News

IMSS Systems Maintenance -- Thursday, September 18th, 6:30PM-12:00AM

IMSS' bi-weekly systems maintenance will occur Thursday, September 18th from 6:30PM to 12:00AM. Not all systems will be taken offline, but please note that some services and applications may be intermittently unavailable during this maintenance period. If you have a computer that is managed by IMSS, we recommend that you leave it powered on overnight so it can receive updates. Please be advised that your computer will automatically reboot after the updates have been installed. If you have any questions about this, please feel free to contact the Help Desk (x3500, https://help.caltech.edu.)

IMSS recommends updating Java

Microsoft's recent Windows updates include an update to Internet Explorer that blocks older versions of Java. If you encounter issues using Java-dependent applications after applying this Microsoft update, please update your version of Java. Instructions on how to download and install Java can be found at http://www.java.com/en/download/.

Additionally, IMSS recommends downloading and installing a custom Java configuration file on your computer. Installing this configuration file will further assist with security and compatibility with IMSS applications and it will prevent persistent, yet harmless, security warnings from appearing when using specific IMSS applications. Instructions for downloading and installing this file can be found at http://imss.caltech.edu/help/java-config-file.

IMSS would also like to remind you that you can avoid any potential Java issues with Kronos by using Kronos Limited instead, which does not require Java to run. To use Kronos Limited, go to http://kronoslimited.caltech.edu.

Lastly, note that IMSS Managed Computing customers do not need to take any action. IMSS will update Java and will install the custom configuration file for managed computers during our maintenance window on 8/21/14.

For questions or further advice, please contact the Help Desk (x3500, https://help.caltech.edu.)​

OpenSSL "Heartbleed" Vulnerability

A security problem with OpenSSL, which is used by many "HTTPS" websites, has been in the news recently.  IMSS is fully aware of the problem and our central systems are not affected.  However, we are contacting system administrators of affected systems around campus, who may not be aware of the issue.  Please note that this problem does affect many popular off-campus websites, and is another good reason NOT to use your access.caltech account password for anything else. If you do use your access.caltech password on any other sites, we recommend you change your password as soon as possible. Your access.caltech password should be unique and should not be used for other accounts. Using the same password across multiple sites increases the chances of the password being exposed via a security problem at a site Caltech has no control over. For accounts on external sites that are vulnerable to the OpenSSL "Heartbleed" issue, changing your password is prudent, but we advise giving the affected site time to implement a fix before you do so.

Additional information: http://bits.blogs.nytimes.com/2014/04/08/security-flaw-emphasizes-the-ne...

Collected information about popular websites that may be affected: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Beware Fake Microsoft "Tech Support" Phone Scams

Some campus customers are receiving calls from people claiming to be from Microsoft regarding a supposed computer problem. The callers offer to fix the problem and request remote access to the customer's computer. This is a very common scam with typical goals of installing malicious software on the victim's computer, or obtaining the victim's credit card number (to pay for the unsolicited, but fake "tech support"). Microsoft will never call you like this. More information about this type of scam can be found here: http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx If in doubt, always feel free to contact the IMSS Help Desk for questions and advice.

Improvements for identifying spam email

IMSS has recently implemented a few changes to our spam tagging service. The word SPAM is now prepended to subject lines for spam tagged messages, which will make it easier to see that a message has been given a score that indicates it is likely spam. We also have a new rule that spam tags messages that originate from off campus, but claim to be from the IMSS Help Desk. This will also make it easier to identify phishing messages that ask for your access.caltech username and password. If you have any questions about these changes, please contact us (x3500, https://help.caltech.edu).

Example:

Mailman mailing lists moved to lists.caltech.edu

IMSS has moved Mailman mailing lists to new infrastructure. Mailman's functionality and look and feel remain the same, however mailing list locations (URLs) have changed to https://lists.caltech.edu/ with the list name appended. While website redirects have been set up so that old links continue to work, we encourage you to update your links and saved bookmarks. If you have any questions about this, please contact the Help Desk (x3500, https://help.caltech.edu.)

Don't Be Fooled By Messages Asking For Your Caltech Username And Password

Many campus users are receiving email claiming to come from an IT support group (sometimes even IMSS or the Help Desk), asking for the user's password and other private information, or requesting that you "verify your account" by logging into a website. Please be aware that this is a form of security attack known as "phishing" designed to fool users into giving their usernames and passwords to an attacker. Please do not reply to these messages or visit any websites they may refer to. IMSS does not recommend providing usernames and passwords by email, and IMSS will never ask users for their passwords by email or by phone under any circumstances. When visiting a website, be sure to check the address bar on your browser to confirm that the site you're visiting is the one you were expecting. If you receive any confusing or worrisome email messages about any of your Caltech accounts, we strongly recommend contacting the IMSS Help Desk (395-3500 or http://help.caltech.edu) or your local system administrator. In the event that your password is exposed to an attacker, please be sure never to use that password again, for any purpose, and particularly never for the account it once belonged to.

Example:

Matlab License Renewal

Standalone Matlab licenses expire annually on December 1. To renew your standalone Matlab license for another year, follow these instructions.

Start the activation client:

  • On Windows, go to the Start menu to the All Programs list. Select MATLAB, the MATLAB release, and then select the "Activate MATLAB" link. NOTE: We recommend starting Matlab in "administrator mode".
  • On Linux/Unix/Mac, run the activate_matlab.sh script found in your $MATLAB/bin folder.

Once you have started the activation process, follow these steps:

  1. Select "Activate automatically using the Internet", and click "Next".
  2. Log in with your MathWorks account by filling in your credentials and clicking "Next".
  3. Select your license number from the list that appears, and click next.
  4. Use the standalone key you used to activate the product. You can retrieve this key from your software.caltech.edu purchase receipt.
  5. Submit your activation by clicking "Activate".
  6. When activation is complete, click "Finish" to start MATLAB.
  7. You will need to restart MATLAB once finished.

For questions or further assistance, please submit a request at https://help.caltech.edu (request type IMSS > Software Licensing & Distribution > Other.)

IMSS recommends updating to Java 7

Several of the applications that IMSS maintains will soon be optimized to use Java 7. IMSS urges you to update to the latest version of Java 7 immediately to avoid problems with using these Java-dependent applications, as well as protect your computer from using older and insecure versions of Java. Instructions on how to download and install Java 7 can be found at http://www.java.com/en/download/.

IMSS also recommends uninstalling Java 6, which is not automatically removed when updating to Java 7. Instructions to uninstall older and insecure Java versions can be found at: 

Additionally, IMSS recommends downloading and installing a custom Java configuration file on your computer. Installing this configuration file will further assist with security and compatibility with IMSS applications and it will prevent persistent, yet harmless, security warnings from appearing when using specific IMSS applications. Instructions for downloading and installing this file can be found at http://imss.caltech.edu/help/java-config-file

Also note that in order for some IMSS applications to work with Internet Explorer 10, compatibility mode must be enabled. Instructions for setting up compatibility mode can be found at http://imss.caltech.edu/help/enabling-compatibility-mode-ie10.

Kronos is one of the applications that will be optimized to use Java 7. IMSS would like to remind you that you can avoid any potential issues with Java by using Kronos Limited instead, which does not require Java to run. To use Kronos Limited, go to http://kronoslimited.caltech.edu.

As a final note, IMSS managed computing customers were updated to Java 7 and had the custom configuration file installed during our maintenance window on 11/14, and therefore will not need to take any further action. 

For questions or further advice, please contact the Help Desk (x3500, https://help.caltech.edu.)

 

 

 

Pages