IT related information and \"how to\" instructions aimed at the UVM College of Arts and Sciences computer using community. CAS Computing Services Blog

Posts

Can’t print a full CATS Report from MyUVM?

We’ve heard some reports of people having trouble printing CATS reports from MyUVM.  In a nutshell, the problem is that the  report is around 13 pages long but when printed from MyUVM they only get the first page.

This is because MyUVM uses a website structure called a frameset, which basically means that the single web browser window is broken up into two or more separate windows.  If a part of the screen contains anything longer than one screenful, thenit has to be printed in a special way.

So, how do you tell if you are inside the MyUVM frameset?  Is the MyUVM logo in the upper left hand corner of the screen?  Yes? then you’re in frames.

Printing CATS from MyUVM – Internet Explorer

Log into MyUVM

Bring up the CATS report

Right click in on the CATs report and select “Print Preview” from the pop up menu.

At the top of the Print Preview screen, change “As laid out on screen” to “Only selected frame”

Click the Printer button to print

 

Printing CATS from MyUVM – Firefox

Log into MyUVM

Bring up the CATS report

Right click in the CATS report area and from the pop up menu select “This Frame” and then “Print Frame”

Set the printer the way you want (e.g. copies, duplex, page range, etc.)

Click Ok

 

Printing CATS from MyUVM – Safari

Safari is very friendly towards this sort of thing

Log into MyUVM

Bring up the CATS Report

Control click in the report area and select “Print Frame”

OR

Select “Print Largest Frame” from the File menu.

Evildoers like Macbooks, Thwart Them with “Find my iPhone”

Apple offers a special “Find my iPhone” option as a part of their free iCloud cloud storage and backup service.  Despite it’s name, you can use this tool to locate most of Apple’s product line, including your Macbook.

Setting up “Find my iPhone”

To activate this feature you first must establish an Apple ID.  If you’ve ever bought anything from iTunes or have an iPhone, or iPad, and have bought apps from the App Store, then you already have an Apple ID.  It’s usually your email address and whatever password you signed up with.

If you do not have an Apple ID, you can sign up for one, start iTunes on your computer and select Create Apple ID from the Store menu.   You do need to give Apple a credit card as part of the sign up process, but it’s just to give them something to charge against if you buy applications from the App Store, or media via iTunes.

  1. On your Macbook, select System Preference from the Apple menu.
  2. Click on iCloud under Internet and Wireless
  3. Sign in using your Apple ID and password (note that you may already have signed in previously)
  4. Scroll to the bottom of the list of iCloud features until you see “Find My Mac”
  5. Put a checkmark next to “Find My Mac”
  6. Quit System Preferences from the File menu.

Using “Find my iPhone”

Should your computer get lost or stolen (or your iPad, or your iPhone), use any other network connected computer to go to http://icloud.com

  1. Log in using the same Apple ID and password that your computer us signed in with.
  2. Click on the “Find my iPhone” icon (non intuitive, I know)
    You will be shown a Google Map.
  3. Click on the Devices button in the upper left hand corner of the screen and select your Macbook from the list of devices assigned to your Apple ID.
  4. If you see your computer on the map, and it isn’t at a location where you left it, call the police and tell them where to nab those evildoers.

You can also use “Find my iPhone” to lock the device with a six digit code that will prevent anyone from using the machine until entered again.

If the machine is in an inaccessible or dangerous location, you can choose to wipe the contents of the machine, but you only want to do this as a last resort to protect your personal and UVM sensitive information.

Note: Erasing your Mac will also remove the machine from “Find My Mac” and you will not be able to locate it again.  Last resort, right?

Thanks for taking steps to both protect yourselves and UVM from financial and informational losses.

Do you know what “University Protected Information” is?

I’m guessing that you probably don’t know exactly what we mean when we say “University information” in a security related discussion.  This is because the definitions are buried in the fairly recently published University Information Security Policy and just like End User License Agreements, nobody likes to read policy statements until we have to.

Those of you involved in human subject research, anything HIPAA related, etc are, I’m sure, much more conscious of protecting things like patient information, health records, etc.  Or at least I sincerely hope you are.  But those of you routinely doing “other UVM business” may not be as familiar.

So, extracted from this policy document:

http://www.uvm.edu/policies/cit/infosecurity.pdf

The following definitions apply to UVM information, and not to information about yourself or your friends or family that is unrelated to UVM. 

“Personally Identifiable Information” is any information about an individual that (i) can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother’s maiden name, motor vehicle operator’s license number or non-driver identification card number, or biometric records; and (ii) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.

“Protected Health Information” refers to individually identifiable health information transmitted or maintained by electronic media or maintained in any other form or medium, but excludes certain education-related records and certain employment records held by an employer.

“Protected Student Information” is student education records maintained by the University, whether by academic or administrative units, and protected under the Family Educational Rights and Privacy Act (FERPA) and as described more fully in the UVM FERPA Rights Disclosure policy.

[FERPA Rights Disclosure document is here http://www.uvm.edu/policies/student/ferpa.pdf]

“Confidential information” is sensitive information about individuals, the University, or University property, including, without limitation, Personally Identifiable Information, Protected Health Information, information involving certain legal matters, or business and financial transactions, grant applications, student records, pending patent applications, institutional electronic security architecture, and information about security breaches or other events.

Protected Library Records – means patron registration records that contain the information a University library patron must provide to be eligible for library privileges and patron transaction records that contain personally identifiable information related to an individual’s activities within the University libraries.

In order to easily protect UVM from a data breach, which admittedly would be very costly to the institution both financially and in reputation, UVM now requires that all UVM owned laptops be encrypted using our licensed PGP encryption.  UVM also requires that home computers used for “UVM business” be encrypted as well.

It’s my opinion that vastly increased security could come from less drastic measures, such as educating the people performing the work of exactly what constitutes sensitive information. Which brings us to this post.

Takeaways from the above:

It would be wise to consider NOT using your personal devices and home computers for UVM related business

If you do choose to do so, it would be wise to:

  • Store UVM related documents containing protected information ONLY in UVM network storage (Zoofiles or Active Directory), not on Dropbox, Carbonite, iCloud or any form of personally available local or cloud storage and not on the local hard drive of the computer
  • Set your email programs NOT to cache your email on the local machine if you can (note that UVM webmail is NOT immune to caching since it stores snapshots of visited pages in the web browser temporary directory)
  • Make sure that all your devices are protected by a password, passkey or equivalent and where possible ensure that theft target, easy to lose devices such as smartphones and iPads are protected by remote location and erasure services, if any.  Apple offers a “find my device” service that is capable of locating a misplaced or stolen device (which in my experience works frighteningly well) and also remotely wiping the data off of it, if it cannot be retrieved.

If we all do our part to be aware of sensitive data and take fairly common sense steps towards protecting it, UVM will be protected from expensive and embarrassing data breaches.  It’s also a good idea to implement some of these measures to protect your personal property and information as well.

 

Is This Email Legit?

Is this email legitimate or a hoax?  This is the single most frequently asked question we have.  The answer is almost always no but people still ask and occasionally one of our clients will fall for a scam and end up with a compromised account.

The basic rule of thumb should be: if you want to ask someone about a particular email, then chances are the email is a scam and you should just delete it.

In general here’s what to look for:

  • Is the email coming from a UVM email address?  If not, it’s fake.
  • If there is a link in the email, does the link appear to be going to a UVM website (i.e. does the host name end in “uvm.edu”)?  If not, it’s fake.
  • Does the link in the email go to same place that the email says it does (e.g. the link says “www.uvm.edu” but actually goes somewhere else).  If it doesn’t, it’s fake.
    You do not have to click the link to find out where it’s actually going.  Instead you can right click (control click under MacOS) and select “Copy Link Location”, then you can paste the link into any web browser and “see where it’s going” before actually clicking.
  • If you do click the link does the site ask you for personal information (account and password, or worse, SS#)? If yes, it’s fake.
  • Does the email threaten dire measures if you don’t comply?  If yes, it’s probably fake.
    Any security measure imposed by UVM (e.g. expiring your UVM netID every 365 days), will not be executed without ample warning (two weeks at least) and can always be reversed.

Here is an ebay website on the subject:

http://pages.ebay.com/education/spooftutorial/spoof_2.html

Here’s another:

http://www.antiphishing.org/consumer_recs.html

MacOS X Users: It is now safe to go back into the water, 10.7.3 update

Greetings-

For those running MacOS X Lion, aka 10.7, it is now safe to install the 10.7.3 update.  Apple switched from the context sensitive Software Updates version of the update (which is supposed to only install the components of the update that your computer needs) to the “Combo” version which contains everything for all currently supported Mac hardware.  This makes for a bigger update, but a safer one.

Please plan to allow enough time for the update to download, connect yourself to the fastest network connection possible and for those with Macbooks, connect your Magsafe AC Power supply before installing.

If you are not running a Mac, or are not running MacOS 10.7 (Lion) please disregard this message.

MacOS users: 10.7.3 update is out, install at your own risk

If you do not have a Macintosh computer and are running OS X version 10.7, this article does not pertain to you.  Please keep moving folks, nothing more to see here.

Macintosh users with the most recent version of OS X, 10.7, aka “Lion”, there is an updated version of the OS that adds some language support and claims to fix a few outstanding bugs.  Normally we recommend that Mac users install updates as they become available, but not this time.

Apparently there are enough people running into networking, and application crashing, problems that CNet has an article on the subject:

http://reviews.cnet.com/8301-13727_7-57370469-263/os-x-10.7.3-update-causing-cui-interface-artifacts/

My advice would be to wait for an update to this update before installing.  The fixes described in the release notes for 10.7.3 will not improve the lives of most people anyway, so upgrading is not worth the risk of instability at this time.

The advice that the Cnet article gives for preventing the issues from occurring (which is not guaranteed to work please note) is pretty much what should be standard practice for all MacOS users:  make a backup, fix disk permissions using Disk Utility, download and install the Combo Fix version of the update rather than installing through Software Update.  Especially if you are an “early adopter” who installs everything as soon as it comes out, it’s a good idea to always follow the above routine.

Since we image our Macs with our own image, booting to the Lion restore partition is not an option for you should something go seriously wrong.  Instead you will have to bring the machine to us to be rebuilt.

CAS Computing Services

Re-Introducing Webfiles.uvm.edu

After the Systems Architecture and Administration (SAA) group replaced the old active directory filing appliance with honest to goodness Windows 2008 Servers, http://webfiles.uvm.edu went away.

Well, thanks to the SAA group,  it’s back and in a supercharged version.  Connect, log in using your UVM netID, and you not only can get at your personal active directory files, but you can also see any shared directory that you have rights to, and your Zoo files and your website on zoo.  All in one big happy intuitive drag and drop environment that allows right clicking, downloading, uploading, folder creation, file deletion, etc etc etc.  There’s no reason to use SFTP.

Screenshot of the Webfiles folder listing

More information here:  Accessing UVM’s Network Storage

Fake Antivirus Infections on the Increase

Recently we’ve seen a rash of people infected with official looking but entirely fake antivirus malware. In general, the user reports that they were just using a web browser, minding their own business when suddenly a window appears that looked like it came from Microsoft Windows, and which informed them that they were infected with everything under the sun. The window wouldn’t close when clicked and when they restarted their machine the fake antivirus software appeared to have become installed on their machine and couldn’t be removed, dire warnings of infections are appearing everywhere, popups to embarrassingly raunchy websites are coming up and the machine is basically unusable. Worse, the software wants you to subscribe in order to remove these “infections”. If you subscribe, now the bad guys have your credit card number.

First off, when you see one of these windows, DO NOT CLICK on anything! Immediately restart your computer.

Secondly, the primary method that these infections are getting to us is via compromised google searches. DO NOT automatically trust everything that you see in a Google search results screen. The bad guys know that people are searching for popular subjects (“Catherine’s wedding dress”) and they are setting up fast moving bogus websites just to get you to click. I’ve also just read an article that the popular Google Images website is chock full of malware linked images.

Third, the bad guys know that everyone has certain third party plugins installed in their browsers so that they can use them for work, or to view animated media. These third parties are not always entirely secure and are not updated via the usual Windows or Software update mechanism. You must update these products yourself or you risk infection. The top three examples are Adobe Flash, Adobe Reader and Sun Java VM.

The easiest method of determining what is out of date is to open Mozilla Firefox (this does not work in Internet Explorer) and go here:

http://www.mozilla.com/en-US/plugincheck/

The plugin check will tell you which of your plugins are out of date and provide links for downloading updated versions. Download and install, it’s as simple as that.

HOWEVER, because the third parties are also out to make a buck off you, be alert for offers to install unnecessary antivirus software (Adobe Reader) or assorted toolbars of the day (Adobe Shockwave or Sun Java). These “free” players are really ways for these companies to generate revenue by putting a vendor’s software in front of you.

Fourth, this fake antivirus software is big business. Estimates run as high as half a million people a day are infected. They change the malware configuration so quickly that antivirus software vendors are having a hard time keeping up. So do not rely on your antivirus software to protect you. Every single person that we’ve seen with one of these infections has had an active copy of ESET NOD32 running and the antivirus software was completely oblivious.

Lastly, MacOS is NOT immune to these infections. There is fake Macintosh Antivirus malware out there and we’ve seen one infection first hand already.

If you do get infected with one of these nasties, RUN don’t walk to our offices. The longer you wait, the more compromised your computer gets and the harder it is to remove the infection.

More information (kudos to Geoff Duke for these links)

Fake anti-virus hackers exploit engagement of Prince William and Kate Middleton

This is a general description of Fave AV:
SophosLabs – What is Fake Anti-Virus?

And some good detail:
How blackhat SEO and Fake Anti-Virus work

Sharepoint useage tip: Don’t click on the name of a file

A pair of department administrators asked me for help with editing files in Sharepoint. It turns out that they were confused about the difference between clicking on the name of a file and selecting “Edit in Microsoft ” from the drop down menu.
They assumed that the two actions would give you the same results when in fact they do not.
Clicking on the name of a file a Sharepoint library will open that file in read only mode. If you then attempt to save that file, your only choice will be to save it on your local hard drive and then you’ll have to wrestle with Sharepoint to get the file uploaded, delete the original, etc. etc.
If you want to edit a file in Sharepoint, never click on the file name. Instead, just hold your mouse over the file name, which will give you a box with a golden down arrow at the far end. Then select “Edit in Microsoft “. This checks the file out to you so that nobody else can change it, opens the file straight from Sharepoint into the appropriate Microsoft Office application and allows you to simply select Save from the File or Office menu to save your changes. Click on this screen capture to see what I mean:
Drop_down.JPG
Caveats:
1) This only works in under Windows
2) This only works under Internet Explorer

Are you still running Symantec Antivirus?

Are you still running Symantec Antivirus security software on your computer? If yes, it’s time to remove/replace it. ETS has just announced that they are decommissioning the on campus management servers for that software package as of November 30th. Although this shouldn’t affect your use of your computer, you should note that because Symantec hasn’t been updated here on campus for several years now, you are not completely protected from the various flavors of malware that have appeared in the interim.
Recently the only running installations of Symantec Antivirus that I’ve seen have been on MacOS computers. I am sure though that there are still older Windows computers out there that haven’t been updated.
Please take this opportunity to remove SAV, and if you have a Windows computer, replace it with ESET’s NOD32 product, found at http://www.uvm.edu/software Unless you are running a 64 bit version of Windows, you need the 32 bit version.
MacOS users can simply remove SAV by opening Macintosh HD then Applications then Symantec Solutions. There should be an uninstaller application available. You will need to authenticate as an administrator in the removal process. At present UVM does not have a recommended MacOS antivirus solution, but since there are still very few instances of MacOS malware in the wild, we feel that it is reasonably save to run your computer without it.
Windows users should open their Add/Remove Programs control panel, locate Symantec Security as well as LiveUpdate and remove BOTH. Then restart your computer, and install ESET’s NOD32 32 bit version from the location mentioned above.
Lastly, Windows users should get in the habit of visiting the UVM software download page to check for updates to NOD32. ETS does not make an announcement when they update the NOD32 client version and although NOD32 does update its definition files automatically, it does not update the client software itself. Having the most current recommended version of NOD32 is important in order to avoid performance issues and malware infection.
As always, contact us if you have questions. http://www.uvm.edu/artsandsciences/computingsvs/

Skip to toolbar