Posts by casperghst42

I got an Apple Macbook Air 11" from 2011 (i5) which is too slow for macos to be intersting, but it runs Ubunto Desktop 20.04 LTE without problems. What is intertsting is that the Apple TB1 GbE adaptor works without a flaw .. also it's nice to have an linux when the rest does not want to do what you want it to do.

And that is why…

I’d would never use Debian in the desktop (GUI), server yes.. desktop no. There Ubuntu would be a better choice.

Interesting read from a write which misses the most obvious about IAM and why it is so difficult do right. The tool of the trade is mostly something like NetIQ Identtity Manager (I do not work for the company) (or something else which can be changed to fit the organization), then this is connected to something like Okta for provisioning (and authorization) , Okta is then using the on Prem-AD (or Office 365) for Authentication.

And as a previous comment said; all identities start from the HR system ... and nothing should be done manually - people make mistakes (often).

RBAC can be done with online tools like NetIQ Identitty Application or Sailpoint - does not matter as long as it's online and that users can request access (roles/premissions) which are granted "now".

Any organization who is using tools like Excel for RBAC administration will at some point end up in a management nightmare.

The biggy, which no one talks about is "red button", if an employee is let go, then the identity needs to be locked down immediately, which only works with systems which act on events - which many of these systems do not.

And lets not forget about Access Governance ... reporting, a tool which suck out all the information and will report if there are things (rights) which should not be there, and especially if they are assigned to people who should not have them.

IAM is complicated, and require knowledge not only about the choosen tool, but also about all the systems which you connect it to (AD, LDAP, SQL, Unix, Cloud, REST, SOAP, etc, etc, etc.).

But it's madly fun to do....

Micro Focus will not be happy

Micro Focus will not be happy as Cobol is their bread and butter.

Fight for Survival

What many don‘t remember is that the AppStore made Apple a wealthy company. The iPod made them richt, the AppStore and iPhone/iPad made them filthy rich.

If they loose part of the income from the AppStore then suddenly they will no longer make billions every quarter, and that is for them not acceptable.

I done feel sorry for Epic Games, but for the humble developer, who maybe sell a few thousand apps on the app store for less than 5$ a pop, having the Apple tax being lowered will make a serious change.

5G patents....

What is interesting is that Huawei got some fundamental patents in connection to 5G, without licensing these patents there will be no 5G role out, and Nokia and Ericsson are at least 1 year behind Huawei in development of 5G ...

This is political, and is being used by Trump to get China to move on the Trade agreement, which he want to "fix", but it might end up causing the rollout of 5G to be delayed by years.

Overly complicated

I still remember when IPv4 started becoming popular back in the early/mid 90's, back then it was wooooo complicated - especially for the people who came from DEC, IPX or what ever was used back then (IPX over routers was basically crap), but I guess we all more or less mastered IPv4 reasonable fast.

Over the years I've been trying to ger my head around IPv6, and I am still not able to find a IPv6 for Dummies which can explain me the basics in a reasonable easy and understandable way - I do this for fun, not for work...

They have made IPv6 overly complicated, it's like you have to know more or less everything, before you start with the stuff, otherwise you'll end up having a network which might work, but you don't know why - and if you connect it to the internet you can't hide behind a NAT'd firewall - which is really really bad.

And don't get me started on the notation, I've entered thousands of IPv4 address on my keyboard, on a numeric keyboard everything is there 0..9, and a '.' - everything which is needed. Try that with an IPv6 address ... right... see, got my point.

I guess the universe is waiting for the next IP stack, which probaly will be an IPv16, which will be fully automatically discoverable, and have a functional (and understandable) security build in. Well I can always hope.

IPv6 is there, but how many people know enough to implement it securily...

When one thinks that in Germany the norm still is 15mb/s for anyone who live outside larger population zones, then yes, the 200mb/s would be impossible to reach.

In some countries is the "normal" minimum speed 100mb/s; try to discuss that with German Telekom - they still live in the last century. They are quite proud of them self, as they are now upgrading to a minimum speed of 50mb/s ..... and the prices are almost 2x to what it cost in countries like The Netherlands and Scandinavia.

Saying that they provide the tools for customers (businesses) to use, and they will store the data for them, might not be enough to be GPDR compliant. Just wait until the EU is getting around to audit them ..

Jimmy Wales and PETA are so full of it.

And if the monkey would have been the copyright holder of the photo, who would have collected the royalties - PETA?

They are as shitty and corrupt as everyone else..

And this new release approach, will make it better and easier for people to use Java ... I guess these people are doing thier best to discourage people from using Java, and by that Oracle has won.

I read somewhere the migration to Windows is mainly driven by Office. If that has changed I do not know.

I do use python, but I still find it very silly that they refuse to implement a switch .. case statement, it causes one to end up with very clunky code.

One of the reasons why Ford introduced the SUV was that it's a mini-van/truck not a car, and therefor is not tested to the CARB standard ....

Authentication services / Identity Management ....

There is nothing worse than using diffrent Authentication Services where the password is not synchronised ... Why on earth does organisations no have a proper solution in place to handle identities and passwords ... it's not that difficult. And that also moves the discussion into identity / access management life cycle management.

Why a private company, why not a non-for-profit organization. IANA is a cross country organization, and we all know how a for-profit org would work .. badly.

Looks like there still is a reason to use Solaris / BSD and not Linux.

It's not only Chrome which have the problem, also Safari.... So it looks like Google have found away around AddBlock ...