On Tue, Apr 11, 2017 at 21:48:58 +0200,
Lifepillar <lifepillar@lifepillar.me> wrote:
>
>I'd like to take the opportunity to also engage students about the topic
>of privacy (or lack thereof). So, I am here to ask if you have
>interesting/(in)famous stories to share on database security/privacy
>"gone wrong" or "done right"(tm), possibly with technical details (not
>necessarily to share with the students, but for me to understand the
>problems). I am asking to this list because I will use PostgreSQL, so
>maybe I can collect ideas that I can implement or demonstrate in
>practice.
"Translucent Databases" has some interesting ideas about providing privacy
by operating directly on encrypted data (without decrypting it) so that
information is kept private even from the database. The are major
limitations on what you can do, but there may be some cases where the
techniques can be used.