[interesting] Database Encryption
Robert Brenstein
rjb at rz.uni-potsdam.de
Wed Jan 22 15:12:32 CST 2003
>Agree. In ideal it must be:
>
>IF you have db with existed data,
>And you say encrypt it,
>Valentina must encrypt existed data,
>And ZERO ONCE (!) all empty space.
So we agree (my email suggesting exactly the above hasn't showed up
on the list yet, although it was sent a while ago).
>Problem like in Microsoft was fixed on first month of born of Valentina.
>Allocated disk space is zeroed.
I did not mean that so literally, Ruslan. If a DB exposed private
content because of deletion side-effect, the scandal would be LIKE
(as in similar to in implications not technical aspect) what
Microsoft faced with their Word file problem.
>Robert, in fact in above situation mistake is of developer/user.
Yes, but it may be quite a common situation, which Valentina can
prevent it without much ado as you outlined. If Valentina protects us
from making a mistake, the better for it as a product.
>BEFORE he have decide encrypt db, that data was NOT considered as secret.
>They was even deleted before encryption. So why Valentina must consider them
>as secret ?
Well, an easy example is that a db may be intended for encrypted
distribution but kept un-encrypted during development. Anyway, what
you suggest above is the right way to prevent any mishaps. Just do it
:)
Robert
More information about the Valentina
mailing list