Firebird DocsetFirebird Database DocsFile and Metadata Security → Choosing Obscurity
Firebird home Firebird home Prev: Acceptable Low SecurityHome: Firebird DocsetUp: File and Metadata SecurityNext: The Philosophical Argument

Choosing Obscurity

The thing about security by obscurity is that it must be obscure! If Firebird were to implement some sort of encryption into its disk reads and writes then it would not be obscure because it is an open source project. It would take almost no time at all to recompile the source to discover the key being provided and everything is lost.

So if you really needed this feature you would obtain the Firebird source, insert your own obscuring code into the disk read and write methods and compile your own variation of the Firebird server. (Such code could be discovered by decompiling the executable but it does take a fairly serious thief to try this.)

Before you do this, try to work out whether it would actually solve your problem, if the user also takes a copy of the specially compiled executables along with the database; or if it remains possible for a user to extract the secrets directly from your running server.

Prev: Acceptable Low SecurityHome: Firebird DocsetUp: File and Metadata SecurityNext: The Philosophical Argument
Firebird DocsetFirebird Database DocsFile and Metadata Security → Choosing Obscurity