Hacker News new | ask | show | jobs
by RyanPringnitz 1894 days ago
I work on a use case that leverages Samsung DeX and secondary displays with keyboard/mouse. Applications are refactored to run on native Android, or accessed on HTML5 sites. What Win32 is left is accessed on VDI.

The solution supports MFA step-up auth to login to device, local print, proxy's traffic, per app vpn. Endpoint threat detection products for Android have more capabilities than ever. You can specify approved IP addresses, countries that traffic can communicate with. You can provide a list of approved WiFi BSSID.

With these mobile security SDK's embedded in native Android apps, functionality with the apps can be limited based on threat infractions.

E.g. - if the device magically became rooted while authenticated in android native app, or connects to rogue BSSID; the app performs whatever actions (terminates vpn to intranet, logs threat event on public facing endpoint, force re-authenticate with MFA.)
1 comments
pjmlp 1893 days ago
Great, in what shop can someone buy it?
link
RyanPringnitz 1893 days ago
Where can someone buy Samsung DeX? I believe it is natively supported on all Samsung devices. E.g. - it is possible to buy a Samsung Tab S7 at a retail store, use a secondary display with built in USB-C PDP, and then bluetooth keyboard/mouse for interaction.

If you are looking to replicate the setup with MFA, proxy, per-app vpn and more; VMware's Workspace ONE product lineup will, along with Zimperium's mobile security SDK. While we can't rewrite all your apps from Win32 to Android for you, we can help you rewrite them to use OIDC and auth with a IDP of your choice.

Full disclosure; I work at VMware.

Personally, I think the power savings along is impressive. A tablet consumes a fraction of the power of a thin client running VDI or mATX desktop. Users get a device that feels modern, mobile-by-default and cutting edge. The business gets to realize electricity savings. At the same time, the business gets to redesign apps and services to run on mobile, so they can get rid of tech debt in win32 app design choices.

link
pjmlp 1893 days ago
So a specialized setup, no different than typical IT setups that most Windows shops already have in place with AD, policy groups and hardware assisted sandboxing.

And completely out of reach as the typical setup most people buy for their homes.

link