Estimated reading time: 24 minutes

A Developer’s Guide to Networks Part 1: Wiring

Kate and I bought our first house a few months ago. This likely comes as a shock to us more than anyone else. The house was built in 2002, which means it has the benefit of being built to a more rigorous set of standards and codes than say a house built in 1972 and as such is theoretically safer and more energy efficient. The downside of a house built in 2002 is that it’s on the wrong side of the great technology upgrade divide. Most houses these days are wired with data in mind. The current standard is somewhere…

Estimated reading time: 5 minutes

Debugging JavaScript in Auth WebViews

There is a growing trend where authentication is occurring within browser controls in applications instead of through native UI. In general, this is good because it makes things like federation simpler, and lets you use different forms of authentication without requiring changes to native components. This means any application you build can rely on a single authentication service and support a multitude of credential types without having to do anything in your own native app. Microsoft is all in with this through Azure AD, and through the ADAL (Azure Active Directory Authentication Libraries). Of course, there are problems with that. Paramount…

Estimated reading time: 9 minutes

A Year in Review: South Bound and Down

The last year or so has been… busy. Around this time last year the company I work for got acquired by Kaseya and it was a reasonably smooth transition. I went from being the Identity Guy to Lead Member of Technical Staff, and from a small engineering team to, well, a lot more. Our products went from being somewhat silo’ed in nature to being the secure foundation for Kaseya’s new next generation platform. As such my team has spent the last year building some pretty cool things that everyone will see in the coming months. We made amazing progress over this…

Estimated reading time: 2 minutes

What is Code?

One of the lessons that TMitTB [The Man in the Taupe Blazer] has tried to get across to you, the big message that matters most to him, is that code is never done; after shipping the new platform (no longer a website, this is a platform), with all its interlocking components, he and his team will continue to work on it forever. There will always be new bugs, new features, new needs. Such things are the side effects of any growth at all, and this platform is, he insists, designed to scale. What no one in engineering can understand is…

Estimated reading time: 76 minutes

Going Nuclear: Modeling Threats to Distributed Systems

It probably won’t come as a shock to you that as I was writing up my last post on IoT and my new Geiger counter I was mentally reviewing all the things that scared the crap out of me had me concerned security-wise. I don’t mean the apocalyptic visions of Fallout, but about the fact that I have a device I don’t necessarily trust sitting on my network constantly feeding data to a remote server without much control by me. I’m predictable like that. Upon further review I realized I wanted to write up my thoughts on how I would protect against such an unknown, but really……

Estimated reading time: 11 minutes

IoT is Weird: Or Why I now have a Network Connected Geiger Counter

Update I have a page of data here: It’s a bit weird to imagine everything with an IP address. I’m not entirely sure how I feel about this idea. My feelings about this aside though, this is becoming more and more prevalent with the advent of cheap and powerful processors available to anyone with an idea. It used to be that you needed a team of engineers to build embedded devices that can connect to the internet, but now all you need is an Arduino, a few components, a few hundred lines of code, and a few hours to build an internet connected device….

Estimated reading time: 16 minutes

Windows Azure Pack Tenant Public API Authentication Options

Web services, as we’ve learned throughout this series, are integral to the workings of Windows Azure Pack. Every UI exposed to the user connects to the backend via web service, every resource provider is managed by Windows Azure Pack through their own web services, and 3rd party functionality can be tied in through web services. It’s an SOA world. Last time we looked at the Tenant Public API and how it uses client certificates for authentication. Client certificates are paradoxically complex beasts while also being the easiest authentication method for 3rd parties to use. This is because you don’t really need to…

Estimated reading time: 15 minutes

Web Service Authentication in Windows Azure Pack

It’s been a couple months since we last looked at Windows Azure Pack so before we jump into the thick of it lets recap. Windows Azure Pack is an awesome on-premise private cloud platform The interactive portions are broken down into two sections: admin areas and tenant areas It relies on JWTs as bearer tokens to authenticate between UI surfaces and backend web services It uses federation to authenticate users at two separate Security Token Services using WS-Federation A JWT is used as the token in the WS-Fed protocol You can use your own STS or ADFS to authenticate users All coming back now? Good!…