| List: | General Discussion | « Previous MessageNext Message » | |
| From: | mos | Date: | May 27 2003 10:41pm |
| Subject: | RE: How to secure a MySQL database from people with physical acce ss | ||
| View as plain text | |||
At 02:22 PM 5/27/2003, you wrote: > > -----Original Message----- > > From: mos [mailto:mos99@stripped] > > > Correct, which is why I have a means of compressing and > > *encrypting* the .exe file. > >I don't understand how this helps... The EXE file has to contain a complete >decryption routine or it can't be executed. So all the person has to do is >decompile the decryption routine, and then run the reverse-engineered >routine against the program. Alternatively, they can use a debugger and put >a breakpoint in at the end of the decryption routine. > >This sort of stuff does help against a casual attacker, but you always have >to keep in mind that you aren't really making the software secure, just >raising the energy barrier. It's a bit like the door locks on your car. >They'll keep curious people out, but a determined thief will just break a >window. The software encryption resists attacks like that. It may not be 100% effective, but it will make it a tough nut to crack. Yes, I am raising the bar. Most people know how to copy files onto diskettes, or email them to a friend. Not that many know how to hack an encrypted program or an encrypted database. So if I eliminate 99.9% of the attackers, I've eliminated a large portion of the threat. Over 50% of computer break-ins are done by internal employees, and by securing the software and database it will greatly reduce the number of successful attacks. > It's a bit like the door locks on your car. >They'll keep curious people out, but a determined thief will just break a window. Exactly. Do you lock your car when it is on the street? Why? If you're right, someone will only break the window and drive off with it anyway. So leave it unlocked and the keys in it. That way the thief won't rip out the ignition or break a window. After all, he's going to get in anyway, right? Well, the more barriers there are for the thief (or snoop) to overcome, the more likely he will go somewhere else. Mike P.S. Where'd you say you parked your car? :)
| Thread | ||
|---|---|---|
| • How to secure a MySQL database from people with physical access | mos | 27 May |
| • Re: How to secure a MySQL database from people with physical access | Joel Rees | 28 May |
| • Select name, email where birthday = ?? | Scott Haneda | 28 May |
| • RE: Select name, email where birthday = ?? | Adam Clauss | 28 May |
| • Re: Select name, email where birthday = ?? | Marcel Forget | 28 May |
| • RE: How to secure a MySQL database from people with physical acce ss | David Brodbeck | 27 May |
| • RE: How to secure a MySQL database from people with physical acce ss | mos | 27 May |
| • RE: How to secure a MySQL database from people with physical acce ss | mos | 27 May |
| • Re: How to secure a MySQL database from people with physical acce ss | Michael T. Babcock | 28 May |
| • Re: Select name, email where birthday = ?? | Inandjo Taurel | 28 May |
© 1995-2008 MySQL AB, 2008-2009 Sun Microsystems, Inc.
Page generated in 0.049 sec. using MySQL 5.1.14-beta-log