Tag Archives: ITS

Big changes coming to Wes Station

Some of these aren’t too surprising in light of the continued contraction of the first-floor window’s hours, but it’s pretty noteworthy nonetheless. Per an all-campus e-mail:

* Wesleyan Station service window on the first floor of Usdan will close approximately on July 10th. ITS Central Printing Services will move from Rm 523, Exley Center to this location and will be open for operation on Thursday, July 16th.
* Students, faculty, and staff may purchase stamps, and ship via FedEx from the Cardinal Technology Center (Computer Store) in Usdan Center from 8 AM to 6 PM.
* The USPS shipping services will be available at Cardinal Technology Center ONLY from 11 AM to 2 PM. These hours will be expanded at a later date.
* Students can continue to pick up their packages in the Wesleyan Station pickup window in the basement level of the Usdan University center from 9 AM to 4:30 PM.
* Departmental shipping services will continue to be handled in the Wesleyan Station pickup window in the basement level.
* All USPS mail must be at the Wes Station by 3 PM for them to be shipped that day.
* ITS Central Printing Services will remain in room 523 of the Exley Science Tower until Friday, July 10th. It will be closed from Monday 7/13/09 to Wednesday 7/15/09 while we move to the Usdan Center. All printing services will be available in our new location on Thursday 7/16. Our hours will be M-F 8:00 AM to 4:00 PM, closed from noon to 1:00 PM for lunch.

Not a big fan of the limited shipping window, but it seems like a big improvement otherwise. Now if we could only get the package window open past 4:30, we’d be set.

An Insider’s Perspective of ITS

An ITS staff member who wishes to remain anonymous sent us the following:

Today’s Argus will include an article related to Wesleyan ITS, sourced primarily by myself.  I believe that this article fails to document the extent of dysfunction within Information Technology Services at Wesleyan, so I have decided to write a separate editorial on my own.  As an ITS staff member, I offer an insider’s perspective into an institution which has profound influence on the entire Wesleyan community.

Our IT department steamrolls out new products for students, faculty, and staff alike, without proper testing and without enough discussion with the impacted users.  Because of this, many of the new web applications and services produced by ITS do not work well, or are even worse than the products that they replace.

Many of our IT decisions are made based almost exclusively on funding, rather than on community welfare.  I know we’re living in the real world, the bottom line has the final word, but our IT department has given in to the ‘get it done quick’ mentality without enough concern for quality. In the majority of cases I’ve been familiar with, ITS has released products without proper testing for bugs and without beta testing lasting longer than a week.  After they release a product, they move on to something new, and don’t improve or fix previously released applications.

For example, consider the kiosk machines located in Usdan, Exley and elsewhere.  For web browsing, they use a program called wKiosk.  Until last month, wKiosk on these machines could not display Gmail’s web interface properly.  ITS only became aware of the problem and fixed it after being notified by a student.  That means that for one and a half years, no one from ITS tried to load the Gmail web interface on one of these machines.  Even when ITS decided to switch student email over to Google Apps, no one made sure that Gmail would be accessible from all campus computers.

In Usdan’s basement there is multipurpose room equipped with speakers and a projector, which allow students and faculty to play music and project movies.  However, the media cabinet’s sound cable has been routed to play music through an iPod, but is too short to connect to a laptop – as a result it is almost impossible to simultaneously project video and play the accompanying sound.  The only way this could have gone without notice is for nobody in ITS to have ever tried to use this projector.

These problems go beyond simple inconveniences to serious security problems.  As you will read about in today’s Argus, there was a huge security flaw in our Wesleyan Google Apps that ITS has failed to report.   Until February 27, when a concerned student reported the flaw, the login page [mail.gapps.wesleyan.edu] did not require a password to log in to a student’s email account.  Simply providing a valid user name and leaving the password field blank would bring a person to the email account associated with the user name.

Bugs happen, but this one could have been avoided with proper testing.  When an engineer writes a proper authentication page, it is routine to test that blank passwords do not bypass security.  Testing is all the more important on an application that safeguards personal information such as email.  Needless to say, bugs that are this large in scope and this easy to exploit should under no circumstances occur in a well-functioning university IT department.

Additionally, I find it abhorrent that ITS did not voluntarily release details of this flaw.  The flaw was fixed on Febuary 27, and publishing information about it no longer poses a security risk.  Some students may have had sensitive passwords or other information in their email, and have the right to know if that information was visible to third parties.  By not reporting the flaw, ITS puts students at risk for identity theft.  On the other hand, by not reporting the flaw, ITS maintains a better public image and does not have to own up to its mistakes.  If you had passwords stored in your Gmail inbox, especially important ones like banking details, you should change them immediately.

ITS has also failed to take action to prevent the spread of viruses on campus.  For at least three years, the computer labs have had at least one widespread outbreak a year.  Yet the Macs still don’t have virus scanners installed, which allows macro viruses to infect Microsoft Office documents, and the PC’s still have auto-run enabled, which allows viruses to spread via flash drives.

Two years ago, Blackboard was a vector for viruses, because it does not scan uploaded files.  Professors unwittingly uploaded infected documents, and Blackboard helped distribute them to entire classes.  Yet Blackboard still doesn’t have virus scanning, and such a problem could reoccur at any time.

ITS also recently released WesFiles, which is Xythos rebranded.  Xythos wasn’t properly tested with Macs before it was purchased, and it was later discovered that it doesn’t integrate well with OSX.  Consequently, our main software for server-based storage supports 50% of the community through only a web-based interface.  Had ITS tested Xythos properly and decided that integration with OSX was not a priority, selecting it would have been questionable but acceptable.  The problem here is that the decision was made before all the facts were known.

Cisco Clean Access (CCA) is another example of a product which was not properly tested before being released.  In the fall of 2007, CCA was enabled on our entire network after being tested on fewer than five computers.  As the class of 2011 probably remembers, nearly all the incoming freshman had no internet for days, and many had no internet for weeks.  Despite improvements, Cisco Clean Access remains problematic.  Over 250 students own computers that required a Helpdesk employee to manually allow their computer onto the network, bypassing Cisco.

So what should ITS do to improve this situation?

I see great promise in the relatively new ITS-WSA committee.  Bringing students back into the decision making process would help to avoid technological changes which hinder the community rather than aid it as well as focusing attention on services that the student body actively desires.

Additionally, ITS needs to work more on improving its current services, rather than just releasing new ones.  For example, ITS could put more effort into the into improving the lab computer system.  ITS has long planned to switch the labs over to thin clients, but efforts have been stalled due to other priorities.  The switch would largely eliminate virus infestations and students would no longer lose files by accidentally leaving them on the lab computer’s desktop.  Your files and desktop would travel with you to wherever you logged in.

ITS should test its products more thoroughly before releasing them, as this would have prevented many of the issues listed above.

I also suggest that ITS hire students to test everything technological at Wesleyan in the way it is really used.  The students would try to project something from a laptop in Usdan’s basement.  They would try to load Gmail from a kiosk.  Perhaps, had they started before February 27, they would have noticed that they could log into Wesleyan Google Apps without typing a password.

Finally, it is inexcusable, and possibly illegal, to not report security breaches in a timely fashion.  ITS must begin reporting such breaches.

With these and other changes in mind, I believe ITS could once again become a respected institution on campus.  I hope for the sake of the entire Wesleyan Community that they do.

Gmail Switchover

So, like we said before, ITS is switching webmail over to Gmail. By the look of the shoutbox, folks have some questions about all the finicky details, like, “how do I get my old emails back?” C’mon guys, new year, new start. But, if it’s really that important to you, check out the ITS Blog featuring the FAQ and How To’s. Sheesh, some people have no sense of adventure.

Also, please don’t call me directly, but you might catch me picking up the ‘phone at Helpdesk – 860.685.4000. Then again, you might not – I’m still in NH at the moment. Everyone else driving home (sorry Mom, I mean back to college) in the snow, be sure to drive safe. /PSA

Google Apps Switch-over

As you probably know, Google will soon become Wesleyan’s webmail provider (the switch is happening January 19th). Since I’ve heard a fair number of questions floated whenever it comes up in discussion and had a few questions about the switch myself, I asked some questions and got answers from Karen Warren, one the ITS employees in charge of the switch. I’m going to summarize those answers here and try to offer some additional general explanation in a question and answer format.

What’s going to change?
If you route your Wesleyan e-mail through Gmail already very little will change for you, except that Gmail access will be more seamless than before since you’ll no longer have to have your e-mail automatically forwarded or fetched with POP3. If you don’t use Gmail already the main difference for you will be that you’ll be using Gmail as a webmail interface rather than the current SquirrelMail.

Another major change is that e-mail will be hosted externally from Wesleyan rather than locally on servers owned and maintained by ITS. An advantage of this is the greatly increased storage space: each student will get the same amount of storage as a standard free Gmail account, which at the moment is more than 7GB, as opposed to the 100MB we’ve had up until now. One additional consequence of this is that any downtime will probably be Google’s fault rather than ITS’s. Unless Gmail starts going down a whole lot more often than it does now this will probably be a change for the better.

[edit by Sam]: E-mail addresses will remain the same.

Can I opt out of the switch?
Yes. If you for some reason want to opt out of the switchover, you must do so by 5pm, January 14th. There’s a link—’Gmail Opt Out’—to do so in your portfolio. If you choose to opt out, you may opt back in at any time. However, you may not go back to using Wesleyan-hosted e-mail once the switch has been made.

What will the EULA/Privacy Policy look like?
Google’s general education contract is here. However, Wesleyan has been negotiating with Google to make some changes to the agreement, and those are not yet finalized, and so are not available online. I have been told that they will be made available when possible.

You will not have to accept any additional EULA when you first sign in to your Google Apps webmail. Additionally, all of Wesleyan’s policies will continue to apply.

Will there be ads?
For current students, no. For alumni, read on…

Will there be any change in account functionality post-graduation?
Service will remain essentially the same. Google reserves the right to add advertising to alumni accounts, but does not currently do so.

Please feel free to leave any questions you have in the comments. I’ll answer them myself if I can or get them answered if I can’t.

[EDIT] ITS has a blog with details about the switch to Google Apps, including instructions on opting out and instructional videos for moving your contacts, keeping the mail currently in your account, transferring any folders you’ve set up in webmail, and setting up mail clients.

[/EDIT by Justin, 2009-01-11 2:35 PM]

ITS Open House!


Did you ever wonder about the inner workings of ITS, one of the most crucial (if not the most crucial) departments on campus? Wonder no more. ITS is hosting an open house this Wednesday, Nov. 12, from 1:00-4:00 PM. The three “acts” include The Fifth Floor (where the magic happens), “Usdan and Beyond” (Wesleyan Station, PAC Lab, CFA Lab, and the Cardinal Technology Center), and “Exley First Floor” (including the Helpdesk and Instructional Media Services).

“Usdan and Beyond” tours leave at 1:30 and 3:30 in front of the Cardinal Technology Center, first floor tours leave at 1:00 and 3:00 in front of Pi Cafe, and the fifth floor is a “self-guided” tour.

Date: Wednesday, Nov. 12
Time: 1:00-4:00 PM
Place: Exley first/fifth floors; Cardinal Technology Center

Open Letter to ITS Management

Dear ITS Managers,

I’m going to preface this by saying that I am an ITS employee: I work for IMS as a Classroom Support Tech. I know a lot more about ITS than most students. And I haven’t the faintest idea who this should be sent to–that’s why it’s going here: I know at least a few ITS employees read Wesleying, and so this might actually have a chance of reaching the people it needs to.

That’s the biggest issue here. Nothing I’m writing here would have to be addressed in this manner if there was a better way for me to communicate it. While a lack of communication certainly isn’t a problem unique to ITS, it’s a problem that ITS especially needs to address, because unlike most of the other non-academic departments on campus, students make use of the services ITS provides countless times daily. Most of the times things work fine. Occasionally though, there are problems. And it’s when there are problems that the lack of communication is especially apparent. This post is mostly about a couple of problems and is an attempt to bridge this communication gap.

The first problem is the more general one: residential internet connections have been at least an order of magnitude slower than normal for the past week. I have heard friends complain about this recently, and I have been seeing general anonymous complaints about the issue for weeks even before I experienced it. I’ve been experiencing trouble streaming videos, a generally slower connection, and yesterday was unable to stream audio while simultaneously downloading an album from Amazon. Considering how fast the internet here is normally, this is ridiculous. I’ve heard nothing from ITS through the few communication channels that are available–e-mail, the ITS blog–and so I can only assume that this is not something ITS knows about or is actively trying to fix.

The second problem is more specific: the packet shaping/throttling that ITS does to prevent torrents from consuming an excessive amount of bandwidth is affecting other applications as well. The specific instances I’ve heard of (and experienced) are all related to computer games, but I don’t doubt that there are other affected applications. Having certain of my non-academic activities denied to me is beyond annoying. And worse than that, a good portion of the time the torrent throttling doesn’t work anyway. This has been an issue since the DoS attack near the end of last year. I reported this issue through Helpdesk earlier this year. Please fix it. This issue is a constant irritant to those of us it affects–and I think we’re a larger group of people than you might expect.

The last thing I’d like you bring to your attention is just silly. There is one particular sentence in the Wesleyan Computer Usage Policy that really needs to be removed:

For example, running a program which allows illegal sharing of copyrighted music or video is prohibited.

Every modern operating system has file sharing capabilities. Every piece of network-connected software offers the possibility for copyright infringement. This sentence expressly prohibits users from running Windows, OS X, or any major Linux distribution. Not to mention things like web browsers or chat clients. It’s been there for (I would imagine) years. I first noticed it months ago, but had no idea who to mention it to. Right now it’s doing nothing but making a joke out of the document it’s in.

I do not think that improved communication is a new idea for ITS–in fact, I know that it’s something that’s being focused on as a department. However, I have seen no improvement thus far despite the efforts that I know are being made. I hope that this letter might help you address this, and help address some of these issues. I can go into much greater detail on either of the problems I mentioned if that would be helpful.

Thank you for taking the time to read this.

Regards,
Sam DeFabbia-Kane ’11
(sdefabbiakan at wes)

Help Redesign the Wes Homepage

The Wes homepage is being redesigned – join the WSA focus group to get involved in the process:

A collaborative effort between University Communications and the New Media Lab in ITS is currently underway to realize a new web presence for Wesleyan, including making changes to Wesleyan’s core website design and content.

In effort to maximize the inclusion of student voices in this process, the WSA is forming a focus group of diverse representatives from the student body to provide feedback as well as new ideas. The focus group will meet approximately once monthly for the rest of the fall semester and the entire spring semester to view and provide comment on work in progress.

If you are interested in serving as a member of this focus group, please apply with the following information no later than MONDAY, NOVEMBER 3 at 11:59PM to wsa@wesleyan.edu:

  1. Your name and class year
  2. Your extracurriculars (sports, theater, publications, etc.)
  3. Your on-campus place of residence
  4. Your reasons for wanting to serve on the focus group
  5. An example of something on the current Wesleyan homepage that you think “doesn’t work” and why

Sincerely,
The Wesleyan Student Assembly
Organization and External Affairs Committee

Phishing scams hitting student accounts

Over the last week or so, thousands of emails have bombarded students, faculty, and staff—all ostensibly from Help Desk, or ITS, or some other official-sounding department of the University—that have threatened recipients with the disablement of their accounts, unless they reply with their passwords or other personal information.

Several student accounts have since been compromised, sending more spam and more phishing scams through the veins of University servers, and ending up in your inbox. Despite all of this, there’s an easy way to prevent scammers from gaining access to your account and flooding us all with spam and other evils:

NEVER REPLY TO THESE EMAILS! ITS will never ask for your password or personal information by email. Requests for such information are fraudulent. Delete them and do not reply.

A better solution—one that keeps almost all of these messages from showing up in your inbox in the first place—is to turn on spam filtering, which not only gets rid of these phishing scams, but basically eliminates spam from showing up in your inbox, period.

To turn on spam filtering:

  1. Log in to webmail.
  2. Navigate to Options, at the top of the window.
  3. Choose Spam Filter Configuration.
  4. Choose your Spam Score; 5 is recommended. Lower numbers will apply stricter standards and may catch some legitimate mail; higher numbers will be more lenient and may allow spam through. I get no spam on 5.
  5. Change Action to either “Move to Spam Folder” or “Delete Immediately.” If you choose Move to Spam Folder, you can see all the emails that have been filtered out as spam before they’re deleted.
  6. Click Save Settings and say goodbye to spam!

Sadly, student accounts can be hacked by outsiders with malicious intent, even without you sending them your password. Another way to foil potential hackers is to change your password to something more secure. To do so, open your ePortfolio and choose “Password Manager” under the “Tools and Links” bucket. Ideally, your password should be at least 8 characters long and contain a mix of letters and numbers.

If you ever have questions about the legitimacy of an email purporting to be from the University, call the department from which it supposedly came, or call ITS Help Desk at 860 685-4000.

[DISCLAIMER] The information above reflects my personal advice only and does not necessarily represent the views of ITS or any other University department.

IM IN UR ePortfolio, CHANGING UR CLASSES

ePortfolio is (EDIT: WAS) down for maintenance today — the cause? A “security breach”. See Xue’s post on the update from ITS

From ePortfolio:

Eportfolio, WesNet, Classifieds and others ….
are unavailabe for several hours starting Aug 2 at 11am.
We are investigating an incident which warrants this action.

From Assistant Director of Technology Support Services James Taft‘s all campus email:

Due to a security breach in the ePortfolio system, ITS is shutting down ePortfolio in order to stop the unauthorized access and patch the vulnerabilities that allowed the break-in to occur. We do not yet know the duration of the downtime, but we estimate that it will be a couple of hours. We will follow up with more information as we learn more about the issue.

If this h4x0r unsubscribes me from my Custom Events Calendar, all is lost.

Things could always be worse: