On Fri, Oct 31, 2025 at 05:40:31PM +0100, Laurenz Albe wrote:
> On Fri, 2025-10-31 at 08:21 -0700, Adrian Klaver wrote:
> > Yeah, what I would like to know is how many of the data breaches
> > actually grab directly from the storage versus getting it through the
> > database or other software above the storage? It seems to me social
> > engineering plays a bigger role in this.
>
> This is not about actual security considerations, it is about checkboxes.
> Consequently, rational arguments are missing the point.
I think the big question is that, now with the effective PCI spec
disallowing only storage-level encryption, can we, as a project,
continue to reject in-core TDE because it is a check-box item.
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EDB https://enterprisedb.com
Do not let urgent matters crowd out time for investment in the future.
