Just add the table already
There’s this one little remnant of "6-think" that has stuck with me. I like to think of myself as no longer beholden to the limits contained in that earlier version. Yet for some reason I have this aversion to adding tables to an application. I’m fairly certain this is a hangover from the 50 file/table limit in FMP 6 days. Despite my data modeling indoctrination whenever I encounter a problem, whether it be in a solution I’m building or that of someone else, my last thought is to add a table to "normalize" that data.
Technical Briefs and White Papers as Invaluable Developer Resources
In numerous venues over the past six weeks or so, a number of developers and other users of FileMaker Pro have raised a number of questions about the behavior of various members of the FileMaker Family of Products or about their proper deployment. These have ranged from conversion issues from older versions, to external authentication, to record level access privilege behaviors, to proper hardware requirements for FileMaker® Server 8 and FileMaker® Server 8 Advanced.
FileMaker, Inc. and a number of senior developers have over the past three years anticipated many of these questions and issues. As a result, on the corporate website are a number of Technical Briefs and White Papers that cover these matters in rather extensive detail.
For more information click here.
Steven H. Blackwell
Encryption = Less Secure?
Recently in a post to the FMPexperts list a question was asked about securing a database away from the system administrators. The current FMP security model doesn’t provide a method for the database owner to secure the system against the database administrator. Someone with physical access to the file has the ability to attack that file at their leisure. While opening an FMP file with a text editor will reveal little, the savvy hacker will soon discover and bypass the encoding scheme used. The less savvy hacker will fork over $45 to provide them with access to the file.
Post-Design Caucus Meditations
Albert and the gang at SmallCo host the FM Design Caucus on the first Thursday of the month where a group of developers get together to look at design issues using FMP. Luckily when it was my turn in November they went easy on me.
Known Vulnerabilities of Ersatz and Artificial Security Systems
For the past six months or so, the FileMaker community has again been deluged with numerous examples of ersatz and artificial security systems that purport to manage Accounts, set privileges, control access, and perform other functions found with the province of the built-in FileMaker Pro security system.
In my judgment and from my experience, such ersatz systems are fraught with vulnerabilities. They give the appearance of security, but they in fact introduce a realm of vulnerabilities into a given FileMaker Pro solution.
Generally speaking, security systems are designed to protect the Confidentiality, Integrity, and Availability (CIA) of data and business process in a file as well to protect developer intellectual property. Items that impinge on CIA or that introduce methods to compromise CIA are–by their definition–security vulnerabilities. Developers and Administrators must assess on a case by case basis the likely risk level attached to a specific threat and the likely impact of any breach on the data, operations, corporate reputation, or people in an organization.
Generally speaking, these ersatz systems work to undermine and to defeat security.
Read more, including specific descriptions of vulnerabilities at http://fmforums.com/forum/showtopic.php?tid/180727/ or http://tinyurl.com/rbo5c.