MS SQL Server 2005 Adds Security Features
nycsubway writes "Microsoft is planning to add in its own encryption and decryption to its newest version of SQL Server. From the article: 'The company is writing complex encryption and decryption functionality directly into the product so customers don't have to procure security features from a third party, or roll their own when the product becomes generally available next year.' I would also hope the default sa/password will no longer be there."
Not to mention that the decryption key will probably be on an insecure web server.
Anyway, if you want PostgreSQL to use encrypted storage, use an encrypted filesystem.
Rod Taylor
I just hope they keep a "backdoor" key that can decrypt the data if my key is lost.. and more importantly can give the FBI, NSA, etc. access to my data if they need it and I'm unavailable to give them access.
Everyone will get hacked, be it MS or Debian.
BTW, Debian was hacked due to a local exploit and a sniffed password. MS was probably cracked remotely, unless you can actually log into their web servers remotely :)
So there. MS is insecure, Debian is insecure, OpenBSD is insecure (see CVS holes), OSX is insecure, etc...... Yeap, most software is crap. That's why Linux has things like grsecurity.net, second line of defence. I don't know such things even exist for MS OS.