| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Christophe Pettus <xof(at)thebuild(dot)com> |
| Cc: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, Kai Wagner <kai(dot)wagner(at)percona(dot)com>, Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, Ron Johnson <ronljohnsonjr(at)gmail(dot)com>, pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Enquiry about TDE with PgSQL |
| Date: | 2025-10-31 17:06:21 |
| Message-ID: | aQTsjVoYDWU2GaLJ@momjian.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, Oct 31, 2025 at 10:04:35AM -0700, Christophe Pettus wrote:
>
>
> > On Oct 31, 2025, at 08:21, Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>
> > wrote: Yeah, what I would like to know is how many of the data
> > breaches actually grab directly from the storage versus getting it
> > through the database or other software above the storage?
>
> Essentially zero.
>
> PCI, like a lot of data security standards, are a magpie's assemblage
> of things that the authors have heard about all of which sound
> "secure" to them. However, since these particular magpies have
> machine guns (metaphorically) and can do serious damage to businesses,
> we must play along with the masquerade.
Yes, we have been avoiding the masquerade for years. The question is
can we continue. From the lack of discussion since April 1, 2025, it
seems the answer is yes.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
Do not let urgent matters crowd out time for investment in the future.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Clay Jackson (cjackson) | 2025-10-31 17:32:23 | RE: Enquiry about TDE with PgSQL |
| Previous Message | Christophe Pettus | 2025-10-31 17:04:35 | Re: Enquiry about TDE with PgSQL |