Case 464720 6/18/2013 Joel Booker Viewpoint V6 Questions on Port Sniffers and hacking - Create Issue - Close Call \\"Questions on Port Sniffers and hacking Jim Emery\Gary Gilmore \Joel Booker. ODBC encryption over the line – need to research the effort and create an Issue. MICHELS Note (6) - The database traffic between the SQL Server and the client application is not encrypted. This is problematic for any network "sniffers" that can pick up legitimate, and allowed ODBC traffic. This is a separate issue in addition to the traditional ODBC situation. During an example run, Joel was able to pick up complete and easy to read traffic sets during a legitimate data sync from Microsoft Access on a separate computer. "
Andrew Karr
| Company | CANA |
| Job Title / Role | IT Mgr |
| I need it... | Yesterday...Come on already |
Dear Viewpoint Suggestion Box contributor;
We at Viewpoint sincerely thank you for your contribution to Suggestion Box on how we can improve Viewpoint products. While we can’t do everything at once, we rely upon your feedback to help guide the prioritization of our product improvements, and Suggestion Box is a critical tool for us to understand and prioritize our customers’ needs.
Viewpoint reviews Suggestion Box regularly for all of our products and updates statuses, adds comments, and performs various house-keeping (including deleting) as needed to ensure that Suggestion Box is maintained as a productive environment for product enhancements requests.
© 2023 Trimble Inc. All Rights Reserved. Viewpoint®, Vista™, Spectrum®, ProContractor™, Jobpac Connect™, Viewpoint Team™, Viewpoint Analytics™, Viewpoint Field View™, Viewpoint Estimating™, Viewpoint For Projects™, Viewpoint HR Management™, Viewpoint Field Management™, Viewpoint Financial Controls™, Vista Field Service™, Spectrum Service Tech™, ViewpointOne™, ProjectSight® and Trimble Construction One™ are trademarks or registered trademarks of Trimble Inc. or its affiliates in the United States and other countries. Other names and brands may be claimed as the property of others.
Is the conclusion to this that everyone will be using VRL? (as per the release notes in v6.19)
We have a broad set of initiatives at Viewpoint that are focused on improving the security of data at rest, in transit, and at display. One of the key elements we are looking at is requiring data encryption between the server and the client when connecting via ODBC - this will be addressed rapidly. In the mean time, a goodly portion of that risk is alleviated by using VRL (VistaNet) which uses HTTPS for the majority of the link.
Please contact me directly for more details.