The Real Issue Behind a Database Breach


At the end of 2015, reported that someone had accessed a database with 191 million voter records and released it (and someone subsequently removed it) online. The report is well-written and worth a read.

There was apparently significant personal information available for each of the voters. The 191 million records seems a bit strange as it seems there are just over 140 million registered voters in the US. But perhaps there are some older records or the numbers differ for some other reason. In some states, voters may remain registered for some time after moving away and registering in another state.

But that’s not the point here. The point is that somehow someone got access to the information in the first place. It seems clear to me that there needs to be a better way of securing these and other data so that if a system is compromised, the stolen data is strongly encrypted and cannot be used. I know that is a hard problem.

The recent Apple-FBI case has drawn attention to how difficult it is to get into a mobile phone if one does not know the PIN or key. Had someone discovered the phone’s PIN, law enforcement could access the otherwise-encrypted data. But the PIN does not appear to be easily guessable – therefore, the data are more secure.

The details of the origin of the leaked database file are still unclear. What is clear is that data were available on the Internet unencrypted. Why is this still a thing? A hardware security module for a system securing high-value data hardly seems like a stretch financially. For searching encrypted databases there is, for example, CryptDB. While not perfect, it does provide tools that allow searching and limited processing of encrypted data.

In my view, the problems are that the tools aren’t a) trivial to configure and use, nor b) in widespread use. These create a barrier to “doing the right thing”. In Learning Tree’s System and Network Security Introduction, I repeatedly talk about the trade-off between security and ease-of-use. This is just such a situation.

It is incumbent on vendors of data storage solutions to make storing the information securely a simple endeavor, not an onerous task. People shouldn’t have to go the extra mile to be secure. Secure operation should be the default.

Do you agree? Should secure behavior be the default behavior? Let us know in the comments below.


To your safe computing,
John McDermott

To your safe computing,
John McDermott

Type to search

Do you mean "" ?

Sorry, no results were found for your query.

Please check your spelling and try your search again.