I believe these type of exchanges need to be taken offline and not continued
in the newsgroup. And I am referring to both parties. This is detrimental.
--
-----
Tom Pepper Willett
Microsoft MVP - FrontPage
----
| I have never mentioned any employer in this group. I have never posted
any
| post in this group and identified myself as the employee of any company.
| Everything that I post here is posted under Jimco Add-ins. For you to
drag
| my employer into this discussion is completely unwarranted. The last time
| you did this, I explained to you that Jimco Add-ins is not in any way
| associated with anyone but Jim Cheshire. Neither Microsoft nor anyone
else
| has anything to do with Jimco Add-ins and statements made under that
banner.
|
| Yes, you did contact me via e-mail and say that you wanted to "smooth
things
| over." We exchanged about three e-mails, Mike, and then you disappeared.
| You never did return. I do not auto-delete any e-mails, and when you have
| e-mailed me, I have responded.
|
| I am not at work because my wife just had a baby and is bed-ridden and I
am
| at home. However, my phone will never be busy. Our phone system does not
| work that way. I suspect that you may not be calling the right number,
but
| in any case, it is inappropriate to contact me at work for anything
| concerning what has happened in this group, and I have told you this many
| times in the past. My work phone and e-mail is for work business.
Nothing
| I do concerning FrontPage has any relation to my employer whatsoever.
|
| You certainly have the right to call me childish if you wish, Mike, but I
| think the evidence here says otherwise. You take issue with my statement
| that secure databases should be stored outside of the content area, and
you
| believe that statement is a slam against your product. I have never used
| your product and have no idea whether your product is limited in this way
or
| not. You say that FrontPage is, but it certainly is not. You can easily
| use a system DSN that points anywhere in the file system. There is no
| reason for me to believe that your product cannot do the same. Therefore,
| how could my statement have possibly been an attack against you? The
| answer: it wasn't.
|
| The bottom line is this; you and I have a tumultuous relationship, and
both
| of us know why. Our very first contact was under the circumstances as
this
| contact. It was when you contacted my employer to try and have my Web
site
| removed from the Internet. Since that time, you and I have been on a
rocky
| road. Why has it gotten to this? I will certainly admit that some part
of
| that is stubbornness on my part. However, what starts off poorly rarely
| ends well.
|
| I think perhaps the best course of action is to just drop it. However, I
| will ask again that you stop trying to drag my employer into your
| disagreements with me. There is absolutely no relation between Microsoft
| and Jimco Add-ins. If there is any harassment going on in this issue, it
is
| that alone and it must be stopped.
|
| --
| Jim Cheshire
| Jimco Add-ins
|
http://www.jimcoaddins.com
| ===================================
| Co-author of Special Edition
| Using Microsoft FrontPage 2003
|
|
| | > Jim,
| >
| > You need to re-read the entire thread. I never said at any time, before
| you
| > mentioned it, anything about my product. I said that you're statements
| about
| > using _private indicate that FP as a whole has the same security issues.
| You
| > where the first one to mention anything about products or business
| > practices. It is obvious what your intent was and you have a history of
| it.
| >
| > But this thread alone is not the reason for taking action, not threats,
it
| > is the fact that you're singling out my posts and are visibly trying to
| harm
| > the company and myself. You've been doing it for sometime now an we've
| > finally reach the end of our tolerance for your childishness.
| >
| > As for email, I've made numerous requests in this NG to speak with you
| > privately and you've decline. I've written to your public emails and
have
| > never received a response. As we both know email addresses can be routed
| to
| > the delete folder without ever seeing them. We did have a small exchange
| via
| > your support form but when I returned to continue the conversion -- no
| > response. Yesterday, I made 5 attempts to contact you at Microsoft over
a
| 3
| > hour period, your phone was busy the entire time. This is the only venue
| > that you've chosen to converse in as it provides you with what, I
believe,
| > you perceive to be a "righteous" position.
| >
| > If we can not resolve it ourselves our Attorneys will have to and that
is
| > not idle talk, Jim. You may have already learned I've contacted your
| > employer. Our Attorneys are being notified this morning and I would
advise
| > that you see an Attorney if you wish to continue this.
| >
| > Jim, I truly do no know how this got to this point but I plan to end it
| here
| > and now. These are not threats but advise of actions that are being
taken.
| >
| > Mike
| >
| >
| > | > > For the record, I think it made it very clear that I was not talking
| about
| > > your product. I made a general statement regarding security, and it
is
| > one
| > > that is backed up by many other sources. As a matter of fact,
FrontPage
| > > 2003 includes documentation to this effect as well.
| > >
| > > My intent was NOT to discourage people from purchasing your product.
I
| > > stated to you that I was not talking about your product and you
clearly
| > > indicated that you didn't think that I was talking about your product.
| > > However, you follow that up with a post saying that my point is to
| > > discourage people from purchasing from you.
| > >
| > > I receive dozens of e-mails from people everyday. None of them has
been
| > > from you. To reach me, you can browse to my Web site which is
| accessible
| > by
| > > any computer connected to the Internet. Your ability to post here
means
| > > that you also have the ability to contact me. Anyone that corresponds
| > with
| > > me knows that I am prompt to answer every single e-mail that I
receive.
| > >
| > > Your view as to what has happened here is, as usual, quite distorted.
| > Your
| > > threats against me in this public forum are not warranted nor
welcomed.
| > We
| > > will deal with them appropriately.
| > >
| > > --
| > > Jim Cheshire
| > > Jimco Add-ins
| > >
http://www.jimcoaddins.com
| > > ===================================
| > > Co-author of Special Edition
| > > Using Microsoft FrontPage 2003
| > >
| > >
| > > | > > > Boy you need to take a course in understanding what you read.
| > > >
| > > > I did say that I agreed that having the database outside of the web
| tree
| > > was
| > > > the most secure. However I also said that most ISP / WPP. do not
allow
| > for
| > > > it or they charge large sums to have it that way.
| > > >
| > > > Also if you were to follow this line of thinking all the way out
then
| > > > everyone that is using FrontPage to store a databases, email
results,
| > > etct.
| > > > should stop doing so immediately as it not secure accounting to Jim.
| and
| > > to
| > > > heck with conventions being used in FP 2003 / FP 2002 / FP 2000.
| You're
| > > > whole aim here is to discourage customer from using any Page
| Protection
| > > > package as they all store their database into the web.
| > > >
| > > > This is also true of eCommerce systems for the most post. If this
was
| a
| > > top
| > > > secret web site then yes there are a whole lot of security issue
that
| > > could
| > > > be address and would not be allowed in FP -- but were not dealing
with
| > Top
| > > > Secret information.
| > > >
| > > > If you keep taking pot shots at my business with these statements
and
| > it
| > > > border on be libelous behavior. It is already harassment. I plain
to
| > pass
| > > > them on to MS and our Lawyers. See prior messages.
| > > >
| > > > --
| > > > Mike -- FrontPage MVP '97-'02
| > > > J-Bots Plus 2002 End of Summer Sale You Save $20.00
| > > >
http://www.websunlimited.com
| > > > FrontPage Add-ins Since '97 2003 / 2002 / 2000 Compatible
| > >
| >
|
--------------------------------------------------------------------------
| > > --
| > > > --------------------
| > > > If you think I'm doing a good job, let MS know at
(e-mail address removed)
| > > >
| > > >
| > > > | > > > > Absolutely amazing to me that you would find fault in a
| recommendation
| > > > that
| > > > > sensitive data be stored outside of the content area. Instead of
| > > > > disagreeing with me in a cordial way, you once again prove your
lack
| > of
| > > > > character.
| > > > >
| > > > > Keep posting, Mike. You give everyone good reason to refuse to do
| > > > business
| > > > > with you.
| > > > >
| > > > > --
| > > > > Jim Cheshire
| > > > > Jimco Add-ins
| > > > >
http://www.jimcoaddins.com
| > > > > ===================================
| > > > > Co-author of Special Edition
| > > > > Using Microsoft FrontPage 2003
| > > > >
| > > > >
| > > > > | > > > > > What? I never said any thing about you mentioning my product.
| > > Apparently
| > > > > you
| > > > > > had it in mind though because of your reference to it here. It
is
| my
| > > > > belief
| > > > > > that you are degrading FrontPage and all other products that
would
| > > > utilize
| > > > > > the _private directory. As you've told me before, "I believe I
| know
| > > what
| > > > > > your true motives are here."
| > > > > >
| > > > > > Please stop loading up your gun and firing before you know what
| your
| > > > > aiming
| > > > > > at.
| > > > > >
| > > > > >
| > > > > > --
| > > > > > Mike -- FrontPage MVP '97-'02
| > > > > > J-Bots Plus 2002 End of Summer Sale You Save $20.00
| > > > > >
http://www.websunlimited.com
| > > > > > FrontPage Add-ins Since '97 2003 / 2002 / 2000 Compatible
| > > > >
| > > >
| > >
| >
|
--------------------------------------------------------------------------
| > > > > --
| > > > > > --------------------
| > > > > > If you think I'm doing a good job, let MS know at
| > (e-mail address removed)
| > > > > >
| > > > > >
| > > > > > | > > > > > > No one said anything about your product, Mike. I made
| statements
| > > > > > concerning
| > > > > > > security that will stand up to scrutiny by anyone who
| understands
| > > > > > security.
| > > > > > > If you don't, then I would seriously reconsider any decision
to
| > > > purchase
| > > > > a
| > > > > > > product from you claiming to be secure.
| > > > > > >
| > > > > > > --
| > > > > > > Jim Cheshire
| > > > > > > Jimco Add-ins
| > > > > > >
http://www.jimcoaddins.com
| > > > > > > ===================================
| > > > > > > Co-author of Special Edition
| > > > > > > Using Microsoft FrontPage 2003
| > > > > > >
| > > > > > >
| > > > > > > | > > > > > > > What you're suggesting here is that the company that you
work
| > for
| > > > (MS)
| > > > > > has
| > > > > > > > developed a system that allows for security holes.
| > > > > > > >
| > > > > > > > The first version of FP that offered a save results
component
| > > saved
| > > > > the
| > > > > > > data
| > > > > > > > in _private and still does. Since the first version of FP
| that
| > > has
| > > > > > > offered
| > > > > > > > database results it saved the database in the web in known
| > folders
| > > > and
| > > > > > not
| > > > > > > > outside of the web.
| > > > > > > >
| > > > > > > > Most ISP / WPP do not allow for a file area outside of the
web
| > > tree
| > > > > but
| > > > > > if
| > > > > > > > they do then yes use it. It does not mean that the product
you
| > > > > purchase
| > > > > > > can
| > > > > > > > not use that database. It does mean that you'll have to
| manually
| > > > tweak
| > > > > > the
| > > > > > > > code and that includes any code created by FP itself that
you
| > wish
| > > > to
| > > > > > > access
| > > > > > > > the db with.
| > > > > > > >
| > > > > > > > As for writing your own -- sure if you have the skills and
| time
| > to
| > > > do
| > > > > > so.
| > > > > > > An
| > > > > > > > by skills I mean know that the pages are secure. But with
this
| > > type
| > > > of
| > > > > > > > product selling for under $20 and integrated into FP, how is
| it
| > > cost
| > > > > > > > effective for your customer or you?
| > > > > > > >
| > > > > > > > These recommendation do not stand up to scrutiny.
| > > > > > > > --
| > > > > > > > Mike -- FrontPage MVP '97-'02
| > > > > > > > I-Bots Plus 2002 End of Summer Sale You Save $20.00
| > > > > > > >
http://www.websunlimited.com
| > > > > > > > FrontPage Add-ins Since '97 2003 / 2002 / 2000 Compatible
| > > > > > >
| > > > > >
| > > > >
| > > >
| > >
| >
|
--------------------------------------------------------------------------
| > > > > > > --
| > > > > > > > --------------------
| > > > > > > > If you think I'm doing a good job, let MS know at
| > > > (e-mail address removed)
| > > > > > > >
| > > > > > > >
| > > > > > > >
| message
| > > > > > > > | > > > > > > > > Hi Jonered,
| > > > > > > > >
| > > > > > > > > Sorry, I thought you were changing subjects and moving on
to
| > > > > > encrypting
| > > > > > > > > data. Assuming you are still talking about password
| > protecting,
| > > > > there
| > > > > > > are
| > > > > > > > > many solutions available to you out there. I'd carefully
| > > examine
| > > > > the
| > > > > > > > > license agreement with them however. Make sure that they
| will
| > > > stand
| > > > > > > > behind
| > > > > > > > > whatever level of security they provide. You don't want
to
| > pay
| > > > for
| > > > > a
| > > > > > > bug
| > > > > > > > in
| > > > > > > > > someone's product by opening a security hole in your site!
| > > > > Remember,
| > > > > > by
| > > > > > > > > using a product to do this, you are trusting your content
| with
| > > > that
| > > > > > > > company.
| > > > > > > > >
| > > > > > > > > By far the best solution is to store usernames and
passwords
| > > > outside
| > > > > > of
| > > > > > > > your
| > > > > > > > > Web site content area. Using SQL Server is the best and
| most
| > > > secure
| > > > > > > > > solution. However, if you must use Access, you should
store
| > > your
| > > > > > Access
| > > > > > > > > database outside of your content area. You can store it
in
| > > > _private
| > > > > > or
| > > > > > > > some
| > > > > > > > > other folder where it cannot be browsed directly, but then
| you
| > > > must
| > > > > > rely
| > > > > > > > on
| > > > > > > > > your host to properly secure that folder, and many hosts
| open
| > up
| > > > > > > > permissions
| > > > > > > > > too much and allow people access to folders where they
| > shouldn't
| > > > be
| > > > > > > > allowed.
| > > > > > > > >
| > > > > > > > > My personal recommendation would be to find a reputable
ASP
| > site
| > > > out
| > > > > > > there
| > > > > > > > > that provides tutorials on this kind of thing and write
your
| > > own.
| > > > > > It's
| > > > > > > > not
| > > > > > > > > hard to do, and by doing it yourself, you are guaranteed
to
| > know
| > > > > > exactly
| > > > > > > > > what's going on.
| > > > > > > > >
| > > > > > > > > --
| > > > > > > > > Jim Cheshire
| > > > > > > > > Jimco Add-ins
| > > > > > > > >
http://www.jimcoaddins.com
| > > > > > > > > ===================================
| > > > > > > > > Co-author of Special Edition
| > > > > > > > > Using Microsoft FrontPage 2003
| > > > > > > > >
| > > > > > > > >
| > > > > > > > > | > > > > > > > > > Jim,
| > > > > > > > > > I'm also working on a secure site (non-intranet). What
| > > > > > > > > > software is dependable and easy to use? What would you
| > > > > > > > > > recommend. (Never done secure site before.)
| > > > > > > > > >
| > > > > > > > > >
| > > > > > > > > > >-----Original Message-----
| > > > > > > > > > >Sharon,
| > > > > > > > > > >
| > > > > > > > > > >If you're using employee access pages, you might want
to
| > > > > > > > > > consider using the
| > > > > > > > > > >security on the Web site. It's going to be much more
| > > > > > > > > > reliable and robust
| > > > > > > > > > >than any third-party solution because it uses the OS-
| > > > > > > > > > level security.
| > > > > > > > > > >
| > > > > > > > > > >Search on "frontpage password protect" in the Microsoft
| > > > > > > > > > KB at
| > > > > > > > > > >
http://support.microsoft.com.
| > > > > > > > > > >
| > > > > > > > > > >--
| > > > > > > > > > >Jim Cheshire
| > > > > > > > > > >Jimco Add-ins
| > > > > > > > > > >
http://www.jimcoaddins.com
| > > > > > > > > > >===================================
| > > > > > > > > > >Co-author of Special Edition
| > > > > > > > > > >Using Microsoft FrontPage 2003
| > > > > > > > > > >
| > > > > > > > > > >
| > > > > > > > > > >| > > > > > > > > > >> Does anyone have suggestions on add-ons so I can add
| > > > > > > > > > >> password protected pages to my website (employee
access
| > > > > > > > > > >> pages). I have tried J-Bots PagePro and can't get it
to
| > > > > > > > > > >> work and can't get support that I can understand.
| > > > > > > > > > >>
| > > > > > > > > > >> Thank you.
| > > > > > > > > > >>
| > > > > > > > > > >> sharon
| > > > > > > > > > >
| > > > > > > > > > >
| > > > > > > > > > >.
| > > > > > > > > > >
| > > > > > > > >
| > > > > > > > >
| > > > > > > >
| > > > > > > >
| > > > > > >
| > > > > > >
| > > > > >
| > > > > >
| > > > >
| > > > >
| > > >
| > > >
| > >
| > >
| >
| >
|
|
