BCG Status Updates

July 10 2019: Zoom Security Vulnerability for Macs

UPDATE July 11: Apple is pushing out a silent update which will remove the vulnerable component.(link is external)“Apple said the update does not require any user interaction and is deployed automatically.”

A recent Zoom vulnerability(link is external) was announced for the Mac client. It allows any web site to turn on your camera without your knowledge.

Here is the current process to mitigate the problem:

  • If Zoom app is currently installed, and you are not going to use it in the future, then open the zoom app, and select ‘Check for Updates…’ from the zoom.us menu.
    • After zoom finishes updating to Version 4.4.53932.0709 or newer, then you may select ‘Uninstall Zoom’ from the zoom.us menu.
    • This will uninstall zoom, remove the zoom web browser if it is present, and remove the .zoomusdirectory from your home directly.
    • If you need to use zoom in the future, you can download the Zoom Installer Version 4.4.53932.0709 or newer to reinstall the app.
  • If you want to continue to use Zoom, download the new Zoom Installer(link is external), Version 4.4.53932.0709 or newer.
    • Run the Installer. Then Choose Uninstall from the Zoom menu. This will remove the new version as well as all of the old pieces.
    • Then run the installer again. This will give you a clean install of the new version..
    • The new installer doesn’t add the web server, or the ~/.zoomus folder.

Note that you have to upgrade to the newest version so that it updates itself well enough to delete itself entirely when you ask to uninstall.

Please contact us(link sends e-mail) if you have questions.

June 13 2019: Slowness on /z/Proj spaces

We recently added new drives to expand the space on /z/Comp, but the server hardware really does not like some of these new drives. Because of how the system works, it is taking us a while to replace those drives. It’ll probably take until well into the weekend to get the drives swapped out for ones it prefers, and there will unfortunately be intermittent access issues until that task is complete.

We will update this note when we have all the new drives swapped in.

Scheduled File Server Outages: Wed Mar 13

Introduction:
We have scheduled a, two-hour file server outages for Wed March 13 @ 9pm to install hardware in preparation for an computing cluster enhanced network speed roll-out.

If you use Condor, or have long-running computational jobs, you should shut down your jobs during both outages.

Background:
Recently, our file servers have saturated network connections between the file server and our core infrastructure switches. At network saturation levels, general slow-downs to every connected computer occurs. The majority of the network traffic is bound for our computational cluster.

Method:
Offloading cluster compute traffic onto a private network will benefit the department by reducing network saturation levels to the file servers on the biostat network. Additionally, having a dedicated network for cluster compute traffic allows for better management and higher throughput of departmental core services and computational cluster resources.

Preliminary Data:
We are experimenting with a new 40 gigbit cluster computing network infrastructure which has the potential to provide speed improvements for our computational cluster of up to 10x to each node and in some cases up to 80x for some data intensive cluster computing jobs. The new network infrastructure is currently in testing and has shown improvements for throughput on testing compute nodes.

Submitted by harrison on Thu, 03/07/2019 – 14:02

Dec 13 2018: New Bitcoin Scam Seen on Campus

(From the Office of Cybersecurity)

Colleagues,

Please be aware that the Office of Cybersecurity and the UW Police Department have received reports of a new Bitcoin (cryptocurrency) email scam. The message claims that a bomb has been placed in the building that the recipient is in and demands a large Bitcoin payment. This scam has also been seen nationwide at businesses and other educational institutions, including the University of Washington at Seattle and Penn State.

If you or others in your department receive this message, please delete it immediately. The Office of Cybersecurity is aware of the scam and is working with UWPD to investigate. Additionally, the FBI is aware of the threats and is working with law enforcement to provide assistance.