Security is hard

Just got an email form one of our customers asking if it was possible to use an encrypted password in PHP for connecting to MySQL. So that instead of doing something like:

$connection = mysql_connect(host,user,pass);

He wanted to do something like:

$connection = mysql_connect(host,user,encrypted_pass);

Which is of course not very useful (since you could use the encrypted string just like any other normal password, so there's no added security). We come across these kinds of notions quite often, people want to use encryption for security, but the way they use it makes it kind of useless.

A few years ago we had a customer who wanted a fully secured machine, from boot onwards. This so he could sell appliances without giving his customers easy access to the operation system and application. He wanted an encrypted hard disk. But if you use standard x86 based hardware, you have no way to store an initial secret. Even if you'd embed the password somewhere in the bootloader, it's still somewhere on that machine.

Security is hard to do well. I wish people would start by simply applying best practises, like setting safe file permissions. Encryption is often not very useful if you want parts of an application to actually access the data without the user entering the password of that encrypted data.


Comments powered by Disqus