Hi!
If I have my own server at home and if I want to connect to my MariaDB server securely, so that data sent and received are encrypted, is it enough to set alone the SSLMode=True in my desktop app and to disregard all the other SSL properties?
I searched everywhere in the forum and found nobody ever answering this question.
Without certificate file this may not be secure…
@Christian Schmitz
Hi Christian!
How high do you estimate the risk that an attacker positions himself between a client and server which are both located in Luxembourg? Do you think that there are such dangerous people in such a small country like this?
I would assume that the box is connected to the internet, and therefore can be scanned.
As far as I know, lots of bad stuff happens not because someone actively tries to attack your specific server, but due to people running scripts that scan computers attached to the internet. The scripts try several vulnerabilities, and if they find one, it gets flagged so that the person running the script knows that a vulnerable computer has been found. Then they might investigate and try to get into your server. The scripts are not necessarily run by local people. It could be people anywhere on the internet.
As to the risk: I’d estimate it’s high. I once heard the amount of scans the Xojo Cloud structure had to deal with, and it was so high they stopped keeping track after a while, if i remember correctly.
Well, if you connect to localhost for your db server, you don’t need SSL as it’s all in memory.
But as soon as you connect to other computer, you need to be aware that people may read your traffic, even within the same building.
[quote=382134:@Payam Arzani]@Christian Schmitz
Hi Christian!
How high do you estimate the risk that an attacker positions himself between a client and server which are both located in Luxembourg? Do you think that there are such dangerous people in such a small country like this?[/quote]
If there’s a chance/risk to be being hacked or for data theft, or or or, it’s always worth taking a look into it and preventing it if possible. No matter how high or low the chance of beeing hacked is.
With the new data privacy rules coming in effect next months, you are required to encrypt for data protection as far as I know.
@Christian Schmitz
Yes I heard about the GDPR. Would I comply if I activate only the SSLMode without any certificates? In one of the Xojo guides I read that all the other properties, apart from SSLMode, are only options and are not mandatory.
I already contacted the mariaDB team for consulting, and somebody will call me tomorrow for it. But I came in this forum to know whether setting the SSLMode true without any other effort makes any sense or not. My decision tomorrow depends on what I will learn here.
if you trust any server, you are not complying to privacy for your data.