[AccessD] Access 2007 - Microsoft is just plain stupid.

Drew Wutka DWUTKA at Marlow.com
Mon Dec 10 13:20:30 CST 2007 

Ok, at my company we were using Office 97 up until the summer of 2006,
at which point we upgraded to Office 2003.  But we are now looking at
doing a company wide upgrade to Office 2007.  I've seen posts about 2007
here and there, and while I usually skim them, I do file away the
information I glean for future use.

 

This weekend I installed Office 2007 to a virtual machine, and started
playing around in it.

 

Pretty, visually.

 

Office Groove looks pretty neat.

 

No apparent issues running an Access 2000 format database.

 

The new Access 2007 format.....ummmmmm..... if they wanted to just drop
Access from the Office Suite, they should have done so.  Dropping ULS
(User Level Security) from the Access 2007 format turns Access into a
combination of a glorified version of Excel mixed with Microsoft's
answer to Crystal reports......  

 

Let's talk a little bit about 'security'.  In Navy bootcamp, my company
commander (drill sergeant) had some sagely wisdom about the padlocks on
our lockers.  'Locks don't keep criminals out, they keep honest people
honest'.  Those wise words apply to every aspect of EVERY security
system.  

 

A few years ago, I bought a few songs from the New Napster.  Complete
PITA.  The songs I downloaded would only play in Windows Media Player,
WITH napster installed (and my napster credentials running).  Oh my, how
secure, no one can copy a song with that much protection in
place......wrong.  In fact, since Windows 95, Microsoft itself provided
the tools to copy any song you want.  It's called Sound Recorder.  Not
only can you record sound from a microphone, but you can record sound
from 'WaveOut', which is the output of your sound card.  It's got a
limit on it though...sometime like 30 seconds to a minute....BUT even
that can be bypassed.  Record to 'blank' audio sessions, at the max
limit, then use Sound Recorder itself to 'combine' the two files.  Sound
Recorder can then open that file, and now you can record for double the
'limit' (and you can combine away, allowing sound recorder to record
unlimited amounts of time).  Like a song you are hearing on an online
radio station, just start up Sound Recorder, and record away...Sound
recorder even let's you 'edit' the recording.  Isn't that nice...blows
every single 'security' measure based on audio files....out the window.

 

A lot of computer security experts will say the only way to secure your
data is to unplug your system from the net.  Not entirely true.  The
only way to truly secure it is to then smash it with a sledge hammer,
and melt it in a furnace.  Of course, this makes it a little difficult
to retrieve your own data, but there in lies the problem.  If you can
get to your data, so can someone else.

 

We recently had a thread about data encryption.  Ok folks, I don't mean
to scare anyone, but encrypting your data, as my wise company commander
once said, won't keep bad people from getting your data, only keep
honest people honest.  When you are looking for a way to protect your
data, seeing a program 'encrypt' your data looks impressive.  Put in a
massively complex password, and again, it LOOKS really hard to break.
Now think like a diabolic mastermind.  If I wanted to read your data, I
wouldn't try to 'break' your encryption.  I would go about it in a much
simpler way.....I would bug your computer.  Anything from a simple
keylogger application, to a sophisticated scanner would work.

 

NTFS... (NT is New Technology, and is the core of NT 4, Windows 2000,
2003, XP, and Vista, FS is for File System).  It replaced FAT16 and
FAT32.  Handles larger drives, and is.....get this.... MORE SECURE.
Yep, more secure to the honest person.  Unfortunately, it's only secure
when used WITH the Operating system.  There are FREE utilities out there
that let Windows 9x 'see' NTFS partitions......but get this, it lets you
read/write to EVERYTHING, because it only reads the data, it completely
ignores the security descriptors.  I have a handy utility called Restore
2000 Pro.  It's a great recovery utility for recovering deleted data,
wiped partions, etc.  It completely ignores the security descriptors, so
it can read anything on your disk, regardless of it's security handles.

 

Now, back to Access, and it's ULS.  Was it fool proof...of course not.
As I've been trying to say, NOTHING is.  Everything I have read about
why Microsoft got rid of ULS in the new version of Access is because
they feel you should be using a Server Side database for secure
data....great...what about the security on the front end?  What if I
don't want some users to change the design of a report, but I want to
allow other users to do so?  What if I want to allow some users to make
their own queries.  All of this was possible with ULS.  I have a handful
of small little databases where one person wants to read/write data, but
they want everyone to be able to read it.  ULS to the rescue, it's a
snap to make a database 'read only' to everyone, while giving full
rights to one or two people.  Why should I have an entire SQL server to
host an .mdb that's barely a megabyte?

 

This is just absurd.  I hope Microsoft wises up before they send out
another monstrosity.

 

Drew

More information about the AccessD mailing list