On Thu, 7 Jun 2018 16:34:26 +0200 Dimitry Sibiryakov <s...@ibphoenix.com> wrote:
> > Patterns in data are fuzzed by record compression. BLOBs may be > troublesome if someone is stupid enough to keep in a database bitmaps > instead of JPEGs. > Record compression is RLE based (AFAIK) and doesn't fuzz the data if there are no successive repetitions in the same field which I imagine is mostly true for some kinds of data including English text. In a table with fixed length fields this would be an even bigger problem. I agree that there is some degree of fuzzing but it is mostly by chance and not deliberate which doesn't make it secure in my opinion (I am in no way expert on the matter). Anyway, the goal of proposing support for XTS mode was that it seemed like a low-hanging fruit for better security. It is widely used in almost every disk encryption software and is the recommended way instead of CBC/EBC/CTR modes. Some of the reasons for this are listed here[1]. Regards, Hristo Stefanov [1] https://sockpuppet.org/blog/2014/04/30/you-dont-want-xts/ (the article argues that XTS is a bad fit for anything other than disk encryption, thus the title, but gives a good overview of the pros and cons of the alternatives). ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
