Blogs

Dec 13 2018: New Bitcoin Scam Seen on Campus

(From the Office of Cybersecurity)

Colleagues,

Please be aware that the Office of Cybersecurity and the UW Police Department have received reports of a new Bitcoin (cryptocurrency) email scam. The message claims that a bomb has been placed in the building that the recipient is in and demands a large Bitcoin payment. This scam has also been seen nationwide at businesses and other educational institutions, including the University of Washington at Seattle and Penn State.

Aug 20, 2018: Email delivery problems

Late last week the BCG made some changes to our name server configuration at the request of DoIT (Outlook integration). Unfortunately, in making those changes we introduced a bug into how email addresses are resolved. This error caused email from outside the UW Outlook system, to @biostat.wisc.edu addresses, to fail to deliver. Email sent to your @wisc.edu address, or sent entirely from within UW's Outlook, would still be delivered as normal.

July 31 2018: R 3.5.1 ready

The newest version of R, 3.5.1, is ready and usable with the path /s/pkg/linux64/R/3.5.1/bin/R. After some testing, we will make this the new default, in a few weeks.

Some packages have dropped maintenance since the last update:

  • deal - very old
  • msgl
  • ncdf - replaced with ncdf4 package, which is now installed
  • ReporteRs
  • epicalc

If you need a particular replacement package for one of these, please let us know.

July 18 2018: Directory Difficulties

Today one of our file servers had a drive fail. The normal failover process worked, but unfortunately took long enough to confuse a bunch of machines.

The usual symptom is that directories (home directories, project directories) will not attach. Often your login session will just hang.

Unfortunately, this takes a hard reboot to fix reliably. We are checking a bunch of the open login and compute servers (Wednesday afternoon), and rebooting as we can.

Jan 4 2018: Hardware Vulnerability Patching Schedule

In the last few days rumors of terrible, CPU-level security vulnerabilities have been appearing in the tech news. Last night the embargo on details was broken, and it's quite a mess. The BCG will need to patch all machines in the department, probably more than once, to address the problems.

Over the next week, please:

  1. Log out if you are away from a machine more than a few hours (including remotely). This lets us patch machines when we see no one is logged into them.
  2. Please avoid long-running compute jobs, either directly or through condor. This will minimize work lost when we reboot a machine.

One of the two vulnerabilities cannot be fully solved short of replacing the CPU. The patches for that are work-arounds which try to minimize the risk of the vulnerability. These patches do degrade the performance somewhat, from nearly 20% for certain kinds of database tasks, to more modest 3-5% hits for purely computational work. What the hit will be like for average, daily workloads is not yet clear.

Patches are already available for all three of our platforms: Windows, MacOS, and Linux. We have already begun to apply patches on free machines. As firmware updates become available BCG staff will need to visit people's desktop machines and spend time with laptops.

Pages