Serious Windows 7 Vulnerabilities

Microsoft has issued advisory which describes a serious Remote Desktop (RDP) vulnerability.  Attacks can occur with no passwords needed.

According to SANS:

Title: Microsoft patches 79 vulnerabilities, 22 critical
Description: Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 79 vulnerabilities, 22 of which are rated “critical,” 55 that are considered “important” and one “moderate.”

NOTE: Windows 7 is end of life in 7 months.  Please update to Windows 10 now.

Network switch upgrades on Wednesday, May 1 from 11am to 3pm

We will be upgrading the last four network edge switches for our main math network in Bahen on Wednesday, May 1st from 11am to 3pm.  The following offices will be affected:

BA6120 BA6191 BA6193 BA6200 BA6202 BA6204 BA6206 BA6208 BA6209
BA6211 BA6212 BA6214 BA6216 BA6218 BA6224 BA6226 BA6228 BA6230
BA6232 BA6234 BA6236 BA6242 BA6244 BA6246 BA6248 BA6250 BA6252
BA6256 BA6258 BA6260 BA6262 BA6264 BA6266 BA6268 BA6270 BA6283
BA6290 BA6290A BA6290A BA6290C BA6290G BA6290G BA6290J BA6291

The lw2 and lw3 printers will be affected by these outages, so they will be unavailable while their network connections are being upgraded.

The Computer Room (BA6200), as listed above, will also be affected.

Default resolution for Ricoh scanning is now 400dpi

Since the scanning done on the Ricoh photocopiers in BA6290A and PG104A is primarily for Crowdmark and the photocopiers had different resolution defaults we decided to make them the same.  It was suggested that 400 dpi would be good, so we have done that.  If you think that 300 dpi would be a better default please let us know.

There seems to be no way to change the default contrast setting and whether one wishes to have the scanning set to one- or two-sided on these photocopiers.

Short network outage for some rooms on Wednesday 2019mar20 from 4:15-5:00pm

On Wednesday March 20 during the server upgrade time from 4:15-5:00pm we will be testing one of the new switches that we will be installing for VoIP.  People in the following rooms will be affected:

BA6102  BA6103  BA6104  BA6106  BA6107  BA6108  BA6110  BA6112  BA6114  BA6116  BA6118

This will be a short test and we expect that computers in those offices will not be without network connections for more than 15 minutes.

Networking Hardware Update for VoIP

We will be updating our networking hardware in the near future so that our department can more easily join the new VoIP telecommunications system that UofT has selected. We have to change many network switches and there will be two-hour windows when network connections for some people will stop working. Occassionally there will be short (less than 10 minutes) network outages for whole networks.

Information about the schedule for these outages will be posted on this blog.

For more information about the UofT VoIP project please see:

http://telecommunications.utoronto.ca/voip/voip-project/

Updates at 4:15pm on Wednesday March 20, 2019

The departmental servers coxeter and sphere and the mail, web, share, and ptr servers will have software updates applied on Wednesday afternoon, March 20, 2019 which will require rebooting (most servers will be unavailable starting at 4:15pm).  Since some updates will be applied while the servers are still up there may be some temporary issues with some software.  We hope that any such issues will be minor and by doing most of the upgrading before bringing systems down the shorter downtime will be worth the potential minor problems.  Please restart any programs if you observe problems during the upgrades (and please let us know at requests@math.toronto.edu, so we can investigate).  We expect the systems to be back up by 5pm.

Spear Phishing Warning and General Digital Security

MORE INSIDIOUS EMAIL PHISHING

In addition to the usual reports of both internal and external email/website phishing we are seeing a rise in “spear phishing” where an attempt is made to compromise a specific user using publicly-available information to appear to be a trusted entity. The end of this email describes such an attack initiated with a telephone call that happened recently in our department.

If you receive a suspicious email please feel free to report it to:

requests@math.toronto.edu

The University also has a reporting system centrally at:

report.phishing@utoronto.ca

Here are some tips to avoid a phishing attack:

http://main.its.utoronto.ca/news/10-tips-to-avoid-a-phishing-attack/

In general we all need to be careful with our digital security. Please see:

https://securitymatters.utoronto.ca/

for the University’s suggestions for various groups for security.

RECENT CASE REPORTED BY A FACULTY MEMBER

Someone finds an online poster for a future conference. They look up a speaker’s office phone number and email address. They call the speaker’s office, and tell them that they are booking the hotel for them for the conference (they know the conference location and dates). They ask the speaker to provide their credit card information to secure the room; they say that the credit card will not be charged, that this is just to secure the room. However, the organizers of conference confirmed they did not place the call to the speaker.

New (simplified) AV system in BA6183

[There is a summary of how to use our new AV setup at the bottom of this post.]

As many people noticed the matrix switcher for the AV system in BA6183 was failing at the end of last year so just before the break we replaced it and simplified the configuration in that room.  Now there are only two choices for inputs, the built-in computer or a laptop connected on the white panel above the touchscreen.  By default the computer will be displayed, but if a laptop is connected then that will take precedence and the system will automatically switch to displaying that (assuming that the laptop is set to display to its video port).  The laptop can be connected via HDMI (the recommended connection) or VGA (for very old systems).  After disconnecting a laptop the system will automatically switch to displaying the computer again.

We have adapters to change to HDMI from USB-C (untested) or Mini DisplayPort or DVI-D, and an HDMI and a DVI-D cable and a Wireless Presenter with Laser Pointer if needed in the green basket available from the front desk.  As always we strongly recommend that you test that things work as expected at least 24 hours in advance of using the equipment in BA6183.  Changing hardware and software sometimes causes incompatibilities between a laptop and our system.  Using the computer with a USB flash drive usually works with fewer issues.  A VGA cable should be available on the podium.

The USB connectors to the computer (in case you bring just a USB flash drive) are now loose and are labelled and have green tape on them.

You still need to use the touchscreen to activate the screens and projectors.

Limitations:

  1. It is no longer possible to use an extended desktop on the projected screens; whenever two screens are displayed they will be duplicates.
  2. The audio system was not reconnected.  We are looking into getting that functionality back.
  3. Only the computer and laptop inputs work now since the new switcher is much simpler and smaller.
  4. The image aspect ratio is only 4:3 (since our projectors are quite old and that is the aspect ratio of our screens) and the resolution is fixed to prevent interoperability issues with video renegotiation.
  5. HDCP had to be disabled since our hardware is too old which means that HDCP-enabled digital content (much high definition content is protected this way) cannot be displayed.

USAGE SUMMARY

  1. Log in on the touchscreen to activate the system (the code is available from the front desk).
  2. Choose Computer or Laptop (it does not matter which since a laptop will always have priority over the computer).  If you need the account/password information for the computer please ask at the front desk.
  3. Select whether you wish to display on either the Left or Right (as viewed from the audience) or Both screens.
  4. If you do not connect a laptop the computer desktop will be displayed.  You can use the loose USB ports that have green tape on them if using the computer.
  5. If you connect a laptop its display will take precedence and the laptop screen may adjust its resolution and aspect ratio to that of the projectors.

Updates on 2018dec12 were successful

Our systems appear to be working fine after the updates.

Bell Centrex system to be replaced by VoIP – Update about 5-digit dialing

As was mentioned in an earlier post the University is moving away from the Bell Canada Centrex system to a BroadConnect Telecom VoIP system.  Many departments have already moved over and our department will be piloting this system very soon in preparation to moving everyone over in the new year.

One consequence of the presence of two different systems on campus is that those of us still on the Centrex system have to use 9 plus the full 10 digit telephone number to call anyone who has already moved to the VoIP system (for example, people in Engineering or Computer Science).  The usual 5-digit dialing still works between two Centrex users (or between two VoIP system users).

The main University website for this changeover is VoIP at U of T.