Stories
Slash Boxes
Comments

SoylentNews is people

ZeroDB Encrypted Database Now Open Source

posted by martyb on Friday December 11 2015, @07:21AM   Printer-friendly
from the hidden-in-plain-site dept.

The Mighty Buzzard writes:

From the fine folks over at net-security.org comes this interesting announcement:

ZeroDB, an end-to-end encrypted database whose release was announced earlier this year, is now open source.

Developers MacLane Wilkison and Michael Egorov changed the license from proprietary to AGPLv3 on Monday, and invited the public to use it: "Try it, build awesome things with it, break it. Then tell us about it."

ZeroDB is based on the eponymous protocol that allows end-to-end encrypted queries, which in turn allows encrypted data to be stored on untrusted servers (e.g. in a public cloud).

[...] "In ZeroDB, the client is responsible for the database logic. Data encryption, decryption and compression also happen client side. Therefore, the server never has any knowledge about the data, its structure or order," it is explained in the documentation.

"Since the server has no insight into the nature of the data, the risk of a server-side data breach is eliminated. Even if attackers successfully infiltrate the server, they won't have access to the cleartext data," the developers pointed out.

No, NCommander, we don't need to switch databases twice in a year. Wait till 2016 at least.

Original Submission

 
This discussion has been archived. No new comments can be posted.
ZeroDB Encrypted Database Now Open Source | Log In/Create an Account | Top | 21 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by WillR on Friday December 11 2015, @05:09PM

    by WillR (2012) on Friday December 11 2015, @05:09PM (#275029)
    We're 30 years into this, and it's still not really clear whether "we didn't modify libfoo, here's a link to their source code repo" is a legally acceptable answer to a GPL request.

  • (Score: 0) by Anonymous Coward on Friday December 11 2015, @11:32PM

    by Anonymous Coward on Friday December 11 2015, @11:32PM (#275221)

    Well, the GPL is clear that you are allowed to download a copy of libfoo on their behalf and charge them for the service.

  • (Score: 2) by TheRaven on Monday December 14 2015, @11:54AM

    by TheRaven (270) on Monday December 14 2015, @11:54AM (#276069) Journal
    The answer to that is clear: It is acceptable with GPLv3, it is not acceptable with GPLv2. With GPLv2, you are required to provide the source along with the distribution or an offer good for three years to provide the source (if paid a reasonable copying fee). If you received the binary along with an offer, then you can simply forward this offer.
    --
    sudo mod me up