Re: Pointless Access security warnings

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Thanks very much for the history lesson. It helps to konw what led to this
incomparably stupid decision. Let's hope it gets removed in future versions
of Access, yeah?

r

"david epsom dot com dot au" wrote:

Historically these features - Sandbox, restricted
expressions etc - followed from a very public SQL
Server security failure

Following that public relations disaster, the SQL Server
folks realised that the Jet database engine was a security
risk to SQL Server.

The first changes where some simple changes to file
export in Jet, which prevented SQL Server from using
Jet to overwrite system files.

This then flowed on to restrictions on the distribution
and installation of Jet, wider file export restrictions,
and changes to the default installation of SQL Server.

At the same time, Jet development was stopped so as
not to compete with SQL Server.

Lacking a clear champion, when security restrictions
were added to Outlook, IE, and Windows (to protect
those products), additional restrictions where placed
on Jet files.

Note that I haven't said "security restrictions were
applied to Jet to make it more attractive to customers".

Quite the reverse.

Now that the next Jet developments and distribution
will be the responsibility of the Office team, rather
than the Windows or the SQL Server people, we expect
to see slightly less conflict of interest.

Not entirely gone of course: MS still has competing
products, and their are different visions about the
future of computing.

(david)



"Reliza" <Reliza@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:692E57B0-B56E-4FEF-86CC-A146263A19E4@xxxxxxxxxxxxxxxx
First, thanks very much for taking time to respond. Do you mean that the
stupid security warnings are a function of SQL Server?

r

"david epsom dot com dot au" wrote:

Apparently, Access and Jet have been shifted around so that
the SQL Server folks have less responsibility, and the Office
folks more responsibility.

This is expected to mean that in the next version Access
will be more usable, and there will be less emphasis
on encouraging people to use SQL Server instead.

(david)

"Reliza" <Reliza@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:136BE9FE-2CA1-4783-B08C-4CD3E174A978@xxxxxxxxxxxxxxxx
Please, please, PLEASE get rid of the ridiculous "security" warnings.
All
they really do is annoy the users by presenting frightening messages
that
the
application MAY contain. Users immediately panic. And after that they
quickly
learn to ignore the messages altogether, producing the "yeah yeah"
response
and taking the one or two clicks required to make the annoyance go
away.

We have tried suggesting to our clients that we could use digital
signatures, but their response was, "But then we'd have to turn on
certification."

The bottom line is that the messages do not increase user awareness of
security issues. If anything, they desensitize users to said issues.
The
real
effect is that we have to spend more time on the phone with users
explaining
that yes, they should run the latest Windows and Office updates and
yes,
the
application really does come from us, and no, those are not actual
warnings
that the code "is" harmful, and yes, they should just ignore the
message.
Is
this really what we want to accomplish?



----------------
This post is a suggestion for Microsoft, and Microsoft responds to the
suggestions with the most votes. To vote for this suggestion, click the
"I
Agree" button in the message pane. If you do not see the button, follow
this
link to open the suggestion in the Microsoft Web-based Newsreader and
then
click "I Agree" in the message pane.

http://www.microsoft.com/office/community/en-us/default.mspx?mid=136be9fe-2ca1-4783-b08c-4cd3e174a978&dg=microsoft.public.access.security






.

Quantcast