Privacy and Security for MySQL at Google in the Snowden Age

2 April 3:50PM - 4:40PM @ Ballroom B

Duration: 
50 minutes conference
Revelations from the Snowden files about the NSA’s interception of long-haul fiber traffic[1] were met by some with stunned disbelief and by others with blasé “I told you so”. Google responded publicly by encrypting inter-datacenter traffic[2], deploying additional user-facing encryption[3] and encouraging others to do so[4]. MySQL at Google hasn’t escaped our push for better protection of our users’ data. I’ll be talking about our work adding encryption at rest, complete data deletion and comprehensive query logging to MariaDB, as released in our public patches. While PRISM brought these issues to the forefront, the attacks that it highlights were possible by other bad actors before, and deploying these features protects against a wide range of internal and external malfeasance. [1]: http://globalfinance.zenfs.com/en_us/Finance/US_AFTP_SILICONALLEY_H_LIVE/Leaked_Slide_Shows_NSA_Celebrated-d42e7b20f981f90171da46d42b84eab3 [2]: http://articles.washingtonpost.com/2013-09-06/business/41831756_1_encryption-data-centers-intelligence-agencies [3]: https://www.eff.org/deeplinks/2013/11/encrypt-web-report-whos-doing-what [4]: http://googleonlinesecurity.blogspot.com/2011/11/protecting-data-for-long-term-with.html


Speakers

Site Reliability Manager, Google Inc.
Biography: 
In 6 years at Google, Ian has been a Systems Engineer, Software Engineer, tech lead and now manages Google's MySQL development and Site Reliability Engineering teams in Mountain View, California. He's worked with MySQL since 3.23 in a wide variety of environments, including cash registers, anti-spam services and political campaigns.