Re: Is WM5 worth trying on a Dell Axim x50v?

I've done my google searches for this documentation, and all I've been able
to come up with is people complaining about the feature removal. If you
know the magic keywords to find the documentation, I'd appreciate it. A
direct link would be appreciated even more.

What I don't understand is this:

1) MS has a perfectly good AD policy system in place, that allows admins to
lock down all kinds of features. Why didn't they use that. Sure, it MIGHT
have been extra effort, but it would have made a sizeable portion of their
userbase happy (or at least not made them unhappy). Having not seen their
code, I can't comment one way or another on how much extra effort it would
have been. Removing the existing functionality was extra effort as well.
How much effort would it have been to do it in a way that gave some
flexibility? 10%? 25%? 100%? AFAIK, neither you or I know the answer to
that. I know I don't.
2) There are any number of ways to make the transmission of data secure.
If admins are so concerned about the open transmission, put things behind a
firewall, and require a VPN connection to sync. MS could have wrapped the
data with an SSL connection. Encrypt the data before syncing, and decrypt
it on the other end. As above, I'm not aware of how much extra effort would
have been required to solve the problem. But in both options, they wouldn't
have been inventing something new. The solutions were all there.
3) Correct me if I'm wrong (I've only had a wireless AS device for a
limited time), but the only way you could do the sync was if you had access
to your desktop/laptop system. The only way you could do that in your
coffee house scenario (or from a hotel room, or anywhere else outside a
secure office environment) is if you got access to the corporate network.
Typically, the admins would lock down the ability to see individual
workstations from outside the network. So you'd usually have a VPN
connection to transmit the AS data. Wouldn't that be secure enough?

I don't spend a lot of company time doing things that my management doesn't
think are important, but there's a couple of safeguards. First, I speak up
when I think we're going down the wrong path. Second, when we do something
(lock down the system, remove a feature, etc), we've learned that unless
there's a very compelling reason why ALL our customers should have that
feature, we put in setup options to turn the feature on and off. Then we
document the hell out of it, and make sure that our customers can understand
why we're doing it. If we can't afford to do it right, we can't afford to
do it wrong, either.

--
Clint
"Sven" <sejohannsen@xxxxxxxxxxx> wrote in message
news:u%23pdjCzFGHA.3892@xxxxxxxxxxxxxxxxxxxxxxx
>
>> I mean really, what have they accomplished? Have they prevented users
>> from
>> accessing the network with their PDA's? No.
> True
>
>>Have they kept users from syncing remotely? No, you still have Bluetooth,
>>IR, and WiFi with Exchange Server.
> Actually yes they have. BT and IR are relatively short range technologies
> that prodiminantly depend on a line of sight between the PPC and PC. Not
> entirely so on the BT side but that isn't the issue. Wifi with exchange is
> a significantly different and more secure process than syncing with the
> desktop version of Outlook via AS. There is inherent security built into
> that connection not available in the AS system.
>
>>So what, precisely, are they protecting us against?
> The entiely open transmission of all the contacts, calendar, tasks, files,
> etc that are passed during an AS session over the internet when you are
> sitting at a free wifi hotspot at the local coffee shop.
>
> The vulnerability is documented and easy to find on the web.
>
> Are there ways to fix it? Sure, but they do take time and effort and
> resources. You are a programmer. Do you spend time and effort on things
> that your management believes are not critical, at the expense of things
> that are?
>
> Sven
> MVP - Mobile Devices
>


.

Relevant Pages

  • Re: Process does not contain any programs (???)
    ... Not sure what to put on that bug report. ... New feature didn't work. ... Wanted to set a breakpoint. ... have any representation in the documentation (Note to Microsoft: ...
    (microsoft.public.vc.mfc)
  • Re: FAQ Topic - How can I see in javascript if a web browser accepts cookies? (2009-06-2
    ... The versions here I have tested to date; text in parantheses denotes what is ... `*' denotes documentation that contradicts tests. ... the respective feature, too; ... Konqueror JavaScript as used in KHTML-based UAs ...
    (comp.lang.javascript)
  • Re: Process does not contain any programs (???)
    ... New feature didn't work. ... Wanted to set a breakpoint. ... have any representation in the documentation (Note to Microsoft: ... MVP Tips: http://www.flounder.com/mvp_tips.htm ...
    (microsoft.public.vc.mfc)
  • Re: Print Server
    ... >configure your wireless base station may be able to tell ... >The Trendware web site is very thin on documentation... ... >A second possibility is that whatever utility or feature ... >> IP address for the print server. ...
    (microsoft.public.windowsxp.print_fax)
  • Re: Outlook Security
    ... This "safety" feature is not new. ... earlier version of Outlook and it had this feature in the patch. ... > It's a new security feature to prevent accidental opening of viruses, ... > but I think the extra effort to hit forward is safer and well worth the ...
    (microsoft.public.outlook)