On 09/30/2011 02:50 PM, Kyle Quest wrote:
I'm not here to define a perfect infrastructure for securing NoSQL databases and Riak and go into implementation details... It's not my intention because I simply don't have time to dedicate to this big project and it's impossible to come up with a perfect solution right away. Either way asking customers to be security experts is asking for trouble... And I base this statement on the actual real world experience in security, which I have quite a bit. I'll leave it on this note :-) And let's talk in 10 or 15 years :-)
Let's skip the ad hominem. I'm gay. You are *not* going to win a bitchiness contest. I want to help people build robust, secure systems. What little you've proposed is not only useless but dangerous. I can't risk someone implementing it. I'm volunteering my time to answer questions on building secure applications in general: with Riak, with MySQL, with HTTP, with Active Directory, whatever. Not an expert on everything, but I can provide pointers to more comprehensive sources. Feel free to contact me off-list if it doesn't pertain to Riak. I'll also try to write an introductory blog post on application security this weekend. If you'd like to contribute, or just want to see some topic covered, let me know. --Kyle Kingsbury _______________________________________________ riak-users mailing list [email protected] http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
