Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

NHS staff (at least in my local authority) do have cards that they put into their keyboards to login to Windows.

It's still a joke that all systems don't hang off their AD/LDAP/jumpcloud/whatever though.




With the SunRays you’d login to everything, pull your card and your session and applications would still be running on the Solaris server in basement. Put the card back in and your session and applications would be right back to where you were. So unless applications automatically log you out after some time, there would be no reason to log in again.

Sure you’d still not have SSO, but you could just let everything running, logged in, in your session on the server.


That's how a modern Windows Terminal Server/Citrix/whatever infrastructure works, smartcards and all.


* Nobody uses windows terminal server for anything serious, because of its reputation for security holes (which may or may not be outdated, but y'know, "java is slow" etc etc).

* Nobody likes Citrix, even (or particularly) when they use it every day. The amount of compromises and hoops that app developers have to consider to deploy on it, is significant.


> Nobody uses windows terminal server for anything serious, because of its reputation for security holes (which may or may not be outdated, but y'know, "java is slow" etc etc).

Entire companies run on remote desktop. It's the industry standard, at least here in Germany. I'm working with a lot of enterprise customers and I never heard about particular security concerns with RDP. If anything, the protocol has an excellent security track record.


Cool, I did not know that.

Why any organisation would choose to deploy regular desktops if this option exists, and why wouldn’t someone like the NHS not already be using this?


> and why wouldn’t someone like the NHS not already be using this?

We all say "The NHS", but it's made up of a bunch of different companies.

https://www.nhsconfed.org/resources/key-statistics-on-the-nh...

    135 acute non-specialist trusts (including 84 foundation trusts)
    17 acute specialist trusts (including 16 foundation trusts)
    54 mental health trusts (including 42 foundation trusts) 
    35 community providers (11 NHS trusts, 6 foundation trusts, 17 social enterprises and 1 limited company)
    10 ambulance trusts (including 5 foundation trusts)11
    7,454 GP practices12
    853 for-profit and not-for-profit independent sector organisations, providing care to NHS patients from 7,331 locations13


Virtual desktops are a whole different ball of horror. Sometimes giving everyone a plain old PC is a ton cheaper than figuring out how to troubleshoot the super expensive nightmare server that has to handle the load of replacing everyone's PCs.


Because Citrix is horrible and expensive, and TS is (thougth to be) too weak (and again expensive).


> It's still a joke that all systems don't hang off their AD/LDAP/jumpcloud/whatever though.

What do you mean? That some other NHS systems have their own directory of users, or there is a master user/pass shared by everyone?




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: