Blog‎ > ‎

OTP, 2FA, VPN, SQL, Bluetooth5, SAFE Network, IoT, ORM, PowerShell

posted May 13, 2017, 8:52 PM by Sami Lehtinen   [ updated May 13, 2017, 8:54 PM ]
  • Just so many web stores have lost sales to me, because they require paper backed OTP tokens. Which I'm not naturally carrying with me. Whenever I want to buy something, everything goes well, and I'm ready to purchase until. You have to provide this strong secure authentication to confirm purchase. - In many cases especially if buying something not so important, this means I'm not going to return ever again. Lost sales, due making the purchase process too complex and annoying to the customer. - Why I'm blogging about this again? - Well, there was some stuff on offer which I would have liked to buy, but nope. They made it too hard, so I dropped the purchase. And when I have the paper backed OTP codes, it's too late. Good thing I just saved couple of hundreds of euros, but not buying that stuff. - From conscious purchase point of view that's awesome. People should always first pre-book everything, they want. Then spent a week thinking if they really need it, and then confirm the purchase week later. - It would be just so smart. No more impulse buying junk you don't really need.
  • Same also applies to many other applications which require high security 2FA authentication. I'll login to the service, but only when actually required. Preferably weekly or monthly. Not daily, because I'm just not interested to login that often.
  • Reminded my self about strength & weaknesses of old VPN protocols including: PPTP L2TP / IPSEC / SSTP / OpenVPN (SSL) / IPSEC (IKEv2) and transports & encryption. It seems that some documentation is ridiculously failing. They claim that ESP is transferring data over UDP port 50. That's not raight. How about trying to use Protocol 50, which is NOT UDP. Everyone knows that UDP protocol number is 17. It's also good to note that IKE uses UDP port 500 for key exchange, also IPSEC AH uses protocol number 51. It's also easy to forget that TCP is using protocol number 6. And ICMP is protocol number 1. So often people are only talking about TCP & UDP and port numbers. I guess most of net users don't even know what protocol numbers are.
  • Nice, latest PostgreSQL supports table partitioning. That's something I've been waiting for a long time.
  • Bluetooth 5 - Lot's of very nice improvements, among expected lines. Longer range, low power, broadcast size, reliability and better co-operation / interference avoidance with other wireless protocols.
  • Passive WiFi where antenna just modulates signals generated by signal generator could reduce power requirements for "passive" wifi devices a lot. As well as the signal from the generator could be used to power the low power WiFi devices. Sounds like a nice idea. But could practically just make the wifi more congested and add extra RF pollution.
  • Reminded my-self about SAFE Network. Distributed, P2P, network as a platform to build services on. That's nice. I'm wishing all the good for projects like this.
  • Read ebook about Industrial Internet of Things (IoT). Unsurprisingly it didn't contain any new information. Yes, it's possible to collect lot of sensor data, it's possible to proactive maintenance, machine learning, monitoring industrial process efficiency, get better quality etc. As well as several success stories how companies utilizing such technologies have gained in efficiently and reduced costs. Sure, I can believe that. But that's nothing new. It's just basic stuff, if you're interested improving your business with such technologies. As well as it isn't anything new anymore. Best part of industrial processes is that those are often quite expensive, and something like maintenance and downtime is really expensive. So even if implementing all this costs lot of money, it's going to probably or at least hopefully save more. But some times it's not, that's why there's efficient frontier for all of this technology, savings and costs.
  • Spent some time studying PonyORM - It's nice. If I would start now new Python project which would need ORM. I probably would use Pony. Yet many of the older projects do use Peewee ORM very successfully, and I'm happy with it.
  • Studied some PowerShell stuff for Windows Server 2016 remote management. - This will be awesome tool. But I'll need to stydy it quite much more, before it being 'production ready'. - I've been looking for suitable solution, but I guess this will be the solution with minimal overhead. So far so good. Yet again, this is stuff which still requires quite much knowledge and maintenance. So even if it's low overhead, it's no overhead by no means.
I'm doing double posts per week again, because I've got a backlog of posts for roughly a year.