Archive for the ‘cloud’ Category
Posted by BPuhl on December 7, 2010
Posted by BPuhl on October 15, 2010
Ken posted a great article about how to configure OWA for ADFS authentication: http://www.theidentityguy.com/articles/2010/10/15/access-owa-with-adfs.html
Posted by BPuhl on October 14, 2010
…the problem is, that instead of trying to make what we have work. Every software architect believes that that their <widget> will be the solution that everyone adopts…
Typing this, reminded me of something else that I heard recently, which was along those same lines…
Of course my idea on the whiteboard is better than all the code that you’ve written!
Posted by BPuhl on May 5, 2010
Released To Web:
Posted by BPuhl on March 17, 2010
Scott Berkun recently blogged that “Cloud Computing is a bad metaphore”. His reasons are:
Gotta say, that with my experience so far…actually… it’s pretty accurate…
Posted by BPuhl on February 13, 2010
At least let it be a good password: http://www.cxo.eu.com/news/password-protected/
Posted by BPuhl on January 20, 2010
Read an interesting article at http://redtape.msnbc.com/2008/08/almost-everyone.html on the issues/weaknesses of password recovery schemes.
Most everyone remembers when Sara Palin’s Yahoo mail account was hacked, because her password recovery questions were easily discoverable. One thing that I thought was interesting in the article though, was the idea of a “black market” for personal information – let me go buy a profile to find out the name of your dog, your favorite restaurant, etc… How would people come up with this information in the first place, are there secret spies in black trench coats following everyone around taking notes on everything they do? I have no idea…
…in other seemingly unrelated news – has anyone else taken all those funny Facebook quizzes where you answer questions about yourself, and they tell you how long you’re going to live, what your zodiac sign means, and things about your shopping habits and sexuality that you never even realized you knew? There’s got to be a thousand of those things out there… I’m sure glad that Facebook is much safer than the dangerous “internet”!
Posted by BPuhl on January 8, 2010
More fun in the federated cloud world. Traditionally, with EASI ID’s, the Email As Sign In meant that your user name was your email address. However, with federated ID’s, we’re sending a users UPN as their login ID, which may or may not map to a valid email address (in many cases, it doesn’t).
So what do you do then, if you have an application where a user can invite another person to access a resource? This is pretty common, I want to share a file on my skydrive, so I allow email@example.com access to the file, which also triggers a mail to firstname.lastname@example.org inviting them to sign up for a new Live ID if they don’t have one already, and if they do have one, then they can log in with it and access the file.
Unfortunately now, the person ACL’ing the file knows the users email address, but NOT their login name.
The answer will likely be some form of “click here” key in the invitation which will allow the application to associate an email address with an ID, but because this hasn’t been required in the past, it’s going to take some time for applications to adjust.