SoylentNews is people
SoylentNews
MongoDB's Field-Level Encryption Protects Private Data—Even From DBAs[:
In December 2019, popular document database MongoDB added a fairly radical new feature to the platform: field-level database encryption. At first glance, one might wonder whether this is a meaningful feature in a world that already has at-rest storage encryption and in-flight transport encryption—but after a little closer analysis, the answer is a resounding yes.
One of MongoDB's first customers to use the new technology is Apervita, a vendor that handles confidential data for well over 2,000 hospitals and nearly 2 million individual patients. Apervita worked side by side with MongoDB during development and refinement of the technology.
Since reaching general availability in December, the technology has also been adopted by several government agencies and Fortune 50 companies, including some of the largest pharmacies and insurance providers.
This is a good thing. Field Level Encryption (FLE) is a must for any DB these days.
(Score: 1, Interesting) by Anonymous Coward on Friday April 03 2020, @02:10PM (9 children)
If the goal is to protect the data from the prying eyes of admins, then I wonder how they are protecting the keys so that a determined admin cannot get access to the encryption keys?
(Score: 1, Informative) by Anonymous Coward on Friday April 03 2020, @02:25PM (7 children)
The threat model is specifically an admin with access to the mongodb server and that admin is prevented from getting the keys because the keys are never sent to the server. An admin with access to the app server can steal the keys.
https://webassets.mongodb.com/_com_assets/cms/FLE_GA_v3-zcn705jddn.gif.gif [mongodb.com]
(Score: 2, Insightful) by All Your Lawn Are Belong To Us on Friday April 03 2020, @02:57PM (6 children)
e.g. an Edward Snowden. (Regardless of how one feels about what he did - and I tend to think he should be given a full pardon and he is nearly a hero - this is meant to mitigate that kind of compromise).
This sig for rent.
(Score: 4, Insightful) by DannyB on Friday April 03 2020, @03:49PM (3 children)
I would only add that he should have a statue.
Everything he said revealed that things were already much worse than the most paranoid among us believed (in 2013). And have only gotten worse sense. Some reforms have actually come of Snowden's revelations. I think hero is deserved. If things don't get reigned back in, and corruption ended, and the voting system protected from online voting, we may end up with only an illusion of democracy. Maybe we're already there? How exactly do you know when you've crossed the point of no return near a black hole? (prior to the event horizon)
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Friday April 03 2020, @09:57PM (2 children)
I don't think one should be lionized under an ends-justify-the-means argument. I would be more sympathetic to the argument (well, not the beatification stance taken here) if he curated and released information to support some argument, but a blind smash-and-grab of information, then giving the information to the Russians and Chinese, well that is pretty damn bad. He gave up a lot of information on things that weren't illegal too, so I hope that you are at least cognizant of the stance where some people don't feel compelled to bow down and kiss his ring. You laud him for all the good you say he did, but he did a hell of a lot of bad too.
So, no, I won't go for statues. But they give statues to all sorts of people for all sorts of reasons which I don't agree with either and in the end only pigeons end up caring about.
(Score: 3, Insightful) by DannyB on Sunday April 05 2020, @12:20AM
Prior to Snowden we got to see how genuine whistleblowers were treated.
I think Snowden took the only avenue available. He didn't remain anonymous. But he realized that going through channels was worse than pointless.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Monday April 06 2020, @06:02PM
So Snowden said and so nobody has offered hard evidence to disprove, Snowden gave the Russians and Chinese nothing. Everything he had was turned over to Glenn Greenwald, not "the Russians" or "the Chinese". (Unless you mean that the things that were publicized also became public knowledge to our adversaries, if they didn't know them already).
And not all that which is legal is moral. Not all that is moral is legal. So giving away stuff that wasn't illegal but was utterly and unjustifiably immoral doesn't count in my book, either.
Though I agree a statue is not necessary. It would be if he'd publicized it all, stayed, and was voluntarily in Supermax today. Basically what they're planning for Assange who did nothing but a journalist's job in actuality although talked different from that. Very, very few people can actually walk to a cross willingly, though.
But oh well. We can't all agree on everything.
(Score: 0) by Anonymous Coward on Friday April 03 2020, @09:45PM (1 child)
Regardless of how one should feel, he should be hailed as a hero? Those two halves of the sentence do not agree with each other.
(Score: 2) by All Your Lawn Are Belong To Us on Monday April 06 2020, @06:10PM
No, sorry. Regardless of how one feels if Snowden is a hero or not this type of encryption is intended to prevent a Snowden-like infiltration of a dB occur.
This sig for rent.
(Score: 2) by takyon on Friday April 03 2020, @02:29PM
It supports sharding.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]