[IoT] How Azure IoT would have prevented a DDoS

Two weeks ago, parts of the Internet came to a halt due to a DDoS attack. DDoS attacks have become pretty common these last few years, but usually target a specific website. For instance, attackers might target microsoft.com and start firing enormous amounts of requests to it. Due to the load, the website will eventually choke and stop responding to both the malicious as to normal requests, with the result that the website is “down”.

There were two things that made this DDoS attack a bit different:

  1. This attack was not targeting a website or webservers, but instead DNS servers. DNS is used for address resolution, which comes down to translating a normal URL (like www.repsaj.nl) to an IP address. By targeting DNS servers, the attackers managed to bring down lots of sites at once, with your PC left unable to find the correct IP address for the website you requested. So in this case, the webservers were fine but the clients didn’t have a way to reach them.
  2. The attack was largely carried out using IoT devices. This included IP-connected webcams for instance, which many people have at home.

This uncovers a large security issue with lots of IoT devices, which could have been easily prevented (or at least a lot better secured) using a back-end like Azure. Let’s find out how… (more…)

[SPO] Creating a ‘modern’ homepage on an old team site

If you’re an Office365 user, you will probably have noticed by now that the new look & feel dubbed ‘modern’ (which is a stupid name, but aight…) is slowly but steadily making it’s way into more and more parts of the overall experience. I like the modern look. It’s crispy fresh, more in-line with modern UI’s like Googles Material and Microsofts Metro Modern UI. As an added benefit, the new look should play well with the SharePoint mobile app, bringing responsive design to the table so pages remain usable on mobile devices.

But what about legacy sites?

(more…)

[Azure] AAD “You do not have permission to view this directory or page.”

I ran into this error debugging my Cordova app from Visual Studio, running the debugger locally instead of on my device. After logging into Azure Active Directory with valid credentials, the page would display this error:

“You do not have permission to view this directory or page.”

As this was the second time I had to figure out how to solve it, thought I’d do a quick post on it for my own future reference ūüôā¬† (more…)

[IoT] Limiting per device messaging & auto reset

This entry is part 9 of 9 in the series Azure Aquarium Monitor

In my aquarium monitor series I showed how to build an application to monitor a fish tank. The use of the Azure IoT components allow us to easily build these kinds of solutions based on generic components. It also allows us to scale, which makes it very suitable for scenarios with lots of devices or data.

Should you want to make your application multi-tenant, there’s no reason why you shouldn’t… or is there? What if you don’t have complete control over the clients and someone starts to send way more data then expected? Hmm…¬† (more…)

[O365] Using SharePoint boolean fields with Microsoft Flow

My previous post just now was on the topic of Microsoft Flow, the workflow-style application that allows you to perform “if this, than that” type logic linking different applications together. Basically, Flow provides you a way of automating actions by having a set of triggers, some logic and using API’s to perform actions. It wraps all of this in a nice and easy to use user interface, making this functionality that pretty much everyone can leverage. Power to the business!

In this post I want to show how I created a real-life flow to automate a process for expense declarations. The process is a really simple one:

  • We’ve created an Expense Declarations library on SharePoint.
  • We added a new Expense Declaration content type which has an Excel template for the declaration.
  • We also added¬†a boolean field “Ready” which signals the expense form is ready for processing.
  • The form should now be sent to the person handling the declarations. Of course it would be even better to send it directly into an API, but unfortunately that’s not available for us.

As said, the basic elements of a flow are a trigger, some logic (conditions) and actions. Let’s go!

 

Defining the trigger

To create the flow, we head over to flow.microsoft.com¬†and after signing in (or up), we begin with a blank flow. The first action we add is “When an existing item is modified”. This is because:

  1. The “created” action will fire off immediately after the form¬†was created and is probably still empty.
  2. The action for a modified document will not contain the correct information, our Ready field will not be present. This is supposed to be changed in the future though.

So we set up the existing item modified trigger:

flow_itemmodified

Note: because your library is a library, it might not show up in the suggestions. That doesn’t mean you cannot use it though, just type in the name and you should be good to go.

 

Creating a condition

Next, we need to set-up the condition. We want the declaration to be sent only when the Ready field is set to Yes. Because the value is stored as a boolean, the field value sent to flow will be “true”. You can check that by running your flow (trigger it from SharePoint after saving) and clicking the trigger to inspect the values coming in:

flow_trigger

Check out the value for Ready:

flow_trigger2

So now the most straightforward thing to do would be to set up the condition like this:

flow_condition

But this does not work. I suspect the engine will handle¬†“true” as a string which would give a comparison of “true == ‘true'” which is false. To fix¬†this, put the editor in advanced mode and use the following expression:¬†@equals(triggerBody()?[‘Ready’], bool(1)).

flow_condition2

bool(1) will convert to ‘true’ so our comparison should¬†now be “true == true” whenever the Ready field is set to Yes in SharePoint.

 

Setting up the action

Lastly, I created a simple e-mail action to send out a notification to the correct user. Ideally I wanted to add the file contents to that e-mail but that isn’t possible (yet) due to the “item modified” trigger which is not aware of a file. I tried several ways to get around this but didn’t succeed. You can probably get there with something customized like an Azure Function, but for now the plain old e-mail will do. Simply set-up an Office365 e-mail action to send out a mail to inform the correct user a new declaration has been added, paste in the link to the library and you’re set.

 

When I find a way to attach the file to the e-mail or send a direct link to the file, I’ll update this post!

[O365] Changing the language of Microsoft Flow

Here’s a very short post for you. I’ve been playing around with Microsoft Flow a bit, a new workflow-type tool that allows you to connect services to each other. For users of If This Then That (ITFF.com) or Zapier (zapier.com) the idea should be familiar. One little annoying issue I had is that Flow kept presenting its interface to me in Dutch, even though the documentation says it’s just in English for now.

flow_nederlands

Note how the UI is in Dutch even though some actions only display an English text. Guess that’s the “preview” part.

So I went looking where to change this as I always prefer English for these types of things, especially for blog posts ūüôā I couldn’t find any setting nor seems there to be any kind of ” my account” screen in the product. So how the heck do I get it to display in English then? Finally I found that it’s actually paying respect to the language setting your browser is sending out. And for some reason (new laptop I guess) this setting had Dutch as my preferred language.

For Chrome, you can find the setting here:

Settings > Show advanced settings > Language and input settings

chrome_languagesettings

 

After ensuring English is the first item in this list the UI changed to displaying English all around. Hurray!

flow_english

So now I can go on with creating the blog post I was meaning to write ūüôā

Update:¬†this actually does not only change the display language, it also seems to improve functionality. I’m getting more options now and things like conditions seem to better show the available fields and stuff like that.

[IoT] Aquarium monitor; controlling LED from C#

It’s been a few months now since I’ve posted the source code of Submerged on GitHub¬†and started making some noise about it on hobbyist forums like ukaps. My main goal doing so was to gather feedback about which features people would want to see to convince them to use a solution like submerged. The number one requested feature by far: controlling LED lighting. Most aquascape tanks nowadays are lit using LED fixtures. Depending on your budget, you can buy cheap or expensive ones but basically they all do the same: control the output on a fixed number of channels.

I personally own a TC420 controller. This features 5 outputs which I use to control RGB + warm white + cold white LED strips. The controller is programmable by sticking in a USB cable and using some piece of shitty software to create timebound programs. There’s room for improvement.
(more…)

el_logo

Speaking at Experts Live 2016

Thrilled to announce that my session has been selected for Experts Live 2016. As the website says: “Experts live is THE event covering Microsoft Azure, Office365, Enterprise mobility suite, Operations management suite, Hyper-V and Windows”.¬†I will be bringing a little IoT to the mix with my session on how I used Azure IoT components to build submerged. Join me November 22nd, live!

 

How I built Submerged with Azure Functions, IoT and Stream Analytics

 

Tickets are on sale now, get yours now.

Preliminary session planning: 14:45 – 15:45, Room 3

 

 

[Azure] Logging out of Azure AD oauth

In a previous post¬†you can read how I used Apache Cordova to create a client application that is linked to my back-end API hosted in Azure. For authentication, I made use of the built in authentication options of the¬†Azure Mobile Apps plugin for Cordova (GitHub). ¬†This plugin simplifies the authentication flow process, which uses¬†server flow in this case. Basically that means that our Web API handles most of the flow by configuring the Microsoft.Azure.Mobile.Server.Authentication NuGet¬†package.¬†There is also¬†client flow, where the flow is handled client-side, for more info on that check out the great blog series by Adrial Hall on Azure Mobile Apps. (more…)

[Azure] Custom Function bindings + notification tags in Cordova apps

Previously I explained how I am using an Azure Notification Hub to send out notifications to a mobile application made with Cordova (read it here). This is cool, but in that scenario every notification was being sent out to every client. This is fine for some situations but in most cases you probably want some mechanism to send out notification to specific devices or a group of people. The most used example is news: you subscribe to a couple of subjects and receive only notifications for messages linked to one of those subjects. This post details how you can achieve this.¬† (more…)