Re: Database level encryption

Ok people thank you for your answers.

Timothy Madden

On Wed, Apr 7, 2010 at 3:25 PM, Michael Gould
<mgould(at)intermodalsoftwaresolutions(dot)net> wrote:
> Timothy,
>
> I've worked with SQL Anywhere which does have database encryption.  There
> are pluses to having a encrypted db, but it did slow down the processing.
> They also had the ability to encrypt stored procedures and triggers.  That
> didn't' seem to really slow down the system.
>
> That being said, the encryption will keep the normal user out of the system,
> but those aren't the people you need to worry about. The people you need to
> worry about are the real hackers and they will be able to get around this
> type of encryption.  I'd like to see something to protect stored procedures
> and triggers but overall I agree that a encrypted drive is probably the best
> thing and require ssl connections.
>
> Best Regards
>
> Michael Gould
>
>
>
> "Timothy Madden" <terminatorul(at)gmail(dot)com> wrote:
>> Andreas 'ads' Scherbaum <adsmail(at)wars-nicht(dot)de> wrote:
>>
>>> If someone captures the machine the bad guy can install a network
>>> sniffer and steal the database passwords upon connect.
>>
>> I think protecting against a keylogger is a different issue than
>> database encryption. Is this why database encryption is "not needed"
>> for PostgreSQL, as people here say ?
>>
>>
>>>> With an encrypted database, you need the password anytime you connect,
>>>> even if another application already has an open connection.
>>>
>>> See above, this doesn't help.
>>>
>>> If someone get's root access to your machine, nothing (no filesystem
>>> and no database encryption) is goint to help you here.
>>
>>
>> I would have to disagree with you here. The whole point of encryption
>> is that you need the key in order to get your data back.
>>
>>
>> Timothy Madden
>>
>> --
>> Sent via pgsql-admin mailing list (pgsql-admin(at)postgresql(dot)org)
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgsql-admin
>>
>
>
>