MySQL Security


#1

I don’t believe I’ve even seen the security of MySQL discussed anywhere. How secure is the data in a MySQL database, assuming you have a tough username and password on it? How secure are Dreamhost’s MySQL servers?

On a somewhat related note, does anyone know how Dreamhost would deal with a subpoena for information contained in the database of one of its clients?

I’m concerned about the privacy and personal information of users that register at my website. There’s nothing illegal going on, and I certainly don’t expect any National Security Letters, but I’m concerned about my user’s right to privacy and anonymity.

Thanks,
Aero


#2

The only thing to believe is that they would follow the law, and produce whatever information they had that was properly subpoenaed, as would any other American business that wants to continue to operate.

Well, while that’s understandable you should realize that DreamHost is based in, and it’s physical assets are in, the United States where whatever “right” anyone may claim to have to “privacy” and “anonymity” is pretty much gone.

Thanks to the Patriot Act, Executive Orders, and the complicity of most Telcos and ISPs, what little reasonable expectation of privacy you still enjoy is only a chimera - and is being eroded daily.

If you want privacy and/or anonymity, encrypt everything with the best tools you can obtain, and take your chances :wink:

–rlparker


#3

Well, while it’s good to see that I’m not the only pessimist around here, I can’t agree with you 100%, rlparker.

It’s not that simple. Not all subpoenas are legal. Google successfully fought one this year. (PBS)

Going in the opposite direction, Apple sued Think Secret (iht), and while that case hasn’t been decided, Think Secret has won the first round.

Subpoenas are not invincible. But like I said, I can’t disagree with you, for the most part.

So any suggestions on how to encrypt a mySQL database? And would that work anyway? IE, you need the encryption key to get data out of the database, the users need the data, so everyone has the encryption key? I don’t know, I still use ROT-26.

Aero


#4

Ha! Absolutely right you are (note my use of the qualifier “properly subpoenaed” ) :wink: From reading the DH blog, and other threads involving abuse issues (DCMA take-down notices, etc.) DH has a record of thoroughly evaluating the “legality” of demands made upon them , and I probably should not have sounded that dismissive.

I actually believe they would produce whatever their counsel advised was legally appropriate, and move to quash overly-broad or abusive subpoenas. Given that each case would likely be evaluated on its own merit (or lack thereof), I just choose to take the “worst case” possibility as being likely, - and plan accordingly. :slight_smile:

Unfortunately, I really don’t know offhand of a good process for encrypting the data in a database while making it readily available “online” and real-time accessible to multiple users. That whole concept actually goes against my methodology of approaching such thing, and I have never really researched it.

The “pessimist” in me (and my experience in working military signal security and traffic analysis mission during the Cold War) causes me to refrain from putting truly sensitive data online, on a shared server, at all!

One alternate modelmight be to always maintain the data in an encrypted file (batched dump encrypted with pgp?) for download to users’ machines where it could be decrypted for use with offline processing programs, but that may not work well at all depending upon your application(s) (will the data be interactively updated by the users, are you able to properly “batch” updates to maintain data integrity and editing conflicts?, etc.).

It’s an interesting problem, and I hope someone else can offer you real advice (instead of mere commiseration).

HA! :slight_smile: NICE!

Edit: You got me thinking, and, though you have probably already done so, this google search produced some interesting and and relevant reading including:

http://www.securityfocus.com/infocus/1667
http://answers.google.com/answers/threadview?id=542757

At least there are some good ideas there, and a place to start? :open_mouth:

–rlparker