ite on
> the back of a postcard (unless it was encrypted). :-)
>
My point exactly, if you have sensitive data, invest in the technology you
need to look after that data, don't rely on someone else to look after it
for you.
> Mike
>
>
>
>
> -Original Message-
ve used other databases with AES256 with
no noticeable reduction in speed.
In conclusion, I wouldn't store anything at an ISP that I wouldn't write on
the back of a postcard (unless it was encrypted). :-)
Mike
-Original Message-
From: mos
Sent: Sunday, March 21, 2010 3:
621621
===
-Original Message-
From: mos
Sent: Sunday, March 21, 2010 3:40 AM
To: mysql@lists.mysql.com
Subject: RE: MySQL Encryption
At 05:54 PM 3/20/2010, John Daisley wrote:
>Jim
>
>In the case of our encrypted data no user, application or script is given
>a
to a few people in
your company. Never trust the internet service provider to be your only
means to protect your data or your drives.
Mike
-Original Message-
From: Jim
Sent: Friday, March 19, 2010 4:22 PM
To: John Daisley ; mysql@lists.mysql.com
Subject: Re: MySQL Encryption
T
-Original Message-
From: Jim
Sent: Friday, March 19, 2010 4:22 PM
To: John Daisley ; mysql@lists.mysql.com
Subject: Re: MySQL Encryption
Thanks for the reply, John.
What you are describing seems to be the approach I've seen on the few
places I've seen this topic discusse
Hi Neil.
Information (in most cases a string < 100 chars, but that's probably not
important) that actually needs to be decrypted, so a hash won't do.
Jim
On 3/20/2010 5:09 PM, Tompkins Neil wrote:
Hi
What sort of information are you looking to encrypt ? If it is for user
passwords I'd reco
Hi
What sort of information are you looking to encrypt ? If it is for user
passwords I'd recommend SHA256 which is one way encryption. Or are you
looking to encrypt more sensitive information like card holder data ?
Regards
Neil
On Fri, Mar 19, 2010 at 4:22 PM, Jim wrote:
> Thanks for the re
Thanks for the reply, John.
What you are describing seems to be the approach I've seen on the few
places I've seen this topic discussed.
I've been considering something along those lines, essentially a two
part key.
Part one of the key is made from some data that is in the record I want
to
Jim,
I tend to derive a key based on a separate character string and the contents
of the data in the same or a related table. This means each row has a unique
encryption key and you never have to have the whole key stored somewhere
(you don't even know it :p ). Biggest advantage to this is should
uk]
> Sent: Tuesday, August 25, 2009 2:08 AM
> To: Mike Scully
> Cc: mysql@lists.mysql.com
> Subject: Re: MySQL Encryption - Third-party tools
>
> On Mon, 24 Aug 2009, Mike Scully wrote:
>
> > Hello, all.
> > =20
> > Can any of you share with me the names o
On Mon, 24 Aug 2009, Mike Scully wrote:
> Hello, all.
> =20
> Can any of you share with me the names of any third-party tools or
> appliances that you are using to encrypt your MySQL databases? I am
> doing a search and would like to narrow down the initial search list.
> Thanks!
> =20
> Mike
I
On Fri, Nov 22, 2002 at 10:32:59AM +0100, Roger Baklund wrote:
> > How would MySQL react to having some of its data files stored on
> > encrypted loop-back devices that aren't available all the time, but are
> > always available when a certain user logs in?
>
> I'm sorry, I don't understand the qu
* Fraser Stuart
> Here are my two main security issues.
>
> 1) (valid) user does a sudo to root and runs "strings .MYD" - out
> drops all the sensitive text
> 2) (clever) user gets hold of the application user/password for
> MySQL (it's
> in the app config somewhere) - they run "mysql --user=foo --
-Original Message-
| From: Roger Baklund [mailto:[EMAIL PROTECTED]]
| Sent: Tuesday, 19 November 2002 1:15 AM
| To: [EMAIL PROTECTED]
| Cc: Alexandre Aguiar; Fraser Stuart
| Subject: Re: Mysql & Encryption
|
|
| * Alexandre Aguiar
| > On 14 Nov 2002 Fraser Stuart shaped the elec
: Mike Hillyer [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 18, 2002 2:24 PM
> To: Muir, Michael (OTS-EDH); 'Andy Eastham'; Mysql@Lists. Mysql. Com
> Subject: RE: Mysql & Encryption
>
>
> As far as I know you have to have a shell account to use ssh
> tunnel
Mysql. Com
Subject: RE: Mysql & Encryption
PuTTY is a nice freeware SSH client.
http://www.chiark.greenend.org.uk/~sgtatham/putty/
-mike
> -Original Message-
> From: Andy Eastham [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 18, 2002 8:39 AM
> To: Mysql@L
PuTTY is a nice freeware SSH client.
http://www.chiark.greenend.org.uk/~sgtatham/putty/
-mike
> -Original Message-
> From: Andy Eastham [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 18, 2002 8:39 AM
> To: Mysql@Lists. Mysql. Com
> Subject: RE: Mys
Have you considered putting your databases on an encrypted filesystem ?
You don't need to add anything to mysql and those filesystems
already exist (although I have not yet used them).
Regards,
Joseph Bueno
mos wrote:
> At 08:15 AM 11/18/2002, you wrote:
>
> > * Alexandre Aguiar
> > > On 14 Nov
At 08:15 AM 11/18/2002, you wrote:
* Alexandre Aguiar
> On 14 Nov 2002 Fraser Stuart shaped the electrons to write something
> about [Mysql & Encryption]
>
> > We are about to embark on a project that requires data encryption -
> > mainly to stop sensitive information being viewed accidentally (ie
Sent: 18 November 2002 13:54
> To: Alexandre Aguiar; Fraser Stuart
> Cc: [EMAIL PROTECTED]
> Subject: RE: Mysql & Encryption
>
>
> A windows versionof Stunnel is available from the stunnel website
> (www.stunnel.org), I would reccomend using it for your needs.
>
> Mike
* Alexandre Aguiar
> On 14 Nov 2002 Fraser Stuart shaped the electrons to write something
> about [Mysql & Encryption]
>
> > We are about to embark on a project that requires data encryption -
> > mainly to stop sensitive information being viewed accidentally (ie
>
> Isn´t it possible to tunnel MyS
PROTECTED]
Subject: Re: Mysql & Encryption
On 14 Nov 2002 Fraser Stuart shaped the electrons to write something
about [Mysql & Encryption]
> We are about to embark on a project that requires data encryption -
> mainly to stop sensitive information being viewed accidentally (ie
Isn´t
On 14 Nov 2002 Fraser Stuart shaped the electrons to write something
about [Mysql & Encryption]
> We are about to embark on a project that requires data encryption -
> mainly to stop sensitive information being viewed accidentally (ie
Isn´t it possible to tunnel MySQL connections through ssl?
Und
Roger Baklund wrote:
Wouldn't you be better of using GRANT? If you encrypt the content of the
database, any searching must be done on the encrypted value, and sorting
would be difficult...
How would MySQL react to having some of its data files stored on
encrypted loop-back devices that aren'
* Fraser Stuart
> We are about to embark on a project that requires data encryption - mainly
> to stop sensitive information being viewed accidentally (ie viewing tables
> directly through odbc connections or standard mysql clients). The server
> (solaris) will not be publicly accessible.
Wouldn't
Fraser Stuart wrote:
From this I'm leaning towards DES encryption - only because I can store the
key on the server.
Don't use DES for any secure information. If by "secure" you mean "I
don't care if they see it, but I'd prefer if they didn't", the go ahead.
If by "secure" you mean "No way!
26 matches
Mail list logo