Many of the problems arise from simple crypto mistakes, not because it is a
desktop system.
For example, the fact that the passwords are reversible, arises from a
simple, schoolboy howler mistake that msoft made when they implemented the
DES encryption of the passwords in the workgroup file. With the proper
method, it would have made the passwords completely impossible to
reverse-engineer - not matter HOW much access you had to the workgroup file.
Of course, even if they had done that properly, you could just patch the
relevent codefiles to accept anything as a valid password. There is at least
one prduct around, that does this. So, IMO, it is >not< the accessibility of
the >data< (mdb/mdw) files that makes the security vulnerable. They could
have made hat security invulnerable, if they had done it properly. It is the
accessbility & patchability of the >code< files (eg. the Jet DLLs) that
makes a desktop product vulnerable.
Cheers,
TC