If it is text based type data, then you can read/look at the data with any file utility that will give you a file dump - so no it is not secure. And you can move a IB file to another machine just read it anyway.
Not very secure at all. Myles. -----Original Message----- From: Phil Scadden [mailto:[EMAIL PROTECTED]] Sent: Monday, 19 November 2001 9:39 a.m. To: Multiple recipients of list database Subject: [DUG-DB]: Interbase security. I am create some fairly valuable data inside an Interbase database at moment. The application installs and creates the database, and sets up a working account with a password based on a hash of machine characteristics. The machine characteristics used are encrypted with Blowfish and stored in an ascii file so can recover password if machine characteristics change. The database is used in Local server mode only, no network access. Now what I am wanting to guard against is someone lifting the GDB file off disk and taking it away to pull the data off it. I realise that no data is likely to resist a really determined attack but I do want it so someone has to invest considerable effort to achieve this. Question: Is interbase security enough or are there tools to prise the data out without knowing the passwords to the database? I realise it is going to be more secure if I encrypt data inside the database as well but this adds load to every store and retrieve operation which I am hoping to avoid. ---------------------------------------------------------- Phil Scadden, Institute of Geological and Nuclear Sciences 41 Bell Rd South, PO Box 30368, Lower Hutt, New Zealand Ph +64 4 5704821, fax +64 4 5704603 --------------------------------------------------------------------------- New Zealand Delphi Users group - Database List - [EMAIL PROTECTED] Website: http://www.delphi.org.nz --------------------------------------------------------------------------- New Zealand Delphi Users group - Database List - [EMAIL PROTECTED] Website: http://www.delphi.org.nz
