Brian Madden TV #11 - Citrix Synergy Preview, Pano Logic's zero client, and a phone call with Nivio

In this week's episode of Brian Madden TV, Brian and Gabe discuss next week's Citrix Synergy event, including a run-down of the sessions they'll be giving.

Then Brian heads down to Menlo Park to talk to Aly Orady, CTO of Pano Logic. Pano has built a hardware device that extends the Windows desktop across a network. They call this thing a "zero client" because it's kind of like a thin client in concept, although there's no firmware or anything, so it's thinner than a thin client. (Think of it more like a graphics card that has a USB port on it and that connects via TCP/IP instead of PCI.

Finally, Gabe has a conversation with Sachin Duggal, CEO of Nivio, our random vendor of the week. Nivio is an online provider of cloud-based desktops, apps, and storage, both to consumers and businesses.

View All Videos

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Hi guys,


You mention in every video that if you wish to purchase advertising space on your videos, you should visit www.brianmadden.com/tv and click on advertising. Hmm, where ? There is no advertising link...


Cancel

NIVIO - Review


The Guy who is in video claims that Nivio is the secured software build by his company, it took me only 3 minutes after i logged on to one of the server called Tanaya2 and i was able to access there homedirectory stored in one of the non-secured clusterd environment which these guys build.


Was able to access there code...


Here is an example of that:


File Name : Nivioapi


-


-


STR_T_RejectedUsers_Select_Where_UName_Pass_Query


SELECT N_RUserId, S_UserName, S_Password, S_RejectionMode FROM iRWS_M_RejectedUsers WHERE (S_UserName LIKE '?') AND (S_Password LIKE '?') AND (S_RejectionMode = 'W')


-


-


STR_User_Logon_TS_details


select UsrLog.n_eventid, isnull(UsrLog.S_MachineName,0) as MacName, isnull(TSMap.ExternalIP,0) as ExtIP, isnull(TSMap.InternalIP,0) as IntIP, isnull(TSMap.Port,0) as Port from irws_m_userlogaudit as UsrLog left outer join NivioTSMapping as TSMap on UsrLog.S_MachineName = TSMap.MachineName where n_logauditid =?


-


STR_User_Logon_TS_SessionState


select isnull(max(n_logauditid),0) from irws_m_userlogaudit where S_UserName = '?' and B_Isvalid = 1


-


-


-


-


-


STR_GetCountry_Select_Query


SELECT Region.RegionId AS RegionId,iRWS_M_CountryMapping.Country AS Country FROM Region INNER JOIN RegionDetail ON Region.RegionId = RegionDetail.RegionId INNER JOIN iRWS_M_CountryMapping ON RegionDetail.CountryCode=iRWS_M_CountryMapping.ISO_Code


-


-


STR_GetStoragePath_Select_Query


select paramname,paramvalue from region where parentid in (select parentId from region where RegionId = '?')


-


-


STR_GetRegionID_Select_Query_UserName


SELECT RegionDetail.RegionId,Region.ParamName,Region.ParamValue FROM Region INNER JOIN RegionDetail ON Region.ParentId = RegionDetail.RegionId INNER JOIN iRWS_M_Users ON RegionDetail.CountryCode = iRWS_M_Users.S_ISO_CODE WHERE iRWS_M_Users.S_UserName = '?' or iRWS_M_Users.N_UserId = '?'


-


-


STR_UpDate_AdTable_Query_UserId


UPDATE AD_USER_MASTER SET IsProfileCreated =0,IsUserLogin =0 WHERE User_ID = ?


-


-


STR_Select_Ad_User_Master_UserId


Select IsProfileCreated AS Profile,IsUserLogin as Login from AD_USER_MASTER where User_ID =? and IsProfileCreated = ? and IsUserLogin = ?


-


-


STR_Insert_InTo_NivioRoam


Insert into nivioroam(?)values(?)


-


-


-


-


STR_Select_From_UserDetail


SELECT users.N_UserId, users.S_UserName, users.S_Password, users.S_ISO_CODE,users.dt_createddate, userdetail.S_Title, userdetail.S_FName, userdetail.S_LName, isnull(userdetail.B_Gender,0) as B_Gender, isnull(userdetail.DT_DateOfBirth,'1/1/1900') as DT_DateOfBirth, userdetail.S_Occupation, email.S_EMail, Isnull(telephone.N_TelephoneCountryCode,0) AS N_TelephoneCountryCode, Isnull(telephone.N_TelephoneCityCode,0) As N_TelephoneCityCode, Isnull(telephone.N_TelephoneNumber,0) As N_TelephoneNumber, countrymapping.Country, countrymapping.Region, countrymapping.Capital, countrymapping.Currency, countrymapping.S_CurrencyCode, isnull(countrymapping.F_USDConversionFactor,0) as F_USDConversionFactor, countrymapping.S_Symbol, isnull(countrymapping.B_IsBaseCountry,0) as B_IsBaseCountry, isnull(countrymapping.N_TelCode,0) as N_Discount, users.S_FirstTimeLogin, users.s_Flag, users.N_OrgId, isnull(MailConfirm.dt_confirmdate,getdate())as dt_confirmdate FROM iRWS_M_Users users LEFT OUTER JOIN iRWS_M_UserDetails userdetail ON users.N_UserId = userdetail.N_UserId LEFT OUTER JOIN iRWS_T_UserEMail email ON userdetail.N_UserId = email.N_UserId LEFT OUTER JOIN iRWS_T_UserTelephone telephone ON email.N_UserId = telephone.N_Userid LEFT OUTER JOIN iRWS_M_CountryMapping countrymapping ON users.S_ISO_CODE = countrymapping.ISO_Code left outer join niviouseremailconfirm MailConfirm on users.N_userId =MailConfirm.N_userId WHERE ((users.S_UserName LIKE '?') or (users.N_UserId = '?'))


-


-


STR_Select_From_NivioRoam


select N_DestinationId as DestinationId,N_SourceId as SourceId, S_Password from nivioroam where N_UserId = ? and I_RoamStatus = '?' and B_IsValid = ?


-


-


STR_Update_NivioRoam_Dynamically


update nivioroam set ? where ?


-


-


STR_ReturnUserId_Irws_M_Users


select N_userId, b_isvalid as Isvalid from irws_M_users where S_userName='?'and S_Password ='?'


-


-


STR_Insert_InTo_NivioMessage


insert into NivioMessage(S_UserName,S_Mode,N_MessageStatus,S_Message,DT_NextMessageTime,N_OrgId,B_IsValid,S_Remarks,N_CreatedBy,DT_CreatedDate,N_ModifiedBy,DT_ModifiedDate)values('?','?','?','?','?','?','?','?','?','?','?','?')


If you want i can copy paste the data from


1) MyGlobalServer.dll


2) SMXutilities.dll


First learn how to secure your servers then sell and claim your product "SECURE"


Best Wishes


GSmith


Cancel

Thank you for pointing this out.


What  you have accessed are the SQL queries that are part of the upcoming


public APIs which we are releasing to facilitate other providers to


integrate with Nivio. Since the schema of the database could theoretically


be inferred from parts of it, before going live, this will be encrypted; our


team is already in the pipe for doing this.


Thank you for bringing up the actual access of this which we now realise is


due to the fact the machine was brought online to the Grid after a reboot


before GPO had been fully applied so you got in under the Group Policy


Blanket - we have now made sure each machine is security tested after a


reboot.


Please note that all user data is encrypted and no access to either users'


confidential data nor to the Nivio Grid is possible using this information.


We encrypt all passwords using hashing and we do file-system level security


to user level data.


Best regards,


Raghav Kapur, Senior Technical Officer, Nivio SA


You can email me on rkapur@nivio.com if you have any more questions.


Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchEnterpriseDesktop

SearchServerVirtualization

SearchVMware

Close