Quote:
Originally Posted by cflsystems
I am all for security but when this security stands in the way of the normal store operation it is more of a software malfunction rather than improvement.
|
Steve,
Are you reading my old posts from my "4.5.4 to 4.5.5 upgrade rant", and copy/pasting?
Dear X-Cart: it's not that upgrades are difficult -- you are MAKING them near impossible by ADDING totally non-essential garbage to the core. The so-called security "features" that were added in 4.5.5 and 4.6.0 are useless to the average merchant.
It is OBVIOUS that the xcart product manager approving these so-called "security features" is living in an ecommerce vacuum. But I had this "discussion" with various non-managers here in the forum. I would really like to have a true non-threatening conversation with THE person(s) at X-Cart who a) decided this would be an important addition to a minor bug-fix release; b) defend the NEED for these additional so-called security "features" -- not just "these features make the cart more secure", but "we were seeing hundreds and hundreds of customers' stores compromised..."; c) show us a real world need.
But it's too late. We are now 2 versions removed from a relatively stable core... and EVEN IF these so-called "security" features are beneficial, the upgrade process to add these features should have been designed to be an optional add-on, not integrally tied to an "upgrade".
We are wasting our energy.