Completely Encrypted Data

Posted on December 2, 2020 by way0utwest

I remember reading about, and doing some message exchange, with PGP, in the 90s. At the time I worked in a utility company and my boss and I were interested in whether encryption might be something we should implement. At the time, the integration with mail clients, and the relatively unsophisticated users limited our options, and we never moved forward, but I’ve always been interested in encryption and how it fits into our digital world.

The technical bits have gotten easier, with https encryption automatically enabling for most of us, though perhaps only preventing limited attacks. We’ve gotten more options in the data platform, some that work well, some that require a decent coding effort, but they do work to some extent. At least, they make auditors happy and prevent silly leakage from something like a lost disk drive.

One of the main areas where encryption has been controversial is in real time communications. Governments and law enforcement want to be able to eavesdrop on criminal activity, or maybe other activity, and individuals want privacy. This seems to be an ongoing battle between technical companies and lawmakers as to how to implement features and what limitations should be enabled. I noticed a story recently where Google is rolling out end to end encryption in its messaging apps.

That got me to thinking. We capture and store data, and we may have some sort of communications in our system. If users demanded, or application developers built, end to end encryption, do we care as data professionals? Certainly we would need to allow for binary storage, and we’d lack insight or indexing into the actual data, but certainly could work with metadata like user, time, etc.

There are also other considerations for us. If we store encrypted data, is this more of a hassle in dealing with legal requirements? Do we want to have another sort of PII in a key or have to constantly explain to management or legal staff that we can’t read the data because we don’t store the key? There are non-technical burdens that we might not want to shoulder.

I do think that more systems ought to allow end-to-end encryption for communications, and user-managed keys are a capability that plenty of us might want in a world where no one physically sees the database server or disks. While I do like the idea of secure enclaves, which are catching on in computing, I also think that key management, especially for users, needs to improve. Perhaps we need a password manager for certificates, with backup included, to ensure our end users can properly manage their certificates across devices and in the event of any personal disasters.

Steve Jones

Listen to the podcast at Libsyn, Stitcher or iTunes.

Posted in Editorial | Tagged , | Comments Off on Completely Encrypted Data

Daily Coping 2 Dec 2020

Posted on December 2, 2020 by way0utwest

I started to add a daily coping tip to the SQLServerCentral newsletter and to the Community Circle, which is helping me deal with the issues in the world. I’m adding my responses for each day here.

Today’s tip is to tune in to a different radio station or TV channel.

I enjoy sports radio. For years while I commuted, I caught up on what was happening with the local teams in the Denver area. With the pandemic, I go fewer places, and I more rarely listen to the station.

I miss that a bit, but when I tuned in online, I found some different hosts. One that I used to really enjoy listening to is Alfred Williams. He played for the Broncos, and after retirement, I enjoyed hearing him on the radio.

I looked around, and found him on 850KOA. I’ve made it a point to periodically listen in the afternoon, hear something different, and enjoy Alfred’s opinions and thoughts again.

Posted in Blog | Tagged , , | Comments Off on Daily Coping 2 Dec 2020

Increasing the Accuracy of Data We Rely On

Posted on December 1, 2020 by way0utwest

When I was a kid, we used physical maps and verbal directions. That, with a good memory and sense of direction helped me navigate across the US on my bike and through many cities in Europe on my bicycle.

Near the turn of the millennium, we got a number of mapping sites, like MapQuest, which were really designed to replace a paper map with a route drawn in. Since then, the capabilities of GPS combined with the advances of mobile phone OS and app improvements, much of the world depends on GPS working correctly.

The GPS systems, of which there are many run by different governments, have been in place for years, and have been upgraded at different times. The US government is looking to upgrade GPS (their system) with GPS III, with stronger signals and a longer lifespan. There are a few other items, better security among them.

There is a lot of GPS data that many of us take for granted. We may not worry about the actual data values, but we may use apps or include integration with services like Google Maps or Apple Maps, and we depend on this data being accurate and available.

There could be similar types of data that our applications and systems need, where availability, accuracy, and more affect the usefulness and value of some application. I think things like master data and data classification fall into these areas. The problem is that often those projects, or the idea of a project, don’t have a large government agency with a big budget working on them. As a result, they rarely move forward.

Steve Jones

Posted in Editorial | Tagged | Comments Off on Increasing the Accuracy of Data We Rely On

Social: Using Tech to Raise Money

Posted on December 1, 2020 by way0utwest

In 2020 for the first time, I donated to a few political campaigns. I’ve never done that before, though my wife has. I was inspired, and I was glad I helped out, and the candidates I supported went 1-1. That’s fine, as I believed in both of them.

Last week I saw a tweet from Jeff Atwood, fellow UVA alum and founder of Stack Overflow. He was raising money for the Georgia Senate run-off in January.

2020-11-30 15_28_03-Jeff Atwood on Twitter_ _It's Monday, so that means it's time to raise money for

I’d seen a note from him the week before, but was busy and ignored it. This time, I decided to donate. I did so immediately, and got a text from my wife right away. She watches our money closely and asked if I’d actually donated to the GA campaigns. I had, and got a thumbs up back.

I was stunned when I got a PM from him informing me that I’d won the iPad. I’ve almost never won anything, but I often don’t even bother to enter contests.

Jeff has been running contests to help raise money for the Democratic candidates, and he’s giving away tech gifts to inspire people. This week the prize is a Macbook Air, with the M1 processor, courtesy of Brent Ozar.

If you believe in Jon Ossoff, and want to prevent some gridlock in DC during the next few years consider donating. The chance to win a prize is icing on the cake, but the chance to affect change is more important. I’ve listened to the Democratic candidates, and I think they are good people, looking to improve their state and our country. Character is important, and I think both candidates have that character.

My opinion, I also think that remarks from their opponents lack the character I prefer, putting their party above the well-being of the country and its citizens.

Posted in Blog | Tagged | Comments Off on Social: Using Tech to Raise Money