Please join us in welcoming our new telecommunication technician, Dan Cottle 05F, to the Hampshire IT team. We’re happy to have Dan, an alum who worked in the student diagnostic center when he was a Hampshire student, back on campus and working with us once again.
The telecommunication technician assists the network engineer in the design, construction and maintenance of the College’s campus network and phone infrastructure. The technician oversees physical network implementation; works closely with the campus electricians in planning the low voltage portion of new construction and renovations; and provides support and troubleshooting for VoIP ,POTS , CATV, and network infrastructure.
In plain and simple words, if you need a phone set up or some cable wired then Dan is your man. He’ll be assisting Josiah with network and phone related tasks around campus. Dan’s office is on the third floor of the library.
As part of our continuous efforts to maintain secure IT services, we’ve updated our security certificate for Hampshire websites. Confirm the security exception if you’re prompted. Read on for details.
About Security Certificates
If you’ve been following the Heartbleed exploit then you’ve been reading about SSL (Secure Socket Layer). SSL is the secure protocol that browsers use to communicate with web services.
In order to prove that they are secure and truly who they purport to be, web services will provide a browser with a certificate. In order for the certificate to be trusted by the browser, it has to be from an authority that the browser knows and trusts. There are a limited number of Certificate Authorities (CA’s), and they are regulated and audited for compliance; every browser has a list of CA’s that it knows about and trusts (“Trusted Root Certificate Authorities”).
When a browser receives a certificate, it checks that it knows the issuing authority, and looks at other information such as the dates the certificate is valid. If it’s all good, you proceed on to the website without being aware of any of this happening. You can view the certificate for a secure site in your browser by clicking on the padlock icon in the address bar.
Confirming Security Exceptions
If a browser doesn’t recognize a certificate that it is given for a secure site, you may be asked to confirm that you want to allow a security exception. Often this will happen because your browser doesn’t have a root certificate for the Certificate Authority that was issued the certificate.
You should always be cautious when choosing to confirm a security exception. Double-check that you’re visiting the correct site, with no typos. You can look at the certificate and check the Certificate Authority; Hampshire is currently using Starfield as a CA. If you trust that the site is legitimate, confirm the exception.
Why You May be Asked to Confirm an Exception for a Hampshire Site
We have updated our certificates for “.hampshire.edu” sites in order to provide a more secure environment. This was not in response to any specific threat or breach, but part of our regular security maintenance process.
If your browser does not have a root certificate for Starfield, you may be asked to confirm a security exception when you next visit a secure Hampshire site. Once you confirm that exception you should be all set.
On Tuesday, April 8, Microsoft stopped supporting Windows XP, meaning no more updates to plug security holes. As time goes on computers running XP will become more and more insecure.
About Windows Operating Systems
Windows XP is a Microsoft operating system for PC’s that was released in 2001. In 2007 Microsoft released Windows Vista, which was intended to take over as the standard PC operating system. Vista was not generally well received, and many users continued to use XP; here at Hampshire we decided to skip deploying Vista and held out for its successor, Windows 7, released in 2009. The most current operating syste from Microsoft is Windows 8, but that is seeing a slow adoption rate because of its significant changes to the user interface.
Why XP is Still Out There after 13 Years
Windows 7 is generally well regarded, and was adopted by many PC users. Despite this enthusiasm, it did have some barriers to adoption: the system requirements–it runs best with at least 2 GB of RAM–and its cost–often more than $100. It’s also not a simple upgrade–you have to re-install any programs you have on the computer, which means it takes several hours to complete.
…or not changing, to be precise. Up until now, Microsoft has kept sending out updates to plug security holes in XP as they’ve been discovered; on April 8 of this year the last update was released. From now on Microsoft will release no security updates for Windows XP to the general public.
There is an exception to this–Microsoft is providing a paid update service to some critical use customers (did you know that 95% of ATM’s were running XP just before April 8?)–but for regular old users there will be no more updates.
How to Tell if your Computer is Running Windows XP
To check whether your PC has Windows XP, right-click on the Computer icon on your desktop or in the Start Menu, and choose “Properties.” A window will come up that will tell you what operating system you’re running.
What this Means for You
If you’re still running Windows XP on a computer, it will become less and less secure as time goes on. If it’s at all possible, it’s time to upgrade your computer to Windows 7 or Windows 8. If that’s impossible or impractical for you, take steps to make sure that you keep it as secure as possible:
- Don’t use it for any transactions that you need to keep secure. It will become vulnerable to attacks that can steal passwords and other personal information.
- Keep your antivirus software up to date and always running. This isn’t going to solve every problem, but it will definitely help.
- Don’t use Internet Explorer as your browser. Choose Chrome, Firefox, or Safari.
- When you don’t need to be connected to the internet, disconnect. That means turn off your wireless access (often there’s a switch on the side of a laptop as well as the option to turn off wireless through software), and unplug any Ethernet cable that’s connected. You can be sure there will be malware bots trolling the internet looking for XP computers to infect.
What IT is Doing About the Remaining XP Computers
We’ve been migrating users to Windows 7 over the past several years. There are still a few computers out there running XP that we’re actively scheduling for upgrades. We will be contacting everyone we’re aware of who has a Hampshire computer running Windows XP; if you don’t hear from us in the next week and are running XP, please let us know by emailing email@example.com.
A major new web security flaw was discovered this week, so it’s time to change your banking passwords again. Read on for more information.
You’ve probably noticed the padlock icon when you browse to “secure” websites, or the “s” at the end of “https”. Those clues indicate that the site you’re visiting uses a security protocol known as SSL (Secure Socket Layer) or its follow-on TLS (Transport Layer Security). The SSL/TLS protocol is designed to encrypt data transported to and from sites so that only the intended receiver can decrypt it.
What the Exploit Does
This week it was discovered that there is an error in a widely used implementation of SSL/TLS known as “OpenSSL.” The bug is related to the “heartbeat” function of the SSL protocol. The “heartbeat” function allows someone to send a message essentially saying, “Hey, SSL server, are you there?” The server should then respond “Yep,” and that’s that. In OpenSSL, though, it’s possible (easy, even) to trick the server into responding with the equivalent of “Yep. Oh, and by the way, here is some random information. Not sure what it is exactly, but check it out because maybe it’s my secret key that will let you pretend to be me and intercept passwords and other supposedly secure information. If that didn’t get you what you want, just ask again, maybe you’ll get lucky. And don’t worry, I won’t tell anyone about this little conversation of ours.”
What’s Being Done About It
A patch that fixes the bug has been released, and vulnerable sites are quickly installing it. You can check if sites you visit are vulnerable by visiting http://filippo.io/Heartbleed .
What You Should Do
Because there is no way to tell if a site has been hacked using this bug (you can only tell if it is vulnerable), the best practice available is to check to make sure a site is currently safe, and then change your password. Do this for every site you use for any financial or other sensitive information.
For more information check out http://heartbleed.com/.
The new Webmail roll-out has gone pretty smoothly, but there are a few common questions we hear. Read on, maybe we’ve answered something you’ve been wondering.
Our new webmail program, RoundCube, comes closer to looking like Thunderbird or other desktop clients, which is generally a good thing. A few things are different enough from the old webmail that they merit mention.
Why aren’t all my folders listed?
In RoundCube you may have to explicitly subscribe to folders in order to see them. If you don’t see your mail folders, try this:
- Up along the top right, click on “Settings.”
- Click on the “Folders” tab.
- Check each folder that you would like visible.
- When you’re done, click on the “Mail” icon on the top right of the window. You should now see all of the folders you’ve checked listed at the left.
I’m confused between the messages I’ve opened to read and messages I’m composing.
We can set RoundCube to display messages you’re reading on a panel in the inbox, instead of giving them their own window.
- Up on the top right, click on “Settings.”
- With the Preferences tab select, click on “Displaying Messages”.
- Uncheck “Open message in a new Window” and then click “Save” at the bottom.
- Select “Composing Messages” and check “Compose in a new window.” Click “Save”.
- Select “Mailbox View” and check the box to show the preview pane. Click “Save” at the bottom.
- Click on the Mail button on the top right to return to your mailbox.
Search doesn’t seem to find everything I’m looking for.
Roundcube only searches in the folder you have selected. You can change some search options by clicking on the small arrow next to the magnifying glass icon, but there’s no way to search through all of your folders.
How do I empty the trash?
It’s a good idea to empty the trash periodically so it doesn’t take up your quota space. Just right-click (control-click on a Mac trackpad or one-button mouse) on the trash can and click “Empty.”
We’ll be working on more tips in the weeks to come. If you have a specific question please contact firstname.lastname@example.org.
To keep videos playing and PDF’s displaying, add-ons in Firefox occasionally have to be updated or ousted.
Firefox has add-ons that allow you to view content beyond simple web pages. There are two kinds of add-ons: plug-ins and extensions. Plug-ins are modules that run inside a frame on a web page, like embedded video content. Extensions go beyond just displaying content and add-on to the base functionality of Firefox. It gets a little blurry because some functionality can be implemented as either a plug-in or an extension, depending on the supported functionality and the preferences of the developer; PDF display add-ons in particular seem to show up in both formats.
Firefox has a great little tool for checking if your installed plug-ins are up to date:
- From Firefox, select “Add-ons” from the Tools menu (or just select the “Add-ons” menu if that’s all you see).
- On the list on the left, select “Plugins.”
- Click on the blue “Check to see if your plugins are up to date” link at the top of the list.
- Update everything that has been flagged as being out of date by clicking on the provided link. If there is more than one link, you will have to repeat the steps above after each update to get back to the links.
- There are almost always some plug-ins that Firefox won’t know about and will have a “Research” option. If it seems like these plug-ins might be handling content that you’re having trouble viewing, you should see if you can find newer versions by using the link or going to the developer’s website.
If you’re still having trouble viewing videos, try the suggestions at https://support.mozilla.org/en-US/kb/fix-common-audio-and-video-issues#w_plugins.
There’s no tool for checking extensions, which may be where the problem is if you’re having trouble displaying PDF’s. There are often multiple PDF add-ons that may either all be out of date, or interfering with each other. In this case we suggest a little trial and error.
- As in step 1 above, bring up the “Add-ons” window.
- Select “Extensions” from the list at the left. Scan for anything mentioning PDF’s or Adobe and disable it.
- Select “Plugins” from the panel on the left, and look for anything mentioning PDF’s or Adobe, and select “Never Activate.”
- Now try to view a PDF. It should bring you to Adobe Reader or Preview. If this is acceptable to you, you’re all set.
- If you want to try to find a PDF viewer that will work inside Firefox, try enabling one PDF viewer at a time, testing with a PDF, and then disabling and trying another if it’s not satisfactory.
- If you can’t find a PDF viewer that works for you, go to adobe.com and download Adobe Reader–this will install a Firefox add-in that should be up to date. Be careful, though, with the install–it may try to sneak in some extra software; read carefully and uncheck any optional install choices.
Please join us in welcoming Gavin Lofland, our new technology support specialist in IT. Gavin will be responsible for configuring and maintaining public computer labs in the library and select locations around campus. He will provide primary support for the pay-for-print system in the library and computer system imaging, as well as take the lead role in the hiring, supervising, and mentoring of IT student workers in the student diagnostic repair center and public computer spaces. He will also provide back up to other IT support staff by troubleshooting, installing, and upgrading computer systems and software. Gavin’s office is located on the third floor of the library, behind the student diagnostic center.