2022-03-26
105 reads
Security
The Level of Security These Days
How comfortable are you with your password security? Today Steve asks given some data on the various times it takes to crack passwords.
2022-03-25
84 reads
Can We Please Stop Sending Passwords Over the Wire?
While analyzing SQL Server's network protocol, I came across a weird fact: when a database client logs in using SQL Server authentication (as opposed to Windows authentication), it has to send the user's password to the server, in blatant violation of common security guidelines. At first, I couldn't believe it; SQL Server generally does an […]
2022-03-02
5,567 reads
A Real World Security Reminder
A reminder today that security in the physical world can affect the digital world.
2022-02-23
208 reads
Teams Security Issues
There are a few security issues in the Teams application from Microsoft, and Steve notes that some of the push for new features can be a problem in this area.
2022-01-10
296 reads
Query control made easy
Overview As we all know, data security is a never-ending battle. Every day, we hear of new data breaches. It's a hard problem, and there is no single solution, other than a defense in depth. Let's look at one of those defenses for databases: query control. Query control is a simple idea: most applications access […]
2022-01-07
4,030 reads
How to (Somewhat) Increase SQL Server Security
Problem Some time ago Argenis Fernandez(@DBArgenis) found and described a vulnerability that allows you to get into SQL Server with 'sa' rights. This method does not require a restart of the SQL Server service or the whole machine, the condition is a local administrator account on the server. Reminder SQL Server until 2008R2: Until SQL 2008R2, […]
2022-01-03
8,448 reads
The Challenge of Edge Security
We will see databases deployed on the edge, and we will need strong security patches.
2021-12-20
298 reads
2021-12-15
356 reads
SQL Server Data Classification Comes Alive
Overview Microsoft SQL Server 2012 introduced a feature called data classification, which allows you to mark certain columns with labels, indicating that these columns contain sensitive or special-handling data. For instance, you may want to mark a column containing credit card numbers as "confidential", or sales numbers as "management only". The problem is that you […]
2021-12-10
5,246 reads
Blogs
Blog a Day – Day 1: History of AI
By Vinay Thakur
it has been a year since i have not written much on the blog...
A New Word: on tenderhooks
By Steve Jones
on tenderhooks – adj. feeling the primal satisfaction of being needed by someone, which...
Ramblings about data communities and your contributions, no excuses
By DataOnWheels
I have been active in the data community throughout my career. I have met...
Forums
A Quick Restore
Comments posted to this topic are about the item A Quick Restore
Guarding Against SQL Injection at the Database Layer (SQL Server)
Comments posted to this topic are about the item Guarding Against SQL Injection at...
Ola Hallengren Index Optimize Maintenance can we have data compression = page
I have a quick question on Ola Hallengren Index Optimize Maintenance . Do we...
Question of the Day
A Quick Restore
While doing some testing of an application, I wanted to reset my environment after doing some testing with this code:
USE DNRTest BACKUP DATABASE DNRTest TO DISK = 'dnrtest.bak' GO /* Bunch of stuff tested here */RESTORE DATABASE DNRTest FROM DISK = 'dnrtest.bak' WITH REPLACEWhat happens if this runs, assuming the "bunch of stuff" isn't anything affecting the instance. See possible answers