Complaint about Jeff Conrad, MVP

[Chris Mills]

I have lodged a formal complaint with Microsoft about Jeff Conrad's site (not
about Jeff Conrad exactly).

Who knows if Microsoft will take any notice. I am posting this just so's
no-one thinks I am doing "dirtys". I might or might not post the full text of
my complaint to Microsoft, but it seems inappropriate at the moment (it was
not written as an "open letter").

Probably the first time any such complaint has been attempted. And some people
accuse me of not being serious.

My concern is security in the overall sense. I await with interest Microsoft
reply, if any. The silence in this so-named newsgroup about matters of
security is, well, "crushing".

Chris Mills
Access Developer

 

[Rick B]

Unless you share what your issue is, I doubt you'll get many comments from
us.

 

[Joan Wild]

My concern is security in the overall sense. I await with interest
Microsoft
reply, if any. The silence in this so-named newsgroup about matters of
security is, well, "crushing".

I'm having a terrible time trying to get my head around those three
sentences. 'Security' in Access is a joke, and everyone knows it.

Jeez Chris, you've been around long enough to know that the database
password is useless, and that user level security can be broken (even
without the mdw). It seems to me that you could invest some effort in
complaining about that to Microsoft.

What exactly is your complaint about Jeff?

 

[Chris Mills]

to know that the database password is useless,
utter nonsense
(only true to a limited extent)

and that user level security can be broken (even
without the mdw).

yes, but referring to the above, utter nonsense

It seems to me that you could invest some effort in
complaining about that to Microsoft.

yes, that's exactly what I posted. In fact, the complaint is about none of the
above.

I think you should be careful. An MVP spouting advice about security whilst
claiming it is useless, is duplicitous. I make no such claim about Access
security.

I'm not surprised you're scratching your head, based on your statements. I
question if you know ANYTHING about security, in a broad sense, at all.
My otherwise regards to you.
Chris

 

[Rick B]

This guy seems to be a real moron.


Is there any point to his post? Does he expect some form of discussion, or
is he just trying to make trouble?

Why has he not simply posted his complaint so we will know what he is
talking about?

He claims to have a problem with an MVP website, but does not tell us what
the problem is. His post seems to indicte that he has a poor understanding
of Access security. what does that have to do with Jeff's website?

The website seems pretty useful to me!

 

[Lynn Trapp]

He claims to have a problem with an MVP website, but does not tell us what

the problem is. His post seems to indicte that he has a poor
understanding
of Access security. what does that have to do with Jeff's website?

Rick,
Chris is upset that Jeff's site has links to companies that offer services
that will crack Access security. He thinks that is an illegal service to
offer. Of course, it is only illegal if they crack the security for an
unauthorized user and/or company. If they crack it for the owner of the
database, then it is perfectly legal. Don't let him bother you. He's just
blowing smoke.

--
Lynn Trapp
MS Access MVP
www.ltcomputerdesigns.com
Access Security: www.ltcomputerdesigns.com/Security.htm
Jeff Conrad's Access Junkie List:
http://home.bendbroadband.com/conradsystems/accessjunkie.html

 

[Paul Overway]

While cracking security may be legal in certain cases, the fact that it can
be done at all and done so easily, that it is a well known problem, and has
never been fixed in all these years speaks volumes in respect to Microsoft's
priorities. I'm sure a lot of people would like to see Microsoft get off
their ass and fix the problem.

I don't question Chris' motives in bringing the issue up. Nevertheless, the
derogatory comments in respect to others in the NG appear misdirected and
aren't in any way helpful toward getting the issue resolved. If anyone
should be flamed abot this, it would be Microsoft.

 

[Lynn Trapp]

While cracking security may be legal in certain cases, the fact that it

can be done at all and done so easily, that it is a well known problem,
and has never been fixed in all these years speaks volumes in respect to
Microsoft's priorities. I'm sure a lot of people would like to see
Microsoft get off their ass and fix the problem.

I agree, but I wonder if Microsoft, or any company for that matter, would be
willing to put the necessary resources to making Access as secure as a
server side database. The cost of doing that would have to be weighed
against the amount of income generated by the sale of Access. I really doubt
that it is cost effective, so the bean counters at Microsoft may be who is

I don't question Chris' motives in bringing the issue up. Nevertheless,
the derogatory comments in respect to others in the NG appear misdirected
and aren't in any way helpful toward getting the issue resolved. If
anyone should be flamed abot this, it would be Microsoft.

Perhaps Chris has good motives -- I won't get into that. However, Jeff
Conrad is totally innocent. He provides a service of information and nothing
else. He makes no claims regarding the quality of the links he posts there.

--
Lynn Trapp
MS Access MVP
www.ltcomputerdesigns.com
Access Security: www.ltcomputerdesigns.com/Security.htm
Jeff Conrad's Access Junkie List:
http://home.bendbroadband.com/conradsystems/accessjunkie.html

 

[Paul Overway]

I agree, but I wonder if Microsoft, or any company for that matter, would
be willing to put the necessary resources to making Access as secure as a
server side database. The cost of doing that would have to be weighed
against the amount of income generated by the sale of Access. I really
doubt that it is cost effective, so the bean counters at Microsoft may be
who is keeping everybody on "their ass." <g>

I have no expectation that Access be just as secure as a server based
product. However, Microsoft SHOULD fix the faulty algorithm used to secure
the user names and passwords in the workgroup file, which can currently be
hacked in a matter of seconds. If bean counters are preventing this issue
from being fixed, Microsoft's Trustworthy Computing initiative has less
value than a pile of manure. Greed may dictate otherwise, but Microsoft can
well afford to fix the problem.

 

[TC]

While cracking security may be legal in certain cases, the fact that it can
be done at all and done so easily, that it is a well known problem, and has
never been fixed in all these years speaks volumes in respect to Microsoft's
priorities. I'm sure a lot of people would like to see Microsoft get off
their ass and fix the problem.

galloop galoop ... I hear my hobby horse in the background!

I have given them a /two line fix/ that would completely remove the
ability of cracking products to reverse-engineer the plaintext
passwords from a workgroup file. Clearly that is not the only weakness
in user level security; but it is certainly the most egregious one.

Whether they will actually /do/ it, is anyones' guess.

TC

 

[TC]

This guy seems to be a real moron.

I believe most people would support Jeff against this plonker.

TC

 

[Jan Il]

I believe most people would support Jeff against this plonker.

You bet!!

Chris just needs his grapes sweetened. Problem is ......he never seems able
to find the sugar bowl.

Jan