Disclaimer: I’m not paid or engaged by Droplet Computing. And I wasn’t offered any trinkets or inducements for writing this series of posts. I’m just interested in what they are doing. The CTO is a former colleague of mine from VMware, and admire anyone’s hutzpah to walk away from the corporate shekel to do their own thing.

 

This is going to be series of blogposts about Droplet Computing. I’m trying to eschew my usual TL:DR approach to blogging in favour of an approach that more reflects the gold-fish style attention spans that scrolling news has engendered in the population at large.

In case you don’t know, Droplet Computing does “Containers for desktops”. This is the kind of typical “company-as-sound-bite” that is used as shortcut to describe what a company does. If you want to some more technical detail check out the blogpost that will join this series.

The simple idea is delivering end-user applications for Windows, Mac and Linux in a container. This is NOT your 2006 desktop virtualization (so not “Year of VDI” narrative that vendors have being flogging like a horse deader than Mrs May’s Brexit Deal), and nor is it the application virtualization that involves “capturing” and “sequencing” applications into a special runtime (aka AppV, ThinApp and dozen other wannabees).

With Droplet Computing, applications are installed natively to an OS library held within the container, in such a way that anyone who knows how to click “Next” could build the environment.

So, the newslets are this.

A Special Person joins Droplet Computing

No, not me. I’m not that special.

That very special person has joined Droplet Computing as non-executive director.

Who?

Adam Denning.

Who’s he?

None other than Bill Gate’s former technical advisor. That’s who.

This is “big” for a number of reasons. It’s a vote of confidence in Droplet Computing. It’s big because Droplet Computing is tiny (I think there’s less than 15 people currently engaged – I could be wrong about this figure) So the arrival of such an industry heavy weight is relatively and cosmic significant. Adam’s the kind of figure that would convince folks being paid hefty sums working at some oil tanker corporate to do something infinitely more interesting – and riskier… But there’s something more as well. It’s about sending a message that Droplet Computing is in it for the long game. I mean who knows what the future brings, but when heavy weights like Adam join there’s something take note of…

This is what Adam has to say about himself on Linkedin…

“Technical strategist and architect with proven software delivery skills. Over 25 years’ experience with Microsoft in varied technical roles, the last 22 in its corporate headquarters in Redmond, USA, and including a 3-year stint as assistant technical advisor to Bill Gates. Led teams of over 100 people with multi-million-dollar budgets and delivered products used by 100s of millions of people around the world. Deep technical knowledge, thorough strategic thinking capabilities and extremely quick learning. Significant customer-facing work, oriented around developer strategy, working to ensure customer success and gathering feedback to improve Microsoft’s products. Presented and communicated at CxO-level, at 5 to 5000+ attendee conferences, and published books, magazines and blogs. Recently led the evolution of Microsoft’s platform strategy around Windows and its derivatives.”

This is a chap who hasn’t just management stuff. See I told you it was vote of confidence. That’s about as much as I could glean from Google aside from….

The other thing that’s nice about Adam is his natty selection of bowties. Bowties are super cool. And have been ever since Dr Who announced this that it is a truth universally acknowledged, that a man in possession of a good fortune, must be in want of a bowtie.

Photo courtesy of Linkedin. Bowtie source unknown.

 

Droplet Computing Security Testing

The 1,000 foot of this NewsLet is that they passed with flying colours. Okay, case closed… Well, not quite. The whole point of this sort of testing is to shout it out from the roof tops so folks are convinced your product is safe to use. This is especially true of Droplet Computing since their first use case is about allowing legacy applications associated with legacy operating systems to continue to run on OS’s that are still current and patched.

A couple of years ago the UK was hit by WannaCry, by a wave of WindowsXP instances that could not be protected (because Microsoft saw fit to keep the patch to themselves). Our beloved National Health Service was perhaps the most impacted, as they have a LOT of applications still in use that are too expensive to refactor and rebuild for a new OS. Sadly, the whole thing got politicised by the media and others, and the narrative became dominated by wider concerns around underfunding our NHS. The situation is somewhat more nuanced. Even if the government’s cup of money was overflowing, it would probably still be decided that to maintain the older system was the best use of resource.

Incidentally, some might say this use case is dangerous because it means Droplet Computing is chasing a diminishing market of legacy applications that will one day be so redundant they will be switched off. I think this thinking is a bit woolly. Firstly, what is current today will be legacy in 5 years’ time, and IT history has a habit of repeating itself – the first time as tragedy, the second time as farce. But secondly, I could easily see customers loving Droplet Computing so much they choose to make it their de facto method for deploying new and current applications. Okay, so I know that’s a grand claim. And it remains to be seen. We will have to see if customers bite the Droplet Computing cherry.

Anyway, Droplet Computing engaged the services of NCC group to do the tests. The assessment was conducted from February 14 to February 18, 2019 on a Windows 10 laptop with two Droplet Computing containers, one containing Windows XP, with a variety of outdated software, including Office 2010, and the other with Kali Linux containing a large number of malicious tools useful for breaking out of the container. The main outcome of the report was that the container service was not accessible remotely, a huge advantage for organisations in securing enterprise applications. Here’s what NCC Group reported…

“The system being assessed allowed organizations to run existing applications within a secure containerized environment within a browser. The portability of running in a browser would allow these organizations to decommission unsupported and vulnerable operating systems in place of fully updated and supported versions, while still being able to use production software.”

Stop! Read that quote back again. Now read the bit in bold and italics again. Interesting, huh?

Droplet Computing is now using these results and working with NCC and Public Sector clients to achieve Cyber Essentials PLUS accreditation. Cyber Essentials is a UK Government-backed, industry-supported scheme to help organisations protect themselves against common online threats. The idea is make the UK the safest cyber location on the planet. Assuming some civil servant doesn’t download everyone social security details to a USB stick and leave on a commuter train to Northholt.

https://www.theguardian.com/uk/2008/oct/28/terrorism-security-secret-documents

https://www.huffingtonpost.co.uk/entry/government-staff-lost-more-than-600-laptops-phones-and-usbs-in-last-four-years_uk

http://news.bbc.co.uk/1/hi/uk/7449927.stm

Admittedly, a lot of these cases are more than a decade old now. Things have moved on, except for government ministers who persist in carrying important documents of state in full view of the media.

https://www.telegraph.co.uk/news/politics/8731143/Minister-accidentally-reveals-Afghanistan-documents.html

Summary

So, a senior Microsoft guy onboard, and PEN Testing complete. Pretty handy dandy. I think Droplet Computing is finally positioning it to release their first 1.0 product, less than a year after showcasing “minimal viable product” or proof-of-concept at last year’s TechField Day when they came out of “stealth”. The PEN Testing is interesting. I figure it will be constant balancing act between providing the features customers desire, against maintain the security credentials. However, as VMware demonstrated with ESX. It helps if you can set a good baseline of security from the get-go, rather than retro-fitting it once the horse and your credit card details have bolted.

Next up, and practical and technical hands on walk thru of the product today