On 8 Jun 2017, at 11:13pm, Wout Mertens <wout.mert...@gmail.com> wrote:
> So if the adversary is someone with access to your disk image, disk > encryption trumps db encryption (unless the disk encryption is vulnerable > to known-plaintext attacks, but I guess they probably apply to sqlite too). Your hope is that the database is held on a server but the decryption key is on the computers users type on. Or if you have a web-facing setup with multiple servers, your database is on the database computer running PHP and the key is in the JavaScript files on the web server. But in the long run, physical possession always trumps encryption. Once they’re in a situation where they can try keys endlessly it’s just a case of how much time and money they’re willing to spend to get access to your data. Are you a target of the CIA ? Don’t rely on encryption. If you’re someone with no money and no interest in politics ? Then encryption is good at preventing casual theft by bored employees and thieves of opportunity. Simon. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users