Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Precious Ideas

By Steve Jones,

http://www.deathstar.ch/security/encryption/history/images/WheelCipher01.jpgThe last line says it all, though it might offend a few of you. Jeremiah Peschka wrote agreat piece on encrypted stored procedures and telling companies they shouldn't bother. I agree, the arguments given in the comments notwithstanding.

I have heard this argument over and over, from different industries, and in every case where someone has broken down their code, you find it really isn't that special. There's no super secret way to accomplish most anything you're going to put into a stored procedure on a database server. We have to know how things work from a logic standpoint so that we can be sure that the correct data is moving to the correct place. If we know the logic, we can easily build code that does the same thing ourselves. We just don't want to. We buy software so that we don't have to spend the time coding it ourselves.

What about support issues? I have heard this argument quite a few times as well. The answer here is to deal with it administratively. Spell is out in the contract that customers who changes stored procedure will be charged for support issues caused by the change. Heck, everything else is disclaimed or handled in the EULA, why not this?

IMHO, this "feature" ought to just be removed from SQL Server. There's no good reason to encrypt a stored procedure, especially with the SQLCLR available for any of those truly top secret, complex algorithms you think you have.

Steve Jones


The Voice of the DBA Podcasts

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there.

You can also follow Steve Jones on Twitter:

Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

Total article views: 158 | Views in the last 30 days: 1
 
Related Articles
FORUM

support for stored procedures in report builder 1.0

support for stored procedures in report builder 1.0

ARTICLE

Avoiding Stored Procedures

This week Steve Jones argues against stored procedures. Is it a good argument or do want to stick wi...

BLOG

The Podcast is in the Windows Store

If you’ve got a Windows Phone, or any of the Windows devices that support podcasts, the Voice of the...

ARTICLE

XML Argument Protocols for SQL 2005 Stored Procedures

SQL Server 2005 has made it much easier to work with XML data in your database applications than eve...

ARTICLE

Stored Procedures Reconsidered

A guest editorial from Scott White that looks at the use of stored procedures from a developer's poi...

Tags
editorial    
encryption    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones