One fo the great things about taking some time off is that I get the opportunity to catch up on some things. I’m not talking about finding out which is the best acne treatment on the market, but rather catch up on my reading, things I want to do and above all time with the family. I’ve started reading Freakonomics again, hoping to finish it this time. I just love the way the book was written.
I’ve also been catching up on some bookmarked pages and posts I’ve had piling up. A great post was sent to me by my friend John a couple of months ago and is a blog post entitled Who Needs Encryption by Laurentui Cristofor. He’s a security specialist, but the post is less about security techniques and more a call to rationality to understand what security is and when it is helpful. More importantly, it outlines where it is NOT helpful. Here are three scenarios he outlines where encryption is just the wrong thing to do:
- “I would like to package my database application in a form that would allow a customer to use it, but without him ever being capable to access the actual data stored in it. I think encrypting the database should help”.
- “I think encrypting the data in the database will prevent a machine administrator from being able to read it”.
- “If an attacker hacks into my database, he’ll get my sensitive information, but if I encrypt it, it will be useless to him”.
It’s a great read, so check it out