yes good point, thanks Dave >> In fact, yes i know we are both thinking 'if someone >> is good enough to hack into the backend database >> then they will be good enough to decrypt the data if >> they really wanted' >> >> so the cf app would definitely be sufficient enough > >The problem with encrypting data from within your application is that >the same application will often also decrypt the data, so if your >application itself has a vulnerability - which is by far the most >likely security problem you'd have - this won't actually protect your >data. It would, however, perhaps protect your data from untrustworthy >database administrators, but that's probably not the threat profile >you're facing. > >Dave Watts, CTO, Fig Leaf Software >http://www.figleaf.com/ > >Fig Leaf Software provides the highest caliber vendor-authorized >instruction at our training centers in Washington DC, Atlanta, >Chicago, Baltimore, Northern Virginia, or on-site at your location. >Visit http://training.figleaf.com/ for more information!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:321473 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
