24C3 - 1.01

24th Chaos Communication Congress
Volldampf voraus!

Speakers
Alexander Kornbrust
Schedule
Day Day 4 (2007-12-30)
Room Saal 1
Start time 18:30
Duration 01:00
Info
ID 2354
Event type lecture
Track Hacking
Language en
Feedback

Latest trends in Oracle Security

Oracle databases are the leading databases in companies and organizations. In the last 3 years Oracle invested a lot of time and engery to make the databases more secure, adding new features ... but even 2007 most databases are easy to hack.

This talk will describe the current status, the typical problems in customer installations and the trends for the future for Oracle Security.

I will show some scenarios how to attack (and prevent) databases, abuse Oracle security features (like Oracle Transparent Database Encryption (TDE)) and the latest trends in SQL Injection (e.g. why a table "!rm -rF /" sometimes executes code).