One of an article says the hack assumingly happened from an external Web storage.
So not a mainframe ? Jake On 8 Feb 2015 08:31, "Timothy Sipples" <sipp...@sg.ibm.com> wrote: > Tom Brennan writes: > >Maybe someone can tell me what difference it makes whether the data was > >encrypted on disk or not (as some news reports are talking about). I > >mean, if I do a SELECT * from an admin id I must be going through the > >decrypt process, right? > > No, that's not a given. Many financial transaction systems -- handling > credit and debit cards, for example -- store sensitive information using > various hash functions. (The new IBM z13 includes a new format-preserving > encryption standard that's quite handy.) There's also the fact > administrative IDs typically shouldn't be allowed to do SELECT * -- and > then SELECT * isn't actually SELECT-the-entire-database when you're using > MLS. In a reasonably well run shop (or better) DB2 DBAs don't actually get > end user data access authority. I can't remember what version of DB2 > introduced the more strict role-based separation, but I think it was at > least as far back as DB2 Version 8. > > I'm assuming customers use IBM mainframes and use these wonderful > capabilities (and others) IBM provides. Big assumptions, sadly violated too > often. > > > -------------------------------------------------------------------------------------------------------- > Timothy Sipples > IT Architect Executive, Industry Solutions, IBM z Systems, AP/GCG/MEA > E-Mail: sipp...@sg.ibm.com > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN