TC - New security model

[Chris Mills]

Yet, it would be such a pity to discard the MVP program, merely because we
have a few errant MVP's like JEFF CONRAD and LYNN TRAPP.

What about Tony Toews? He's just an empty-head who never actually thought
about it, and I'm trying my best to be kind.

Chris

 

[Chris Mills]

I didn't mis-quote you, Tom. I said I made a mistake quoting you, which is
different.

I meant I should not have posted the URL you gave. The free one.

Yes I've been handing out a lot of links. It is therefore claimed that I don't
have "integrity". Of course, it is a "demonstration" and strictly limited to
MVP websites, the purported "respectable" ones. Except for your post, but I'll
allow that to lie fallow.

What a surprise. CM can't ensure his integrity by posting links to MVP
websites.

Now listen, Tom. It is probable we are all on the same side in wanting better
security, and there is no reason why that should prevent your associate
"QBuilt" from providing professional recovery services. But that is quite
different from providing cracking downloads, which even TC was against a few
months ago. I am fully prepared to go as far as necessary to expose
"duplicity" regardless of my own reputation, as is perfectly clear.

I do not mean to especially denigrate QBuilt. It is true, from my browsing,
that they would have required at least some details or charge. That certainly
discourages the "casual browser", unlike our "friend" "Serge".

I am very willing to get the discussion onto a more professional footing. I
trust that everyone wants the same. Nevertheless, some of the arguments for
Jeff Conrad (about cracking software and nothing else) seem to me on the verge
of stupidity.

Thankyou for posting.
Chris

(the "free site" was already posted on Jeff and Tony's site. I would never
post such a link myself (hopefully). I was merely demonstrating what CRAP
(whether it works or not) is being posted by supposedly respected MVP's. You
may have thought I was getting at QBuilt, but even if it is that's only a
minor transgression)

Certainly, it gets a bit difficult after 3 months, to separate the crap from
the chaff. QBuilt, of itself, does not appear to be easy to download from.
That's good.

If it comes to integrity, be in no doubt that my "diatribes" are
"demonstrations" of what MVP's (in particular) post. I don't think there's any
doubt that I think nearly this entire newsgroup should be closed down. OF
COURSE, nearly anything can be cracked if the info is made sufficiently
available. At one time it was just "crackers like Serge", now it's mainstream
with MVP's getting in on the act.

Happy to receive measured replies.

 

[Guest]

I meant I should not have posted the URL you gave. The free one.

I've actually never given out the free one (yet). I previously gave out
www.lostpassword.com, but that site is not free.

Yes I've been handing out a lot of links. It is therefore claimed that I don't
have "integrity".

No one questions your integrity based on providing links to other sites. I
know you have questioned other's integrity for this. Your integrity is
brought into question based on the continued personal attacks that you make.
For example, I was just made aware of a posting you made on October 8th,
where you used my name. I wasn't even involved in that thread at all. Here is
a link to the message I am referring to:

http://groups.google.com/group/microsoft.public.access.security/msg/69fba16d915a6308?hl=en&

My question for you is what would possess you to use my name in this posting?

It is probable we are all on the same side in wanting better security...

But, it's simply not possible with a "file access" database. I know how
much you love using Access security, and hate other's revealing it's flaws. I
happen to believe that better security is attainable by educating the public
as to the true weakness of the security model in Access, so that people will
not rely upon it to secure their data.

Happy to receive measured replies.

Then you'll really need to learn to control your impulses to flame others.
In fact, I decided about two weeks ago to not post back, in
microsoft.public.access, to the thread with subject Re: Photo Storage simply
because of the types of posts elsewhere in this thread that you have
contributed.


Tom

http://www.access.qbuilt.com/html/expert_contributors.html
__________________________________________

:

I didn't mis-quote you, Tom. I said I made a mistake quoting you, which is
different.

I meant I should not have posted the URL you gave. The free one.

Yes I've been handing out a lot of links. It is therefore claimed that I don't
have "integrity". Of course, it is a "demonstration" and strictly limited to
MVP websites, the purported "respectable" ones. Except for your post, but I'll
allow that to lie fallow.

What a surprise. CM can't ensure his integrity by posting links to MVP
websites.

Now listen, Tom. It is probable we are all on the same side in wanting better
security, and there is no reason why that should prevent your associate
"QBuilt" from providing professional recovery services. But that is quite
different from providing cracking downloads, which even TC was against a few
months ago. I am fully prepared to go as far as necessary to expose
"duplicity" regardless of my own reputation, as is perfectly clear.

I do not mean to especially denigrate QBuilt. It is true, from my browsing,
that they would have required at least some details or charge. That certainly
discourages the "casual browser", unlike our "friend" "Serge".

I am very willing to get the discussion onto a more professional footing. I
trust that everyone wants the same. Nevertheless, some of the arguments for
Jeff Conrad (about cracking software and nothing else) seem to me on the verge
of stupidity.

Thankyou for posting.
Chris

(the "free site" was already posted on Jeff and Tony's site. I would never
post such a link myself (hopefully). I was merely demonstrating what CRAP
(whether it works or not) is being posted by supposedly respected MVP's. You
may have thought I was getting at QBuilt, but even if it is that's only a
minor transgression)

Certainly, it gets a bit difficult after 3 months, to separate the crap from
the chaff. QBuilt, of itself, does not appear to be easy to download from.
That's good.

If it comes to integrity, be in no doubt that my "diatribes" are
"demonstrations" of what MVP's (in particular) post. I don't think there's any
doubt that I think nearly this entire newsgroup should be closed down. OF
COURSE, nearly anything can be cracked if the info is made sufficiently
available. At one time it was just "crackers like Serge", now it's mainstream
with MVP's getting in on the act.

Happy to receive measured replies.

____________________________________________________

:

Chris,

I'm mildly curious about your last statement here. How exactly did you
misquote me (not that it would be any real surprise that you did)?

You've been handing out a lot of links in this thread to password cracking
software. I'm kind of surprised that you have not listed a *free* site that
offers downloadable tools to crack both ULS and database passwords. Hint:
"Serge Gavrilov".

Tom

___________________________________________

:

I admit making a mistake quoting Tom Wickerath.
___________________________________________


How would you know anything about personal integrity, given what tripe
you've been posting here Chris?

 

[Chris Mills]

Well, whatever, it really wasn't necessary to repeat it in this security
newsgroup, Tom. We could all work out what was meant, even your colleagues
ex-US Marines <g> (who presumably know something about security, obfuscation,
etc, etc, which you obviously don't)

I heard, based on your unsolicited prev description of "the best commercial
airplane manufacturer", that you must work for, umm, Airbus? The Boeing lines
are known to be long obsolete - read some aviation articles.

I certainly question the integrity of Jeff Conrad and Tony Toews. Lynn Trapp
merely spouts nonsense not URL's, which he's entitled to justify of course.

As I have consistently claimed, I only spout "respected sites" like MVP sites
or perhaps (at a pinch) QBuilt. What they link to, is for them to sputter not
me.

My links, as you seem to have missed the purpose, are specifically to question
THEIR integrity. The best they seem to come up with, is I should not advertise
their sites. What a crock. Are you or they plain stoopid or something?

Jeff Conrad makes factual falsehoods in his disclaimer description of what
mde-mdb decoding does. You once claimed that meant I was not an averagely good
programmer, which I merely took as a flame and good for you. Go and educate
yourself by reading some of the actual decoding descriptions, then take a
night to sleep and think about it. Jeff Conrad, who we will assume is
technically competent, is therefore nothing less than an outright liar. I said
so it's not misinterpreted, Jeff Conrad is an outright technical liar in
respect of mde-mdb conversions.

But, it's simply not possible with a "file access" database.

Security? The only thing I said was "better security" (as TC with one of his
hats is pushing). You don't seem to be aware that even SQL*Server can be
cracked. A lot of the munching over SQL*Server, is merely that it has less
cracking available than Access. According to Lynn Trapp, if it's available we
should therefore make it available.

It's unfortunate you mention the "Re: Photo Storage" issue:
1) Ammara has an apparently good product, as endorsed by the guru of such
things, Stephen Lebans
2) You sought to denigrate the poster (not me) as a spammer because he merely
included his URL, indicating he had an interest and expertese in such things
and where he came from. No different from yourself posting a QBuilt commercial
link, if we were to imagine you expert on security.
3) You were technically wrong, as tediously explained by multiple people.
4) So, go figure

Chris

 

[Chris Mills]

5) You sought to claim Allen Browne's website supported your case, when it
actually did no such thing, not even close to doing so.

 

[Guest]

Allen's site *exactly* supports my claim. You are the one who has several
problems, including reading comprehension and how to get along with others in
a civil manner when they hold opinions differently than yours.

If you care to send me a personal e-mail message, I will send you a Word
file I compiled as an answer to that thread, before finally deciding that it
just wasn't worth it to get into a pissing match with you in public. By the
way, I sent the same Word document to Bob at Ammara, and I have yet to hear a
responce back from him.

Tom
________________________________________

:

5) You sought to claim Allen Browne's website supported your case, when it
actually did no such thing, not even close to doing so.

 

[Chris Mills]

Allen's site *exactly* supports my claim.
Oh, as you wish, Tom. I once sent a porno to a girlfriend of a Fijian with a
long member (down to his knees), and she replied "You Wish!".

If you care to send me a personal e-mail message, I will send you a Word
file I compiled as an answer to that thread,

I don't especially care, Tom. I replied to that post because I have often
replied on imaging, not with my own spouts but one from Microsoft. As usual,
why not send posts to the thread? It's not really me who you need to convince,
I don't count, you decided to take on Ammara and subsequently Stephen Lebans.
Pissing match with me? I barely count in that thread!

Have you thought much more about the number of indirections (addresses to
addresses of things) involved in an operating system written in C or
such-like? Man it's a worry isn't it?

Have a nice day
Chris

 

[Guest]

We could all work out what was meant, ...

Sorry, but I don't think most people can "work out" the musings of a
paranoid schizophrenic, like yourself.

The Boeing lines are known to be long obsolete - read some aviation articles.

Think so? You're showing your ignorance once again. The best Airbus can
offer is the A350? Who's obsolete at this point? I'll match my knowledge
concerning commercial jet transports--and databases, for that matter--with
you *ANY* day. But, I won't tolerate personal attacks. For that, you'll
simply be ignored in the future.

The best they seem to come up with, is I should not advertise their sites.

I doubt it. I have a feeling that their hit counts go up when someone
controversial, like you, comes along.

It's unfortunate you mention the "Re: Photo Storage" issue:
1) Ammara has an apparently good product, as endorsed by the guru
of such things, Stephen Lebans

I am not saying, nor have I ever stated, that Ammara's product isn't good.
The issue I raised was whether there is an increased risk of memo/OLE Object
datatypes to corrupt. Did you happen to notice that Stephen did *not* refute
my position in his posting? I didn't think so. By the way, I recently
replied to another question and provided a link to Ammara's site.

2) You sought to denigrate the poster (not me) as a spammer because he
merely included his URL, indicating he had an interest and expertese in such
things and where he came from. No different from yourself posting a QBuilt
commercial link, if we were to imagine you expert on security.

While you show evidence of being able to read, you apparently have trouble
with reading comprehension! FACT: I never denigrated Bob as a spammer. In
fact, I didn't even use the term "spam" or "spammer" anywhere in that thread.
I was simply answering Bob's statement, which read: "...and I neither
mentioned nor advocated our product". My position is that he did, in fact,
mention and advocate his company's product by including the name of the
product and a link in his signature. I didn't say that was necessarily a bad
thing; I merely pointed out the mistruth of his assertion.

3) You were technically wrong, as tediously explained by multiple people.

Multiple people, as in two? Ummm....let's see. Bob from Ammara (who has a
product to sell), and Chris Mills. That's two people, only one of whom may
be technically competent.


___________________________________________

:

Well, whatever, it really wasn't necessary to repeat it in this security
newsgroup, Tom. We could all work out what was meant, even your colleagues
ex-US Marines <g> (who presumably know something about security, obfuscation,
etc, etc, which you obviously don't)

I heard, based on your unsolicited prev description of "the best commercial
airplane manufacturer", that you must work for, umm, Airbus? The Boeing lines
are known to be long obsolete - read some aviation articles.

I certainly question the integrity of Jeff Conrad and Tony Toews. Lynn Trapp
merely spouts nonsense not URL's, which he's entitled to justify of course.

As I have consistently claimed, I only spout "respected sites" like MVP sites
or perhaps (at a pinch) QBuilt. What they link to, is for them to sputter not
me.

My links, as you seem to have missed the purpose, are specifically to question
THEIR integrity. The best they seem to come up with, is I should not advertise
their sites. What a crock. Are you or they plain stoopid or something?

Jeff Conrad ....

But, it's simply not possible with a "file access" database.

Security? The only thing I said was "better security" (as TC with one of his
hats is pushing). You don't seem to be aware that even SQL*Server can be
cracked. A lot of the munching over SQL*Server, is merely that it has less
cracking available than Access. According to Lynn Trapp, if it's available we
should therefore make it available.

It's unfortunate you mention the "Re: Photo Storage" issue:
1) Ammara has an apparently good product, as endorsed by the guru of such
things, Stephen Lebans
2) You sought to denigrate the poster (not me) as a spammer because he merely
included his URL, indicating he had an interest and expertese in such things
and where he came from. No different from yourself posting a QBuilt commercial
link, if we were to imagine you expert on security.
3) You were technically wrong, as tediously explained by multiple people.
4) So, go figure

Chris

 

[Guest]

Chris,

Why do you feel the need to digress into the gutter, with stories about
porno pics, instead of using logical thought processes to explain, in your
words, why you feel that Allen's statement did not apply?

I don't especially care, Tom.

In that case, I'll let you chew on just one small portion of what I had
compiled:

http://groups.google.com/group/micr..._frm/thread/93e2fe8b9c382b23/28e0751a3e3b11f6

"Well, if you have a 'critical system that must be dependable', you
shouldn't be using Jet to store it, but yes, avoiding memo/ole fields can
lead to a lower chance of corruption."

You do know who Peter Miller is, right? He's the one Microsoft often
references for fixing corrupted databases.


Tom
__________________________________________

Allen's site *exactly* supports my claim.

Oh, as you wish, Tom. I once sent a porno to a girlfriend of a Fijian with a
long member (down to his knees), and she replied "You Wish!".

If you care to send me a personal e-mail message, I will send you a Word
file I compiled as an answer to that thread,

I don't especially care, Tom. I replied to that post because I have often
replied on imaging, not with my own spouts but one from Microsoft. As usual,
why not send posts to the thread? It's not really me who you need to convince,
I don't count, you decided to take on Ammara and subsequently Stephen Lebans.
Pissing match with me? I barely count in that thread!

Have you thought much more about the number of indirections (addresses to
addresses of things) involved in an operating system written in C or
such-like? Man it's a worry isn't it?

Have a nice day
Chris

 

[Chris Mills]

Thanks for the amusement, Tom.

Aircraft are a particular interest of mine. There's no doubt that Boeing have
made some of the best, in it's time, and in some ways still do. Certainly our
local airline has just ordered some 777's, I was just testing your
flexibility.

At one time (not now), and to my neverending amusement, was listed on a search
of Boeing at Altavista, firstly Boeing as you'd expect, and the second entry
was Chris Mills with his model twin-rotor Boeing Vertol helicopter. All 5ft of
it.

Boeing aircraft may be good. But so are Airbus, and I suppose Fokker and
Meschersmitt. The hottest model aircraft I ever had was a Kawasaki Hien
"Tony", which a tree on the landing path made a right mess of.

So it's true then. I'm not a perfect pilot. I forgot what the Access part was
about.
Chris

 

[Chris Mills]

Tom, why do you feel a need to pursue that Ammara is in some way deficient?
When even Stephen Lebans has endorsed it?

It's OK to be wrong sometimes. It's no reflection to be wrong sometimes. In
some respects, it's the mark of an expert. I remember being wrong once, or
perhaps it was my mother's fault.

Have another nice day
Chris

 

[Chris Mills]

Peter Miller certainly gives a good description. And I think it's
uncontroversial to say we all respect Peter Miller.

Nevertheless, he doesn't really say what the CHANCES of corruption are, and
Ammara and Stephen Lebans say OLE (as used by Ammara) works fine in practise.

So it seems to me this. You TOM merely wish to try to prove a theoretical
point, whether it matters in practise (like the case of Ammara) or not.

What a waste of precious time. The actual facts (for myself) are, my main db
implemented now on some 600 sites primarily with memo fields, works fine and
reliably. Reliably means: yes certainly I've experienced occasional
corruptions, often one site experiences it regularly which suggests some
site-problem possibly the network. No I can't analyse it in detail, hardly
anyone can because it's a live site and if a Repair fixes it then who cares.
Yes most sites run without error or compacting, ever.

So if you merely want to make a point, good for you and the rest of us will
continue using memo or OLE fields as our Access software dictates.

Have you done reliability statistics on x thousand separate image files, all
the filenames stored in Access?

Have yet another nice day, whilst we continue happily along with our crap
software
Chris

 

[Guest]

Chris,

I NEVER made any such statement about Ammara being deficient in any way. I'm
simply flabbergasted that you could make such an interpretation based on the
words I wrote. This is the reading comprehension issue that I keep bringing
up to you.

I'm going to borrow a term from you that you should be familiar with, since
you've used it on other people:

"You need a mercy-shot to the back of the head."

Ref.:
http://groups.google.com/group/micr...is+author:Mills&rnum=1&hl=en#5db292d5a8fb9789
____________________________________________

:

Tom, why do you feel a need to pursue that Ammara is in some way deficient?
When even Stephen Lebans has endorsed it?

It's OK to be wrong sometimes. It's no reflection to be wrong sometimes. In
some respects, it's the mark of an expert. I remember being wrong once, or
perhaps it was my mother's fault.

Have another nice day
Chris

 

[Guest]

Chris,

I think you are finally admitting, in a round-about manner, that you might
have been wrong, by making the statement: "Nevertheless, he doesn't really
say what the CHANCES of corruption are". To which I will quote you: "It's OK
to be wrong sometimes. It's no reflection to be wrong sometimes. In some
respects, it's the mark of an expert."

I also did not say that corruption was guaranteed with the memo/OLE
datatype; I simply said that the chances of corruption were increased. I gave
no numbers. I will say that it is not a theoretical point. Even you admit
that "yes certainly I've experienced occasional corruptions, often one site
experiences it regularly which suggests some site-problem possibly the
network." I'm willing to bet that the operating system is a bit more robust
at handling all of the redirections that you point out, versus Access/JET.

The actual facts (for myself) are, my main db implemented now on some
600 sites primarily with memo fields, works fine and reliably.

Maybe so. You've been lucky. Peter Miller must love all the business that
customers bring to him, based on this type of development practice. As Peter
states in another sentence:

"This is all fine, except of course, if the linkage between the underlying
records and this general extended storage space is broken in any way, in
which case the whole
system starts to break down."

Peter also states that it is not uncommon for people to have undetected
corruption. In another thread that I found he states that once corruption
starts, it can get progressively worse with time, and backups that are not
throughly tested may also be corrupt. You seem to feel that some small amount
of corruption is acceptable and not such a big deal to handle. The fact that
you don't experience it doesn't mean that it's not there, festering like some
carcinoma ready to explode with a weakened immune system. I think it's
attitudes like this that Peter Miller appreciates. It provides a contiual
source of clients who have received bad advise from developers.

My feeling on the matter is that it's more like flying in a commercial jet
aircraft: no rate of failure should ever be considered acceptable, and while
I will continue to use the JET DB engine for obvious reasons of ease of use
and cost avoidance, I will go to extra lengths to minimize any chances of
corruption. This includes only using Memo/OLE datatype when absolutely
necessary, and then by isolating these fields in a separate table.

Have you done reliability statistics on x thousand separate image files, all
the filenames stored in Access?

No. Have you?

What a waste of precious time.

I agree, which is exactly why I'm going to cut it off with this reply.


Tom
____________________________________________

:

Peter Miller certainly gives a good description. And I think it's
uncontroversial to say we all respect Peter Miller.

Nevertheless, he doesn't really say what the CHANCES of corruption are, and
Ammara and Stephen Lebans say OLE (as used by Ammara) works fine in practise.

So it seems to me this. You TOM merely wish to try to prove a theoretical
point, whether it matters in practise (like the case of Ammara) or not.

What a waste of precious time. The actual facts (for myself) are, my main db
implemented now on some 600 sites primarily with memo fields, works fine and
reliably. Reliably means: yes certainly I've experienced occasional
corruptions, often one site experiences it regularly which suggests some
site-problem possibly the network. No I can't analyse it in detail, hardly
anyone can because it's a live site and if a Repair fixes it then who cares.
Yes most sites run without error or compacting, ever.

So if you merely want to make a point, good for you and the rest of us will
continue using memo or OLE fields as our Access software dictates.

Have you done reliability statistics on x thousand separate image files, all
the filenames stored in Access?

Have yet another nice day, whilst we continue happily along with our crap
software
Chris