讨论：关于替代旁路密钥的评论 [英] Discussion: Comments on Alternative Bypass Key

问题描述

此线程与如何通过另一个键来更改Shift键以打开文件访问权限。


听起来我会花时间编写访问已经存在的内容，并且没有额外的好处。

This thread was split off from How to change Shift key by another key to open file access.

It sounds to me like you will be spending time coding something that access already does, and for no extra benefit.

推荐答案

这当然是Smiley的完全正确，但有时完全锁定并不是开发人员所追求的。有时，只需要一点混淆。这一切都取决于感知的威胁级别，这取决于预期用户的技术诀窍。例如，我知道，我为特定公司所做的大部分工作因为意外地保持Bypass键被按下以输入大写密码而遭受更多威胁，而不是试图使用其中一个用户。深入了解系统的细节。当他们成功进入系统时，他们需要打电话给我让系统重新工作; - ）

That''s perfectly true of course Smiley, but sometimes a complete lockdown is not exactly what a developer is after. Sometimes, a little obfuscation is all that is required. It all depends on the perceived threat levels, which depends on the know-how of the expected users. I know, for instance, that much of the work I do for a particular company has much more threat from accidentally keeping the Bypass key held down in order to enter the upper-case password, than it ever would from one of the users attempting to get into the details of the system. When they are successful in breaking into the system they need to call me to get the system to work again ;-)

禁用Shift键非常有意义，我建议大多数如果不是所有情况。


添加第二种类型的shift键似乎没什么意义，因为它并没有改变Shift键仍然可以重新启用的事实一个用户知道该做什么。


也许我错过了什么。

Disabling the Shift Key makes perfect sense, and I would recommend that in most if not all cases.

Adding a secondary type of shift key seems to make little sense, since it doesn''t change the fact that the Shift Key can still be re-enabled by a user knowing what to do.

Maybe I am missing something.

如果你把它留空，那么类比就是把你的房子锁起来：


将项目自动启动到表单中相当于用Yale锁锁定前门。它将阻止大多数小偷进入。它将特别劝阻机会犯罪。如果你想要保险，保险公司倾向于坚持你使用榫眼锁。


榫眼锁等同于禁用旁路键。除了非常坚决的小偷之外，它会阻止所有人。然而，这样的小偷有工具可以进入。


禁用旁路键，但实现替代进入策略，就像使用榫眼锁，但隐藏一个键，只有你知道它在哪里。比依靠耶鲁锁更安全，但理论上不像没有任何钥匙的榫眼锁。只要密钥不容易被发现或猜到，强度大致相当于榫眼锁。


这里的重要问题是大多数小偷（破解者）都不会期望有一个隐藏的密钥可用。一旦怀疑它就不难破解。就个人而言，如果我正在接近这样一个数据库以获得访问权限，我会寻找一种方法来重新启用旁路密钥，而不是寻找可能存在或不存在的某个替代密钥。这里重要的一点是，有多少人知道标准的Office Bypass密钥，而不是那些可能知道特定开发人员应用的代码的人，以便提供类似的工具来进入他们自己的项目。你会发现拥有前者知识的人数远远超过后者。如果你不知道它，那么你就不会利用它。


我知道所用的类比是不完美的。实际上，住户在离开时将密钥存放在隐藏在其财产上的某个地方是很常见的，但对于Access项目中的替代旁路设施却无法说明。这非常罕见，直到禁用旁路键才能生效。我希望这是有道理的。

If an analogy is locking up your house when you leave it empty :

Having your project start automatically into a form is equivalent to locking the front door with a Yale lock. It will stop most thieves from getting in. It will particularly discourage crimes of opportunity. Insurance companies tend to insist you use a mortice lock however, if you want cover.

A mortice lock is equivalent to disabling the Bypass key. It will stop all but the very determined thief. Such a thief has the tools to get in however.

Having the Bypass key disabled, but implementing an alternative entry strategy, is like using the mortice lock, but hiding a key where only you know where it is. Still much more secure than relying on the Yale lock alone, but theoretically not as secue as the mortice lock without any key available. As long as the key is not easily found or guessed though, the strength is roughly equivalent to the mortice lock.

The important issue here is that most thieves (crackers) would not expect for there to be a hidden key available. Once that is suspected it is not too hard to crack. Personally, if I were approaching such a database in order to gain access, I would be looking at finding a way to re-enable the bypass key rather than hunting around for some alternative key somewhere that may or may not exist. The important point here is how many people know about the standard Office Bypass key as opposed to those that might know of the code applied by a particular developer in order to provide a similar facility to gain entry to their own project. You will see that the numbers of people with the former knowledge should vastly outweigh those with the latter. If you don''t know about it then you won''t take advantage of it.

I know the analogy used is imperfect. It''s actually quite common for householders to store a key somewhere hidden on their property when they leave, yet the same cannot be said about an alternative Bypass facility in Access projects. This is rare enough to be effective up to the point of disabling the Bypass key. I hope that makes sense.

这篇关于讨论：关于替代旁路密钥的评论的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！