the database it means everything is being passed over the wire in clear text. Just something I'd rather see not happen. The only issue is if you do reporting using another tool and have to work out decrypting those values in the reporting tool (SSRS even).
Doing decryption in the database doesn't necessarily mean that stuff on the wire is in plaintext. In a lot of systems (including some outdated versions of Windows) it's possible to have an encryption layer in the comms stack immediately above transport, so that everything on the wire - even stuff not encrypted in storage - is encrypted. I don't know whether current versions of windows support this, but I imagine they do. A lot of people believe that the risk of data bing intercepted on the wire is much higher than the risk of someone gaining access to data on storage media and insist on everything being encrypted on the wire whether it's encrypted in strorage or not. And third party apps are often a nightmare from the point of view of encryption in the app. I guess encryption in the app is sometimes better than encryption in teh db, but not very often.
Wham-o, course change in midstream. Now we are suddenly talking SSIS in the same thread with little info to start.
I can see it coming, in about 300 posts the question will be "how to decrypt...."
On the other hand and doing a JM's style shift of gears, I feel that no question should be considered stupid and any reference to an OP should be done with caution and consideration. Just my 2cents.
๐
Never said that the question was stupid. Some of us have been dealing with WC for many years and the frustration is that he rarely shows initiative to figure things out. It would be different if the questions were more specific and he showed what he had done to the point where he ran into problems and needed some guidance to get past a specific road block in a process.
In another post I gave him exactly what he needed, just not in a full script and he asked for a script using it. No initiative on his part to take what was given and apply it to his problem.
That's part of what this thread is about. A water cooler, a place to vent a bit with others and to be able to step back and maybe dive back in and try to help, or as happened here, others stepping in and helping.
A reference to it being posted here got me to notice it, so that worked. No matter what, however, I agree with Tom - WC is going to be in trouble. It's almost like he wants the whole thing done for him and won't take any initiative to figure things out on his own. The "Oops...doesn't work...post it" process doesn't include looking up errors or reading the MSDN pages to really understand the way it works. This may very well get him into trouble down the road when he has to recover a key or the certificate expires or some little thing goes wrong.
Then again, I'm the type who really wants to know how things work under the hood. I may not have forever to play around with them, but I find that a deep dive and real understanding help me become better. I know it's a little sick, but I find a lot of it to be fun.
July 16, 2014 at 11:08 am
Lynn Pettis (7/16/2014)
Eirikur Eiriksson (7/16/2014)
Lynn Pettis (7/16/2014)
TomThomson (7/16/2014)
Jack Corbett (7/16/2014)
Steve Jones - SSC Editor (7/16/2014)
GilaMonster (7/16/2014)
Jeff Moden (7/15/2014)
To be honest, I'm glad this person is taking such caution and has such FUD about it.I would be, if he were worrying in the right area, but he's not. The technical aspect of encryption is the easy part. The key management, the who are you protecting the data against, the what risks are you trying to mitigate, etc, that's the hard part of encryption.
Completely agree with Gail. Key management is hard.
I think encryption should be done in the app, not the database. I think Jeff mentioned it in that thread, that if encryption is happening in the database it means everything is being passed over the wire in clear text. Just something I'd rather see not happen. The only issue is if you do reporting using another tool and have to work out decrypting those values in the reporting tool (SSRS even).
Doing decryption in the database doesn't necessarily mean that stuff on the wire is in plaintext. In a lot of systems (including some outdated versions of Windows) it's possible to have an encryption layer in the comms stack immediately above transport, so that everything on the wire - even stuff not encrypted in storage - is encrypted. I don't know whether current versions of windows support this, but I imagine they do. A lot of people believe that the risk of data bing intercepted on the wire is much higher than the risk of someone gaining access to data on storage media and insist on everything being encrypted on the wire whether it's encrypted in strorage or not. And third party apps are often a nightmare from the point of view of encryption in the app. I guess encryption in the app is sometimes better than encryption in teh db, but not very often.
Wham-o, course change in midstream. Now we are suddenly talking SSIS in the same thread with little info to start.
I can see it coming, in about 300 posts the question will be "how to decrypt...."
On the other hand and doing a JM's style shift of gears, I feel that no question should be considered stupid and any reference to an OP should be done with caution and consideration. Just my 2cents.
๐
Never said that the question was stupid. Some of us have been dealing with WC for many years and the frustration is that he rarely shows initiative to figure things out. It would be different if the questions were more specific and he showed what he had done to the point where he ran into problems and needed some guidance to get past a specific road block in a process.
In another post I gave him exactly what he needed, just not in a full script and he asked for a script using it. No initiative on his part to take what was given and apply it to his problem.
That's part of what this thread is about. A water cooler, a place to vent a bit with others and to be able to step back and maybe dive back in and try to help, or as happened here, others stepping in and helping.
No implied either, my respect on handling the situation! So far, JC is the only one that has managed to rub me the wrong way:-D
๐
July 16, 2014 at 11:09 am
What is really frustrating is not getting the whole picture of what someone is trying to accomplish and feeling like you are pulling teeth from a chicken when asking questions to figure out what is wanted.
Please, tell me if I went to far with WC.
July 16, 2014 at 11:15 am
Lynn Pettis (7/16/2014)
What is really frustrating is not getting the whole picture of what someone is trying to accomplish and feeling like you are pulling teeth from a chicken when asking questions to figure out what is wanted.Please, tell me if I went to far with WC.
Lynn, I don't think you did. I read your most recent post and I feel the same frustration. The lack of information and unwillingness to even try get to me, too. I think you only posted what others are feeling. Another snippet was just posted in response to my next steps I suggested was just posted. I'm not surprised.
He's the one who is going to have to support whatever he puts into production. I think if he realizes and accepts that fact, it'll make him want to learn it better than he is now.
July 16, 2014 at 11:35 am
Steve Jones - SSC Editor (7/16/2014)
The Dixie Flatline (7/15/2014)
Sometimes I think MVPs are a real pain in the ***. Present company excepted.I agree
Hey, back so soon, Steve? ๐
Good to "see" you.
__________________________________________________
Against stupidity the gods themselves contend in vain. -- Friedrich Schiller
Stop, children, what's that sound? Everybody look what's going down. -- Stephen Stills
July 16, 2014 at 12:03 pm
I posted a question here on Memory Grants and Varchar(max) and I'd love to hear any opinions the people in this thread might have.
--------------------------------------
When you encounter a problem, if the solution isn't readily evident go back to the start and check your assumptions.
--------------------------------------
Itโs unpleasantly like being drunk.
Whatโs so unpleasant about being drunk?
You ask a glass of water. -- Douglas Adams
July 16, 2014 at 12:13 pm
Stefan Krzywicki (7/16/2014)
I posted a question here (http://www.sqlservercentral.com/Forums/Topic1593226-391-1.aspx) on Memory Grants and Varchar(max) and I'd love to hear any opinions the people in this thread might have.
For some reason when I click the link I'm brought to the THREAD and not to your post. Is THE THREAD taking over all links on the site:crazy:
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
July 16, 2014 at 12:15 pm
Jack Corbett (7/16/2014)
Stefan Krzywicki (7/16/2014)
I posted a question here (http://www.sqlservercentral.com/Forums/Topic1593226-391-1.aspx) on Memory Grants and Varchar(max) and I'd love to hear any opinions the people in this thread might have.For some reason when I click the link I'm brought to the THREAD and not to your post. Is THE THREAD taking over all links on the site:crazy:
Maaaaaaybe? I'll double check and edit if need be.
--------------------------------------
When you encounter a problem, if the solution isn't readily evident go back to the start and check your assumptions.
--------------------------------------
Itโs unpleasantly like being drunk.
Whatโs so unpleasant about being drunk?
You ask a glass of water. -- Douglas Adams
July 16, 2014 at 12:17 pm
Jack Corbett (7/16/2014)
Stefan Krzywicki (7/16/2014)
I posted a question here (http://www.sqlservercentral.com/Forums/Topic1593226-391-1.aspx) on Memory Grants and Varchar(max) and I'd love to hear any opinions the people in this thread might have.For some reason when I click the link I'm brought to the THREAD and not to your post. Is THE THREAD taking over all links on the site:crazy:
I corrected the link in this post ๐
July 16, 2014 at 12:19 pm
Luis Cazares (7/16/2014)
Jack Corbett (7/16/2014)
Stefan Krzywicki (7/16/2014)
I posted a question here (http://www.sqlservercentral.com/Forums/Topic1593226-391-1.aspx) on Memory Grants and Varchar(max) and I'd love to hear any opinions the people in this thread might have.For some reason when I click the link I'm brought to the THREAD and not to your post. Is THE THREAD taking over all links on the site:crazy:
I corrected the link in this post ๐
Thanks. Did I err in using " around the url?
--------------------------------------
When you encounter a problem, if the solution isn't readily evident go back to the start and check your assumptions.
--------------------------------------
Itโs unpleasantly like being drunk.
Whatโs so unpleasant about being drunk?
You ask a glass of water. -- Douglas Adams
July 16, 2014 at 12:20 pm
Anybody? Can anybody please step in again and try helping me with WC? Frustrated, can't seem to get him to realize I just don't know what he is trying to accomplish. Encrypt data in place? Encrypt in place and then transfer to another database (possibly on a different server)?
Tried to point out some of the issues that need to be considered. Now he thinks I'm offended and/or angry. Nope, just frustrated.
July 16, 2014 at 12:30 pm
Lynn Pettis (7/16/2014)
Anybody? Can anybody please step in again and try helping me with WC? Frustrated, can't seem to get him to realize I just don't know what he is trying to accomplish. Encrypt data in place? Encrypt in place and then transfer to another database (possibly on a different server)?Tried to point out some of the issues that need to be considered. Now he thinks I'm offended and/or angry. Nope, just frustrated.
I decided long ago that this person is unable to grasp what is required for them to be successful. As a result I might glance at their thread but pretty much just move on. I really enjoy helping others and turning in the right direction when they need help but this person is more like a beggar on the street. The more handouts you give them, the more they ask for and the less they are able to fend for themselves. I would not want SSC to become one of "those" places, like SO where "you aren't worthy" but seriously...
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 โ Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
Viewing 15 posts - 44,656 through 44,670 (of 66,712 total)
You must be logged in to reply to this topic. Login to reply