OpenBazaar, MS Lync, SAP, Auth, Desktop, SigFox, Spanner, HybridCoE

  • Studied OpenBazaar 2.0 documentation. Wow, team has made awesome work. Cool, it's so nice to work with something which has been actually documented. I'm way too used to projects, which are minimally documented and you have to 'reverse engineer' your way in. Read source code, study, try, guess, and so on. It's very nice to see projects where reading documentation is actually helpful.
  • Wow. Microsoft has improved joining Lync (Skype for Business, SfB, S4B) meetings. Now the process is somewhat sane, telling that you can use your locally installed Lync instead of suggesting installing some crappy browser plugin, when I've got native Lync installed, as it earlier did. Which was ... Well, you probably know how bleeped it was.
  • SAP integration and endless integration project. Change number 8129312983 after discussing matter in about 3532 emails and so on and even then, it's unclear if that's what is really needed and if that's how they really operate and if that reflects "reality". - Sigh! - Well, nothing new actually. This is usually how these things are done, unfortunately. - And then someone wonders where the costs are coming from. Smiley. (Not factual numbers from project, but that's how it feels like)
  • Studied state of art Strong Authentication solutions which replaces passwords from MFA and uses PKI + MFA providing High-Assurance Strong Authentication. - Knowledge and possession MFA isn't that great. Because often people write that knowledge part on the physical possession part, and that's it. MFA defeated. - Therefore high quality biometrics would be much better.
  • Usually I haven't been using multiple desktops on computer. I prefer only to keep 'active' documents open, and everything else closed. But it seems that all the time there are more applications and documents open. And only sane way to manage that is starting to use "project specific" desktops. But I still very much try doing one thing at a time, and minimizing distractions and 'context swaps' while doing something which requires concentration and real attention.
  • It seems that SigFox hardware is hard to find, but AliExpress is full of relatively cheap LPWAN / LoRa (LoRaWAN) hardware and modules.
  • Once again only conclusion about security of many things is that, it's better not to ask. Because you don't want to know the truth. Security is often that bad. It's just better to believe it's all good. Because knowing that it isn't makes you just feel bad.
  • Google Spanner Multi-Region and Quickstart Guide. This is something what you need, if you're looking for high availability. As long as you've got only "clustered reliability" at one physical site, you don't really have a reliable setup after all. Most interesting parts were naturally Replication and Transactions, Locking and Isolation (Atomicity, Consistency, Durability, Serializability). Cloud Spanner unsurprisingly looks very similar to the Google App Engines database which used GQL. For developer, it's all seemingly very simple. There's just a small set of supported features, which you can use. Extremely simple to compared many other databases. Paxos and ACID transactions with Strong Consistency.
  • The European Centre of Excellence for Countering Hybrid Threats (Hybrid CoE / HybridCoE.fi) operations are now up and running. But most interesting part of this is the blatant copy of the site. Same domain but with .ru TLD. No, I'm not linking to it on purpose. But check it out if you're curious. It seems at first legit, but when you read the content, it's modern propaganda and great example of hybrid threats. Hmm, legit site using Outlook as mail provider and CloudFlare as CDN. Seems quite standard. But I'm surprised that the .ru site doesn't have mx specified. I'm gonna test if it got catch all mail rule, because that's something what I would personally do, if I would setup site like that. Because who knows that somebody sends accidentally to wrong domain. Nor the A record IP address got SMTP port open. But it got FTP, SSH and HTTP visible.

2019-03-17