Wait... if Sony fully encrypt the database, they need a way to ask the database to be decrypted from their program.
But if the hackers use SQL injection, they would be attacking the database through a SQL call that, by necessity, must decrypt the database.
Wouldn't some sort of full database encryption only protect from someone getting a DB dump? Or am I misunderstanding?
Wait... if Sony fully encrypt the database, they need a way to ask the database to be decrypted from their program.
But if the hackers use SQL injection, they would be attacking the database through a SQL call that, by necessity, must decrypt the database.
Wouldn't some sort of full database encryption only protect from someone getting a DB dump? Or am I misunderstanding?