From owner-freebsd-questions@FreeBSD.ORG Fri Nov 24 21:07:04 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 231BB16A47C for ; Fri, 24 Nov 2006 21:07:04 +0000 (UTC) (envelope-from maanjee@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1F80343D58 for ; Fri, 24 Nov 2006 21:05:49 +0000 (GMT) (envelope-from maanjee@gmail.com) Received: by py-out-1112.google.com with SMTP id f31so558927pyh for ; Fri, 24 Nov 2006 13:06:33 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=olxOBt+qgq7C+bqHxh2A2NCopwZiyJuPThVhseTnaEVhFdHmBNEBc9M+bARL0NfuC4bXhNq/h44LlsPw1ZU9Xyon7Rk7muQ7qhPEAAthSxVAi0AbXxpT3E/BivqAZI3gC8EFFcKpmtKKnNrv6IatcDvg+9xJ2xT+r2X5qVA495A= Received: by 10.35.93.1 with SMTP id v1mr6678239pyl.1164402390911; Fri, 24 Nov 2006 13:06:30 -0800 (PST) Received: by 10.35.32.4 with HTTP; Fri, 24 Nov 2006 13:06:30 -0800 (PST) Message-ID: <2cd0a0da0611241306t57325db4t11690f1aa856f738@mail.gmail.com> Date: Fri, 24 Nov 2006 22:06:30 +0100 From: VeeJay To: RW In-Reply-To: <200611241211.31476.list-freebsd-2004@morbius.sent.com> MIME-Version: 1.0 References: <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <20061123082520.af5d4265.wmoran@collaborativefusion.com> <20061124163754.5a11ddef@localhost> <200611241211.31476.list-freebsd-2004@morbius.sent.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: Password Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Nov 2006 21:07:04 -0000 On 11/24/06, RW wrote: > > On Friday 24 November 2006 05:37, Norberto Meijome wrote: > > Precisely - MS makes a very strong (and valid) point of saying that once > > 'the bad guys' have physical access to your box, the machine is owned. > > > > The was a (very cool) presentation in Ruxcon (ruxcon.org) this year > about > > hacking into someone's machine via Firewire. And even if it was an > exploit, > > neither the researcher/hacker nor MS would consider it "security issue", > > because to use this FW attack you need physical access... ie, you've > lost > > the battle already, it's just a matter of picking your method of > breaking > > in. > > I think that's a bit complacent of MS, given that most instances of their > OS > don't run on servers. > > If a desktop machine has encrypted partitions, it is protected against > someone > stealing it and breaking in at their convenience. Reading data from a > running > machine, shouldn't be as convenient and inconspicuous as plugging-in a > cable. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > But what about database encryption? Is it possible to encrypt mySQL database and what is the best method to encrypt which does not affect the performance? -- Thanks! BR / vj