Readit News logoReadit News
zalmoxes commented on Backplane is shutting down   backplane.io/... · Posted by u/zalmoxes
zalmoxes · 7 years ago
I'm neither an employee nor a customer, just someone who was following the project on twitter because it looked very intriguing. I just want to say that the comments on this thread are absolutely ridiculous and I expected better. Does anyone actually think the customers would find out at the last minute? That the company would leave its users without any support? It's baseless speculation and my guess is it's totally wrong. - The company is founded by Blake Mizerany https://twitter.com/bmizerany?lang=en an engineer known for Sinatra and a bunch of other well respected projects. - The users adopting an early stage startup's product are likely friends/former colleagues who are putting personal trust into the team. Does anyone really think nobody got a heads up, or possible support deals while they migrate?

Second, Backplane really looked like great tech https://www.youtube.com/watch?v=43wFJBRTHG0

Posted by u/zalmoxes 7 years ago
Backplane is shutting downbackplane.io/...
zalmoxes commented on Show HN: MicroMDM – Open Source MDM Server for Apple Devices   micromdm.io/... · Posted by u/zalmoxes
walterbell · 7 years ago
> purchase devices from apple direct, or from an approved reseller. Unfortunately you cannot retroactively add devices that were already purchased.

So you need to provide a DEP-authorized account number to the salesperson in an Apple store? Is this possible when buying online from apple.com?

Any idea why Apple does not provide a service to test whether a device serial number is DEP-managed? It would deter attempts to resell DEP-managed devices.

zalmoxes · 7 years ago
You must buy your devices through the enterprise store, and then it is automatically linked to DEP.

Any idea why Apple does not provide a service to test whether a device serial number is DEP-managed?

Because once you know the serial number of a DEP device you can enroll into the MDM. There is virtually no security. See https://duo.com/labs/research/mdm-me-maybe

zalmoxes commented on Show HN: MicroMDM – Open Source MDM Server for Apple Devices   micromdm.io/... · Posted by u/zalmoxes
walterbell · 7 years ago
Are those the same profiles generated by Apple Configurator 2? I was able to get per-site Safari VPNs added by manually editing XML in the profile, but no success with per-application VPNs.

Commercial MDM providers only whitelist a handful of VPN client apps for per-app VPN profiles. Why are those needed when there is already a native iOS VPN client for IPSEC?

zalmoxes · 7 years ago
they should be the same, yes. You can compare the .mobileconfig file with the spec from the PDF.

That's all commercial vendors do, push these XML files to your device.

zalmoxes commented on Show HN: MicroMDM – Open Source MDM Server for Apple Devices   micromdm.io/... · Posted by u/zalmoxes
walterbell · 7 years ago
Do you know if a small business can use DEP features?

Could per-app VPNs be used without DEP? If so, could they be used with MicroMDM, native iOS IPSEC client and an open-source VPN server, or is a 3rd-party VPN client like Cisco required for per-app VPN?

zalmoxes · 7 years ago
Anyone can use DEP, just need a DUNS number to enroll into the program, and then to purchase devices from apple direct, or from an approved reseller. Unfortunately you cannot retroactively add devices that were already purchased.

DEP is not required for the VPN profile configs, that can be applied with just MDM (or even manually). The VPN payloads are documented here https://developer.apple.com/enterprise/documentation/Configu...

zalmoxes commented on Show HN: MicroMDM – Open Source MDM Server for Apple Devices   micromdm.io/... · Posted by u/zalmoxes
hsk0823 · 7 years ago
Anyone can get a push certificate, it's not just businesses,

https://identity.apple.com/pushcert/

zalmoxes · 7 years ago
MDM push notifications require to be signed by a special certificate, which is only available upon request.
zalmoxes commented on Show HN: MicroMDM – Open Source MDM Server for Apple Devices   micromdm.io/... · Posted by u/zalmoxes
zalmoxes · 7 years ago
Hi, I'm the author(along with several other developers). MicroMDM is used in some enterprise environments and was recently mentioned in a number of security presentations regarding Apple's MDM and Device Enrollment Program services.

https://duo.com/labs/research/mdm-me-maybehttps://i.blackhat.com/us-18/Thu-August-9/us-18-Endahl-A-Dee...

zalmoxes commented on Show HN: MicroMDM – Open Source MDM Server for Apple Devices   micromdm.io/... · Posted by u/zalmoxes
urda · 7 years ago
I'm curious do any HN readers manage their personal devices through MDM with their own profiles, and what benefits are you seeing from that?
zalmoxes · 7 years ago
The server is only meant for enterprise deployments. It would be pretty hard to do this on a personal level because you need to apply for an enterprise account with Apple, and request a very specific push certificate option.
Posted by u/zalmoxes 7 years ago
Show HN: MicroMDM – Open Source MDM Server for Apple Devicesmicromdm.io/...
zalmoxes commented on Go best practices, six years in (2016)   peter.bourgon.org/go-best... · Posted by u/metmirr
zalmoxes · 8 years ago
At [Kolide](https://kolide.com/) we're heavy users of Go Kit, and as a result have also adopted a lot of the style Peter recommends here. We've been slowly expanding on it with a style guide and company specific set of common libraries [here](https://github.com/kolide/kit#kolide-kit). My coworker also wrote a [blog post](https://blog.kolide.com/using-go-for-scalable-operating-syst...) on how Go has been fantastic for us and references the above style guide.

The code from go kit and [oklog](https://github.com/oklog/oklog) are great examples of idiomatic Go. Unfortunately the community at large doesn't really follow the "no init"/"no package global vars", which can sometimes lead to bad experiences importing opensource Go libs.

z

u/zalmoxes

KarmaCake day1251January 9, 2014
About
I write everything with Go, and learning Elm. https://groob.io/
View Original