re: It’s All In The Timing: Timing Attacks For Dummies VIEW POST


What about DB queries ? is this working as well for methods which queries a DB for username and password ?
I tried to find how MySQL does string comparison but I couldn't find an exact answer...


I don't know the technical answer with 100% certainty, but I learned about timing attacks while working on a Rails app that uses ActiveRecord to talk to MySQL database so I assume it applies to DB queries as well.

code of conduct - report abuse