| From: | Scott Marlowe <smarlowe(at)g2switchworks(dot)com> |
|---|---|
| To: | David Pratt <fairwinds(at)eastlink(dot)ca> |
| Cc: | "Jim C(dot) Nasby" <jnasby(at)pervasive(dot)com>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Protecting application table structures and data |
| Date: | 2005-12-15 22:42:05 |
| Message-ID: | 1134686525.8351.1.camel@state.g2switchworks.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Thu, 2005-12-15 at 16:23, David Pratt wrote:
> Hi Jim. Many thanks for your reply. I guess this is not so great news. I
> am sort of at a loss as to what direction to take. I need a db
> connection on a couple of threads minimum in my app but also need to
> ensure that the information is secure.
Let's face facts. The second you hand the user a CDROM with your
application and encoded data on it, and the application has a way to
access it, it's only a matter of time before the user, by hacking the
application, can get access to it.
There is one, and only one, real solution. Host the data yourself and
require the user to connect remotely to you.
For instances of attempts to make things secure on remote systems, see
the recent Sony - F4I - root kit debacle.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2005-12-16 04:23:37 | Re: reg:Import&Export functions |
| Previous Message | David Pratt | 2005-12-15 22:23:40 | Re: Protecting application table structures and data |