I'm a database geek so it's not pain I have to suffer directly, but the operating system guys have had fun locating all the relevant settings and turning them to "on'".

--

So in your ideal world you wouldn't figure these out until you got to the production environment, sounds like a great idea...

It's a shiny plastic disc with a Microsoft logo.

Erm... just a tad old on the technlogy front! I'm not surprised the drivers weren't included in a beta, in fact I'd be surprised if they were in a full release! But don't the R900s come with a built-in Redeon ES1000, which would seem quite reasonable already? Does SQL 2008 have some secret Aero interface nobody's told me about?

"(after you've provided a note from your mother allowing you to do so)."

00r Ma says will ye Get on wi' Rocking IT. ..... Alsjeblieft.

Roger/Copy that Rolling Stone?

" It would be useful to have one switch that turns all the security off "

No. No, it wouldn't be "useful". It would be "setting the stage for the next X years of microsoft-related security disasters". Everyone would just switch the whole lot off (because it's easier than figuring out what follows the principle of least privilege) and never switch it back on. Microsoft might as well not have bothered because it would undermine anything they could possibly attempt to do.

Period.

erm, he's a database geek. don't flame him, he's asking for something only a developer could love.

if a systems person is asking for this, (s)he is to be considered a rookie, and sent back to Desktop Support for 6 months (used to be a year, but nowadays, the internet is meaner, and the users more ornery). if (s)he asks for it again, (s)he should be shot, and then banned from working in the systems side of the house, FOREVER.

for all the non-IT readers (especially our dearly beloved non-technical managers), THIS IS A REALLY, REALLY, REALLY BAD IDEA, SO DON'T EVEN THINK ABOUT IT...shouldn't you be in a meeting, or something?

The BRSSITS (The Big Red Security Switch In The Sky)

It is excellent that Microsoft has provided all this security stuff. In a production system it should be very carefully used. All of this is true.

But think about what happens in practice during development if we don’t have a BRSSITS. Nothing will work out of the box. The development guys simply want to test the spatial data types, not the security. So people dig deep, find all of the switches and set them all, individually, to the “Completely Unsafe” setting in order to get the thing working. Time passes, development takes place and the system moves into production.

Now, what should happen at this stage is that an entirely new production system is created – complete within a fully tested, secure environment. But suppose the development system is somehow, sneakly, moved from development to production status? (Whilst it shouldn’t happen, it does in practice as pressure is applied from the business side.) At that point, someone has to go through the system, finding all of the switches and resetting them. And this is the dangerous part. If one is missed you have a potential security issue.

You can probably see where this is going. If you use the BRSSITS, then all you have to do is to switch it off. Of course, everything stops working, but that’s OK because it forces you, at this point, to set up the security properly – in the correct way, by switching on only the bits you need.

Is it possible to forget to switch the BRSSITS to the ‘Safe’ position before going into production? Of course it is. The next question is “Which is more likely? To forget one HUGE RED SWITCH or to overlook an obscure setting, buried deep in the bowels of the UI?”

And remember, you did have to have that note from your mother before you invoked it. She’ll be patiently watching from the sidelines, making sure that you don’t forget. After all, that’s what Mothers do best.

You know, Mark is quite right on this one.

In small organisations, which may be where Marmite Toast, AC and b shubin all work, the security for public facing websites may be handled by the database geeks. In more professional organisations the jobs are separate – the database geeks do the database stuff and the security team handle security.

So, the database geeks will never be handling the security anyway. In a pure development environment, behind closed doors, they just want security off; particularly when using CTP code for early development. As the application moves closer to production, then is the time to involve the security guys and start to worry about security.

It all depends how bright your people are. A big security switch is only a problem if it is misused. Dumb people can misuse anything, so does that mean we should remove all options from all software in case stupid people use it? I don’t think it’s a problem giving people a big switch, any more than its a problem giving them a DROP TABLE command. Some people will screw up with either. But the more tools you give an intelligent person, the more productive they are.