[AccessD] Hiding Back End Design

DWUTKA at marlow.com DWUTKA at marlow.com
Tue Jun 22 10:41:25 CDT 2004


Couldn't agree more.  When I was in boot camp, one of our drill sargeants
told us that the lock on our lockers only kept honest people honest.  Very
true statement.

I had a talk with our CFO one day (my bosses boss), and told him that our
best network security was ignorance.  LOL

Drew

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of ACTEBS
Sent: Monday, June 21, 2004 9:20 PM
To: 'Access Developers discussion and problem solving'
Subject: RE: [AccessD] Hiding Back End Design


Gustav,

"Personally, I think the time for proprietary systems has passed - customers
need systems they can drag data from to be used elsewhere."

Never a truer word said. 

With the decision by the Munich government to migrate to Linux, France
looking to do the same and Brazil on the verge, it seems as though the end
is nigh for the proprietary software/business model. 

Hmmm, sorry I went a bit off topic there..... ; )

Rocky - if a cracker wants to crack your software he will. There are teams
of these people out there who see it as a challenge. Why waste your time?  

Vlad

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Gustav Brock
Sent: Tuesday, 22 June 2004 4:02 AM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] Hiding Back End Design


Hi Rocky

No, you cannot open or attach tables from the BE without the correct
password. But as stated from several already, you can google up at least
three password crackers.

Next step would be Access security as mentioned by Drew, and the next would
be to apply field encryption which is a major step.

By why not turn it completely around: make the design open and documented as
"this is the way to build a database for an application like this"? Then you
are the master and everyone else is the replicant - following the "Rocky"
standard. Personally, I think the time for proprietary systems has passed -
customers need systems they can drag data from to be used elsewhere.

Also, I really doubt someone can figure out the intelligence of your app
just by watching the table design. One can watch what is going on when data
have been entered or updated but not _how_, and if someone can figure it
out, he will already know how to build a similar app without knowing your
table design.

/gustav


> If I'm reading the help file correctly, encryption does not hide the 
> objects, just the data, yes?  I need to hide the design of the back 
> end. Password protection is too weak.  I'll be up against 
> professionals.

> Rocky

> ----- Original Message -----
> From: "Gustav Brock" <gustav at cactus.dk>
> To: "Access Developers discussion and problem solving"
> <accessd at databaseadvisors.com>
> Sent: Monday, June 21, 2004 9:41 AM
> Subject: Re: [AccessD] Hiding Back End Design


>> Hi Rocky
>>
>> You can encrypt the database. Not bulletproof, of course, but keeps
>> the average user away.
>>
>> /gustav
>>
>> > Is there a way to easily hide the back end design?  My distributor in
> Taiwan feels that if the back end design is not hidden then the product
can
> be easily knocked off.

-- 
_______________________________________________
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com



-- 
_______________________________________________
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com



More information about the AccessD mailing list