[DUG] In case you're interested (or buy stuff)

tracey tracey at logis.co.nz
Thu May 4 12:39:49 NZST 2006 



>What do you do if the client phones up and they have lost their password 
to access your app ? 
*Look in the Db or reset it to something (via lan/remote access)? Or maybe
have a "reset password" functionality in the app?

>What do you do if the user has sent their database over for some fault 
finding and you cant access it without the clients password ?
*Ask them for their password.. silly user - or maybe use the admin password?

>What do you do when you are contracting and you want to prove you did 
the work, but the idiotic contractee keeps removing all reference to you 
from the code ?  One memorable instance of this was  when I wrote a CPM 
clone optimised for Z80 for Sord Computers and they kept removing my 
name from the code.  Eventually I had to invent an error message and 
code that looked legit.  But if three specific keys were pressed 
simultaneously, it popped up a message saying that I wrote it.
*Um, have never contracted but... why is it so important to have your name
in the code? For future employment reference? Surely the actual contract
that sets out your work, + actual code, is enough for proof of work? (pardon
my ignorance here)

>We generally have a continuously variable master password to let us in 
as a legit user.  There are also various environment variables, registry 
entries and ini file settings that allow us to maintain the system 
effectively.
*The administration module of your app? An Admin login to the app with xtra
permissions?

For any of these to work, we need physical access to the machine with 
the app and database.  We dont any remotely controlled access.
*hmm.. remote access certainly has it's benefits.  So how do you access the
"back door" then?

>Heres an interesting point relating to Elsie4, the Bonus Bonds app.  It 
runs on Windows but Windows has been restricted and hobbled so that you 
can not do anything else but run the app.  When the device is at our 
office, we can still get in though to change printers or apply updates 
etc.  Is this a back door ?
*Good point.  
M$'s definition = back door
A hardware or software-based hidden entrance to a computer system that can
be used to bypass the system's security policies.
Surely it's not a back door unless it is accessible while the app is running
in it's live environment??

Again pardon my ignorance here.





_______________________________________________
Delphi mailing list
Delphi at ns3.123.co.nz
http://ns3.123.co.nz/mailman/listinfo/delphi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://ns3.123.co.nz/pipermail/delphi/attachments/20060504/32497dcc/attachment.html

More information about the Delphi mailing list