Jeff Pritchard wrote:
I need to encrypt some items in the database in a rails app.
I tried using the old "sentry" gem, but it doesn't seem to be surviving
Rails 2. The stuff I found for Active Crypto on the web appeared to be
many years old.
What are folks using to encrypt db data via active record these days?
I'm starting to question the validity of this whole notion. It seems to
be expected that one would encrypt database tables that hold sensitive
information (like a user's health information for example).
Taking a step back from it though, what's the point? The database and
my app are all on the same server. Nobody can see the database files
unless they have access to my server. Anybody who does have access to
my server can look at the app to figure out how to read the encrypted
So what is the supposed advantage of encrypting them in the first
Sorry for playing my own devil's advocate here, but it just dawned on me
that perhaps I was chasing a fool's errand. Please enlighten me.