We share pictures of nearly every moment of our lives (and our kids’ lives) through social media. That’s great for distant relatives that can handle a smart phone, but what about those that can’t? I recently setup a cheap Android tablet as a remote controlled digital photo frame.
I wanted a setup where the user wouldn’t have to do anything at all. The photo frame should start automatically in the morning, show photos during the day and shut down in the evening. No user interaction should be required at all. I also had to make everything remote controlled as it would be located about 500km away, without anyone nearby that could handle any tech support. Last, but not least, it’s important that it’s as easy to share to the photo frame as to any other social media from a mobile phone.
In a recent project using Azure, SSL worked perfectly on all devices – but those running Android 2.X. It turned out that legacy Android has limited support for modern SSL/TLS features such as SNI and subject alternative name.
Getting TLS configuration right nowadays can be quite tricky. Google Chrome is aggressively pushing for deprecation of old insecure standards by showing warnings or even errors on sites using deprecated https settings. Using a certificate issued merely two years ago, with the standards where common then now shows an error because the SHA-1 algorithm is not considered to be safe for the two remaining years of the lifetime of the certificate. The Google Chrome team is definitely pushing hard for moving web cryptography to safer grounds.
On the other end of the scale (no, I won’t be complaining about Windows XP, it’s not that much of a problem any more) is another Google product: Android. Even with the blazingly fast technology development, people are (IMHO rightfully) expecting a multi €100-device to last for more than a few years. That means that a lot of devices out there are still running Android 2.X. In this particular project, the target audience are not that tech-savvy. A lot of the users even have had to invest in their first smart phone, making their call-and-sms-only phones to history. With that audience, we had to support those old devices. On the other hand SSL warnings or errors in Chrome was unacceptable, so we had to find something that worked for all those platforms – and we did. Oh and by the way, the budget was really, really tight, so we had to find something that wasn’t too expensive.
A few days ago I saw a tweet about a new font called Hack. It’s a font that’s designed specifically for programming. No more doubts if it’s an O or a 0. Clear, enlarged punctuation for ; . ,. It’s just brilliant.
This is an announcement of two new related features in the Authservices SAML2 StubIdp, AttributeStatements and user lists.
Until now the only identification related element supported by the StubIdp was the Subject NameID.
In many SAML2 installations additional data, like roles and full name, are included as AttributeStatements. This has been supported by the AuthServices library, but it has not been possible to generate testdata with the StubIdp.
Now we have implemented a dynamic list of AttributeStatements in the StubIdp.
I’ve not written anything here for more than a month and I’d like to make a short off-topic post to explain why. In the end of May our third kid arrived to the family. He’s a healthy little boy, but even though he’s still small, he’s wreaked havoc to my ability to plan my time. Just as it is supposed to be. But that means blogging hasn’t been on the priority list.
I’m living in Sweden, where the possibilities to spend time with the kids (even as a dad) is totally awesome. It’s easy to take things for granted and it’s not until I discuss how to balance family life and work with people from other countries that I fully remember just how awesome it is here.
The biggest thing is the parental leave. For every child the parents gets 480 paid days to stay at home and care for the child. Counting only work days, that is nearly two full years of paid leave.
The thing that usually surprises non-Swedes the most is that those paid days are not tied to the mother, but to both parents. Actually 60 days are non-transferable, meaning that if the dad doesn’t use them, they are void. Personally I’ve been staying at home with my two older kids for about half a year each and I plan to do the same with the baby, once my wife get back to work. Oh, that’s standard in Sweden too – Mothers are usually working.
When she returns to work, it’s my turn to stay at home on state pay. But, there is actually a limit on how much the state pays for during parental leave. The maximum pay is about €100/day (before tax) and salaries in the IT sector are often much higher than that. But as I’m working at a generous company they actually fill in on top of the public payment, so I get 90% of my salary for spending 6 months with my son. That’s awesome (did I mention we’re hiring?).
Once I get back to work, my son will go to daycare. Children in Sweden usually start daycare from somewhere between age 1.5-2 years. Daycare is heavily subsidized. We pay about €120/month per child for daycare. That’s roughly 10% of the real cost. On the other hand I can confirm that the rumors are true: We do have high tax levels in Sweden, but in my opinion we’re also getting a lot back.
For now this means that I’m taking a long summer off and spend the time with my family. There will probably be blogging done, but not as frequently as when I’m working.