The data redaction feature, designed for selective, real-time protection of certain database information can be bypassed without too much effort, according to security expert David Litchfield.
Employed at Datacomm TSS and recognized authority on database security, Litchfield held a presentation called Oracle Data Redaction Is Broken at the DefCon hacker convention last week.
He informed the audience that the service supposed to prevent sensitive information from reaching SQL qu…
Comments are closed.
