Hampshire Wireless Network Security

iOS 10 gives hints about how to make Hampshire wireless networks more secure. What’s that about?

If you have a device that runs iOS 10 you may have noticed that it offers hints for improving the security of wireless networks, in particular Hampguest, Wallace, and Gromit, but not for Eduroam. There’s nothing you need to do to improve the security, but all of us should understand the basics of the security issue so we can make the best choice.

Limiting Access to Wireless Networks
There are ways to limit who is allowed to connect using wireless networks. At Hampshire we limit access to the Wallace (faculty and staff) and Gromit (student) networks by requiring a Hampshire account be entered to register each device used on those networks; Hampguest is open for the public to use while on campus. This helps us keep our IT infrastructure somewhat protected, as well as helping to keep wireless traffic within our capacity.

Wireless Network Data Security
What simply controlling access to a wireless network does not do is to encrypt the information that you send over the wireless network. Data that is not encrypted is vulnerable to being intercepted by a nearby hacker. Keep in mind, though, that information you send to secure http sites (web addresses that start with “https”), as well as our email system (and hopefully any current email system), are encrypted by protocols enforced by those systems.

Wireless networks that are encrypted protect the information you send from your computer so that an eavesdropping computer cannot decipher them. There are different methods of encrypting, with a WPA2 encryption method being the current standard.

Eduroam is the Encrypted Wireless Network on Campus
Of the Hampshire wireless networks, only Eduroam provides this encryption protection. We strongly recommend that the Hampshire community use Eduroam whenever possible. Eduroam does provide access to file servers and printing for faculty and staff, but there are Hampshire web services that are not currently available on Eduroam; if you run into problems accessing a service, try switching to Wallace to see if it works.

We are planning to eventually discontinue Wallace and Gromit, and switch entirely to Eduroam. It is a good idea to set up Eduroam sooner rather than later, not only to take advantage of its security features, but also because it is available at many other educational institutions.

Learn more about Eduroam

WebUI 5 for Colleague

WebUI, the web user interface you may use to access Colleague will be upgraded to a new version in the next few months.  This new version will no longer require the use of Microsoft Silverlight plugin, which means you can use any of your favorite browsers such as Firefox, Chrome or Safari.

Please note that WebUI  is not TheHub.

Why a New Version?

The current version relies on Microsoft Silverlight plugin which is problematic for several reasons.  Foremost, Silverlight is begin decommissioned by Microsoft and will no longer be supported in the near future.  Secondly, changes by Chrome make Silverlight mostly non-functional.  Lastly, WebUI 5 will now use HTML5, the latest standard for web development.

When Will I See the New Version?

Over November we will have the new version of WebUI installed in our test environments and users will be notified to try it out.  We anticipate installing it in production around Thanksgiving, but that is speculation at this point.

You can view highlights and a demonstration at HampTV .

What Forms Have Changed?

You may notice slight cosmetic changes to a handful of forms now, before we install the new version, to make them work better under WebUI 5.  In particular:

Contribution Entry Defaults (CNED)
Solicitation Track (MDSO)
Matching Gift Entry (MGE)
Proposal (PRSL)
Recognition Program (RGPM)

GL Account History Inquiry (AHST)
Approval GL Class Maintenance (APGL)
Fixed Asset Maintenance (ASST)
Base Budget Projection (BCBP)
Reporting Units Budgets (BCRU)
GL Class Definition (GLCD)
Other Fixed Asset Information (OFXM)
Purchase Order Summary List (POIL)
Tax Codes (TXCM)
Vendor Register (part of VENR)
Work Order Labor Entry (WOLU)
Work Order Materials (WOMU)

Buildings (BLDG)
Contact History (CON)
Employment Detail (EMPD)
Fixed File Fields (ELFF)
Resolve Relation Addr Dupls (ERRA)
High Schools Attended (HSA)
Person Privacy Warnings (PID5)
Rooms (RMSM)

Benefit/Deduction Cost Update (BCDU)
Employee Taxes (ETAX)
Person’s Leave Plan (PLEV)
Pay Funding Information (PPFI)
Person’s Wage/Salary (PWAG)

Award Detail Entry (AIDE)
Academic Program Requirements (APRS)
AR Summary Inquiry (ARSI)
AR Term Summary Inquiry (ARTI)
Award History (AWHT)
Books (BOOK)
Direct Loan Application (DLAN)
Department of Ed Import (DOEI)
Financial Aid Status Info (FASI)
FA Update Parameters (FAUP)
Invoice Due Date Formula (IDDF)
Parent FA Demographic Data (PI16)
Parent FA Demographic Data (PI17)
Payment Plans (PPLN)
Academic Programs (PROG)
Calculate Return of Funds (ROFC)
Sections (SECT)-Note that SECT has had its detail fields moved, but the field sequence is still the same.
Immediate Payment Control Parameters (SFIP)
Section Offering Info (SOFF)
Student Profile (SPRO)
FA Student Comments (STCM)
Student Term Detail (STDT)
Transcript Requests (TRRQ)

I’m Not Sure What All This Means

If you have questions, send them to colleague@hampshire.edu and we’ll be happy to help you.

macOS Sierra

If you have a Mac you may have noticed the offer to upgrade to the latest version of the operating system, macOS Sierra. Here’s our breakdown on whether to upgrade.

[Note that with the introduction of Sierra, Apple has changed its naming conventions from “OS X” to “macOS”, similar to their mobile operating system “iOS.”]

New Features in Sierra
Sierra has several new features, but nothing that we have found to be essential:

  • Siri, Apple’ voice-command system, is a part of macOS Sierra. This allows you to talk to your Mac instead of typing in search commands or using menus for basic commands. Apple does tout several other ways to use Siri, but we haven’t integrated those into our workflow. Being able to talk to our phones seems like a really useful feature, but we aren’t sure how helpful it is to be able to talk to our computers, even in a home environment; in an office environment we have not found Siri to be appropriate or useful.
  • You can copy and paste between your iOS devices and your Mac. We haven’t even wrapped our minds around that one, let alone found a use for it.
  • There is support for iCloud storage for all of your Mac desktop and Documents folder files–the idea being that most of the files you use can be synced with iCloud and accessed on your phone or iPad. We do not recommend you use this feature for reasons that are explained below.
  • “Memories” is a feature of Photos that automatically creates albums from your photos. This was admittedly stunning in some instances–family vacations, for instance–but it was absurd in others (we have an awful lot of pictures of computers in our photos that we use to document inventory numbers, damage, repair processes, etc., and Memories includes them right along with our personal photos).
  • There are other enhancements if you use Apple Pay or an Apple Watch, but we haven’t explored those.

Problems We are Aware Of

  • We have read of a serious issue that arose when a user attempted to use the iCloud storage sync feature with two Mac’s and an iOS device: he ended up losing all of the files on one of the computers. Luckily he had a backup of the files, but this tale convinces us that this feature is not ready for prime time, and you should not enable it. Please also note that work-related files of a sensitive nature must never be saved on non-Hampshire devices; see the Hampshire College Data Security Policy.
  • We have not done broad testing of printers, but we have found that some Cannon PIXMA printers do not work with the new system without going through a multi-step work-around every time a document is printed. Hampshire Xerox and HP printers on campus appear to work just fine.
  • Adobe InDesign may have some graphical issues when dragging items around. This problem is purely visual, and other Adobe Creative Cloud applications reportedly work fine.

Our Recommendations

  • We do not find the new features compelling enough to recommend an upgrade. If you do have a strong desire to upgrade, there are no show-stoppers that we have found except for the iCloud syncing feature–use that at your own risk on personal computers, and please do not use it on Hampshire-owned computers.
  • As with any upgrade, you should do a full backup of your computer before you do the upgrade. Our recommendation is to use Time Machine, but if you have another full backup solution that you use, go ahead and use that.
  • Be aware that there may be compatibility issues with applications or printers. It’s always a good idea to do a Google search to see if anyone else has reported issues with key applications or printers and the new operating system.

What to do About a Wet Computer

Accidents happen, and unfortunately often involve liquids and computers. Your best chances include shutting it down immediately and tenting it upside down. Read on for more suggestions, plus what to do with a wet phone.

If your computer does get wet you need to act quickly for the best chance of its survival. So even though your computer isn’t wet right now (right?), read this so you’re ready if disaster strikes:

  1. Unplug it. Electricity and liquid are not something you want to mess with, and having power course through your computer while liquids are there is a recipe for short circuits, which cause further damage.
  2. Do not remove the battery if it involves taking the case apart with a screwdriver. If the battery is intended to be removable by consumers it will be removable without taking the case off, but most computers these days have batteries integrated inside the case. Batteries are dangerous if handled incorrectly.
  3. Tent the computer upside-down. This will help the computer drain the water away from the electronic components, and allow air to circulate to dry.
  4. Don’t take the computer apart unless you are an experienced technician. You can cause more damage than you do good.
  5. Bring it in to us as soon as you can (still keeping it tented upside down if possible). We will be able to take it apart so that it dries more quickly. We will work with you to make a plan to try to recover your data if your computer does not survive. Our hours are M-F 8:30-4:30, except holidays.
  6. Do not turn on your computer until at least 48 hours have passed and the computer appears dry. The temptation is to test whether it still works, the iron is that if it is still working you can render it inoperable by turning it on too soon. Do not yield to this temptation.

If your phone gets wet:

  1. Turn it off immediately.
  2. Put it in a bin of rice to help draw out the moisture. We don’t generally recommend this for computers because they have vents where the rice could enter, but it’s great for phones.
  3. Wait 48 hours before trying the phone I know this is unfathomable, but a new phone is expensive so (at least for me) it’s worth the precaution.

Other things to know about electronics and liquids:

  • Spill damage is not covered by standard or extended warranties, it is covered in special accidental damage warranties if it is offered at all. Apple does not have that sort of warranty
  • Computer manufacturers may put spill detection points in the computer. These will change color if they come in contact with a liquid, and will likely void your warranty in case of a spill.
  • No liquid is good for your computer, but water is better than anything else. Sugary drinks leave a sticky residue, acidic drinks will corrode the components more.
  • Even if your computer is ok after it dries out, there may be follow-on damage from corrosion.
  • It’s heartbreaking to lose a computer to water damage, but for most of us it’s truly a disaster to lose all of our data. We can often recover data from a liquid-damaged computer, but the safest bet is to regularly back up your data, just in case.

What’s New with OneCard Dining?

Over the course of the summer, Hampshire IT undertook the project of implementing a new dining system across all campus dining locations.  Here’s what that means for students, staff and faculty.


All students, faculty and staff may use their OneCard in four dining locations this year:

  • Dining Commons
  • Bridge Cafe
  • Kern Kafe (new!)
  • Mixed Nuts (new!)

Payment Methods

You now have flexibility how to pay for food, depending on location:

  • Full or Block meal plans can be purchased by students and employees and used at both the Dining Commons and Bridge Cafe.
  • Cafe Card or “flex dollars” can be used at any location.
  • Cash and Credit Cards can be used at any location.

How do Cafe Card/Flex Dollars Work?

Students and employees have the ability to add money to their OneCard and then use that money at any dining location.   All students start with $155/semester as part of their enrollment at Hampshire. Once your money is spent, you can choose to add more money simply by going to TheHub, logging in and selecting “Make a Payment”.

Additionally, employees have the benefit of payroll deduction.  Instead of proactively adding money onto their OneCard, employees just need to swipe their OneCard at any location and the cost of that transaction will be deducted from your next paycheck.  There’s nothing to setup – just swipe and go.

Bridge Cafe Meal Equivalents

Bon Appetit has created Meal Plan Equivalents at the Bridge Cafe. This means for those on a Full or Block meal plan you can choose to eat a lunch in the Bridge instead of the Dining Commons.  You need to check with the Bridge to see what options they have available day-to-day for the meal plan equivalent as it may change.

Dining Commons Meal Periods

If you dine using a Full or Block meal plan, please note that you can eat as much as you’d like while in the Dining Commons.  However you may not enter, leave and re-enter the building multiple times during the same meal period.


With our new dining system in place you have more locations, more options, more payment methods.  Go checkout the coffee in Kern.  Sample some of the options in Mixed Nuts.  Eat lunch in the Bridge.  Enjoy dinner in the Dining Commons.

New to Hampshire? IT Tips.

If you’re new to the Hampshire campus there are a few things we know might trip you up. Here are some of the issues that we typically see problems with at this time of year.

Having Trouble Printing?
As you may have noticed, Hampshire has several wireless networks; knowing which is appropriate to connect to can help avoid problems accessing services. In order to print or access file servers you must be using either Wallace or Eduroam, or be plugged into the Ethernet. For details on the Eduroam network see https://www.hampshire.edu/it/connecting-to-eduroam-at-hampshire .

Smart Phone Not Accessing the Internet on Campus?
If your smart phone seems to lose internet access as soon as you set foot on campus, it may be that it is trying to connect to the Wallace network but hasn’t yet registered with it. You have a choice: choose the Hampguest network instead, or register your phone with Wallace by using its browser to go to https://netreg.hampshire.edu . Note that if you choose Hampguest instead of netreg’ing, you may find that it switches back to Wallace on occasion all on its own.

Can’t Log into The Hub?
If you are having trouble logging into The Hub and you’re new to Hampshire, it might be because you haven’t completed the short FERPA (Family Educational Rights and Privacy Act) training video and quiz. To take the quiz go to https://hamp.it/FERPA. If you’re not new to Hampshire we encourage you to take it anyway–and we promise it is quick and painless.

New Email Account not Working?
If you have a new email account but you can’t seem to get your email, did you accept the AUP (Acceptable Use Policy) at https://password.hampshire.edu? While you’re there, change your password to something you will remember, and then set up your security questions.

Want to Forward your Hampshire Email to Another Email Account?
Faculty and students sometimes prefer to receive personal and Hampshire email in one place. If that sounds like you, you can set up forwarding by going to https://password.hampshire.edu and selecting “Email Settings.” Just make sure that you pay attention to messages telling you that it’s time to change your password–you have to do that once a year–and at that time go back to https://password.hampshire.edu.

Not Sure if an Email Message is a Scam?
When critical announcements are made to the entire campus, they are both posted on the Intranet and emailed to faculty, staff, and/or studnets directly from the announcement system. You can verify authenticity of these messages by checking https://intranet.hampshire.edu. You should also know that to change your password or check your email quota we would only ever send you to https://password.hampshire.edu. Just remember that web address & type it into your browser if you ever want to check the status of your account–anywhere else is a scam.

Have a Scam Email You Think You’d Better Share with IT?
Scam emails can be sent to phishbowl@hampshire.edu, which will bring them to the attention of the system administrators.

Need IT Help?
The IT Help Desk is staffed M-F from 8:30 a.m. – Noon, and 1 – 4 p.m. If you need immediate assistance give a call to 413-559-5418. For non-emergencies you can email helpdesk@hampshire.edu. To enter an IT ticket go to https://thehub.hampshire.edu.

Looking for Amazing Tech Tips on a Weekly Basis?
Or just need some help falling asleep at night? Watch this space.

Changes to Eduroam

If you have previously connected to Eduroam, we want to let you know about a change that may require your attention. If you’ve never connected to Eduroam, time to find out about it.

About Eduroam

If you look at the wireless networks available to you on campus, depending on where you are you may see one called “eduroam”. Eduroam gives you access to the Hampshire network just as if you chose Wallace or Gromit. But the really cool part about Eduroam is that if you travel to many other campuses–including all of the five colleges–you will see Eduroam as an option there; if you connect via Eduroam at Hampshire first, then you will be able to connect to Eduroam at any other campus that supports it.

Connecting to Eduroam for the First Time

The first time you connect to Eduroam you must be on the Hampshire College campus network. You can find full instructions at https://www.hampshire.edu/it/connecting-to-eduroam-at-hampshire, but a few salient points:

  • Eduroam does not work on Macintosh computers that are running system 10.6 or earlier.
  • Connecting to Eduroam on Windows 7 takes a little more work than on other systems.
  • When you get to the point of entering your username and password to use Eduroam, you must enter your username and include “@hampshire.edu”.

Eduroam and Certificates

When you read about setting up Eduroam you will come across the word “certificate.” Certificates are special electronic documents that guarantee your computer is connecting to the service that is who and what it claims to be, and also encrypt your data in transit. Before your computer connects to Eduroam it will first want to check that Hampshire’s Eduroam certificate is valid; this includes that it was generated by a trusted authority, and that the certificate has not expired.

Hampshire’s Eduroam Certificate

Hampshire’s Eduroam certificate is expiring soon, but we have generated a new one that will be valid for 5 years. This certificate will be installed on your computer when you first connect to Eduroam at Hampshire.

Read This if You Have Already Connected to Eduroam Before

If you have previously used Hampshire’s Eduroam service, your computer installed a version of the certificate that is expiring shortly, and you will need to update the certificate on your computer. In many cases this will be simple–the next time you connect to Eduroam you could receive a message telling you that there is a new certificate, and all you have to do is make sure it has the correct serial number and accept it.

On Windows 7 this process is more complicated. You should run the Eduroam setup program at https://hamp.it/eduroam. In most cases this will work smoothly, but if you find that your computer will not connect to Eduroam after doing this, please contact the IT Help Desk at 413.559.5418 or helpdesk@hampshire.edu.

If you are using Macintosh OS 10.10 (Yosemite) or older, you must first remove the old certificate from your computer.

  1. From the “Go” menu in the Finder select “Utilities.
  2. Double-click on “Keychain Utility.”
  3. With “login” selected on the top left, choose “Certificates” from the bottom panel on the left.
  4. Find the certificate named “lelantos.hampshire.edu” that has the serial number “00 C2 E2 D0 66 98 48 BD C2”. You can see the serial number by double-clicking on the certificate and checking out “Details.”
  5. Once you have verified that you have the right one, select “Delete” from the “Edit” menu.
  6. Quit Keychain Utility and try connecting to Eduroam . You will receive the new certificate – ensure that it is issued by Hampshire College Certificate authority and has the serial number 00 C2 E2 D0 66 98 48 BD CF and then accept it – and you should be all set for 5 years.