Protection vs MDE unlocker

[FuzMic]

Hi

I had been thinking that all the codes behind forms & reports and within the modules can be "protected" by converting the front end .mdb to .mde until i learn about EverythingAccess.com "Full restoration services".

On searching this forum, Banana had a year ago made some relevant comments to this issue such as

1 MDE Code Protector that delete this dump file (which they call compiler junk).
2 MDE may do away with source codes, but it doesn't hide strings & variable names and the useless Access encryption is quite useless.
3 MDE is *great* for protecting the IP of your database, but not so much for data itself

Dilemma
Is it then true that we cannot protect our codes with these "Services" around? If so we might as well not develop anything in Access if it can be so easily high Jack!!! Did I miss out something? Please enlighten

 

[MarkK]

What do you have going on that you're so sure someone's going to steal from you? Just deal with people you trust.

 

[FuzMic]

Nothing much but a whole lot of applications that are useful and are marketable.

 

[Banana]

It should be noted that it's actually harder to decompile a .mde file than it is to decompile a .exe file. After all, there are many, many decompilers out there that can work on any variety of .exe but .mde uses a specific set of symbols that isn't publicly documented and likely won't be for any length of time, so one could argue the IP contained in source code is actually safer in .mde than .exe project.

That said, if you're so jealous of the IP, you can just buy the service of MDE Code Protector and make it even more harder to decompile.

As for the data, I think we need to clearly define precisely what we are protecting and from whom. If for instance, one wanted to sell an application using Access to a company, then any data the company generates belongs to the company so it's their responsibility to keep the data safe by restricting the access to network.

TBQH, I can't imagine an application that would use a central data store for different purchasers of data, so I don't see this as a particular concern. OTOH, when it's used in-house on a geographically disperse company, it's common that Access is used in conjunction with say, Windows Terminal Server or Citrix or some kind of remote desktop system OR with different & more secure backend such as SQL Server, Oracle, DB/2, MySQL, whatever, so the data is pretty well protected.

 

[FuzMic]

B.. + cherry
Thanks for yr positive enlightenment. Beside buying the MDE Code Protector, can we remove the dump file / complier junk by another way; or perhaps Microsoft can provide another layer to improve the conversion to MDE. Is the junk kept at the end of the .mde file that we can tweat with a text reader? What say u?

 

[Banana]

Afraid Wayne Phillips is the best person to answer those question.

It also happen that he's the guy selling the product.

 

[FuzMic]

B + C
Thanks for the sharing. Meanwhile I had a quick scan on PhillIps website plus a look at Access Team stand on security for people who wants to sell applications based on Access.

 

[gemma-the-husky]

i think there is a difference between code and data

data STRUCTURE is not worth being precious about

most commercial apps expose the full structure via ODBC etc - jet tables can be read from access independently of your app. Reading data to develop reports/enquiries shouldnt really be an issue etc - having sai that, its one thing seeing the data in the files - its quite another knowing how to use the data.

eg, with Sage, you can make an odbc connection, and copy any data table into access

 

[FuzMic]

Thanks dog lover

Data issue is not my main concern in this thread, that is the duty of the owner of the data to keep them protected; unless owner requires some form of protection.

My main concern is why Microsoft leave the compiler junk behind in the .mde and expose the codes while misleading us to think that the conversion to .mde will protect them until Phillips comes along.

 

[Banana]

I'm afraid that question is probably best answered by someone at Microsoft, unfortunately. However I should point out that though it's easy to think they goofed up, it's also probable they had valid design rationale for doing so we just don't know about.

Also, remember that even with Mr. Wayne Phillips's MDE unlocker, it's still comparatively difficult to decompile a MDE (and a good reason why Mr. Wayne Phillips should charge for the service) whereas decompiling an EXE program is as easy as find a good decompiler and running EXE through it. Furthermore, even then, his unlocker isn't 100% reversible; it's not as if you can treat it as if it was the original MDB file.

Finally, Mr. Wayne Phillps has remarked on UtterAccess that he knows only of one other vendor who offer similar service and has went out of business, and Mr. Phillips does claim that he runs an ethical business and refuses to do service for where ownership of MDE is in dispute.

Here's the thread in question.

Hope that helps... You could also go to Mr. Phillps' site and ask him about why those junk are left behind, but that's not as ideal as asking someone at Microsoft.

 

[FuzMic]

B.C
Thanks again for your continued sharing. The Utter Access link is quite reassuring. Wishful thinking that someone in Ms Access team will take up this thread. Cheers!