From: Date: May 27 2003 6:36pm Subject: RE: How to secure a MySQL database from people with physical acce ss List-Archive: http://lists.mysql.com/mysql/140915 Message-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" > -----Original Message----- > From: mos [mailto:mos99@stripped] > I could encrypt certain table fields, but this will make > writing the front > end a pain because all SQL statements will now need to be > changed any time > a new column is encrypted. It also won't help you any, because the software will have to contain everything needed to do the decryption. Unless you can somehow prevent a hypothetical attacker from getting this software, your encryption is only going to keep a casual attacker out. All he has to do is decompile the software enough to figure out your encryption routine. Generally there's very little you can do to protect data from someone with physical access to the machine -- unless you can keep it in encrypted form, and only decrypt it elsewhere, so that the decryption key never passes through the vulnerable machine.