We have added the FlatOn theme to the themes available on our WordPress sites.
Tweaks and Fixes
- Searching by “Last Name” on the Directory will now include results from anyone whose last name contains your search query. Previously it only included people whose last name started with your search query. This made it somewhat difficult to search for people with “de” in their last name, hyphenated names, or multiple last names.
- The “department” field for each person in Banner is a single line of text. For people working in multiple departments, their “department” will be “Dept A / Dept B”. When you search by department in the Directory, we include the people who work in multiple departments in the results. If a department was comprised of only people who worked in multiple departments, that department was not being shown in the list. They now are.
- Accessibility: presentational attributes like ‘border’ shouldn’t be used on HTML elements, but rather specified using CSS. This is already how we handle many elements, but the site code would add a redundant “border=0” to every image. We have removed this. Borders can still be specified on images using the Edit Image button in the editor, which adds a CSS style to the image.
- We have disabled some of the components of the WordPress Jetpack plugin that may cause conflicts with our sites. These include: Custom Content Types, Gravatar Hovercards, Single Sign On, Site Management, Mobile Theme, Notifications, Photon, Post by Email, Protect, Videopress, Vaultpress.
- The image slider on the Davis UWC Scholars site will rotate through its features faster.
Users of Adobe’s “Creative Cloud” products (formerly Creative Suite) may have noticed that in the Creative Cloud dashboard, there’s a prompt to “Update” any installed products to the CC 2015 editions. Although normally we recommend keeping software up-to-date, this is a major new version that comes with a few issues:
- There have been some reports of instability with the new software as compared to the 2014 editions.
- After updating from the CC dashboard, the license will not be recognized and the software will be in “trial mode”. This is an unfortunate side effect of the way Adobe does enterprise licensing.
At this point, our general recommendation is to stick with the 2014 version of your Adobe apps. We will update this post with more information as we test the new versions and establish a smooth upgrade path. In the meantime, those who wish to update to the 2015 editions (including “Adobe Acrobat Pro DC”), or have already done so, should make sure all new software that you want is installed, then update the license file. To do this, please do the following:
- Mac users should go to Self Service and run “Adobe CC 2015 License”.
- Windows users should submit a ticket with the MIDD number (on the blue sticker) of the computer in question, requesting to have the Adobe license updated.
If you have any questions, please contact the Helpdesk at 802.443.2200 or email@example.com. Thanks!
Information Technology Services
During our regular maintenance window this Sunday, July 5th we have the following activities scheduled:
- The WAN circuit dedicated to the Video Conference network at the VT campus will be down for up to 10 minutes for maintenance between 6:00am and 6:30am EST. During maintenance active video conference sessions in VT, DC, and CA will be terminated and no new sessions will be able to be initiated. After maintenance the service will be back to normal operation.
We appreciate your patience as we continuously strive to keep our systems functioning optimally.
ITS – Central Systems & Network Services
Middlebury Information Security received information that fraudulent emails are being sent from a malicious domain, “middleburry.org”, to businesses that might provide equipment and supplies to Middlebury College.
The suspicious emails are crafted such that they appear to come from actual Middlebury College employees, though the contact information provided includes incorrect telephone numbers and email addresses.
Note that suspected bad actors are using a typosquatting technique – there are two R’s in “middleburry.org”, and Middlebury’s domain name ends in .edu, rather than .org. Those details, however, are perhaps an easy thing to miss, especially at a quick glance.
Efforts are underway to takedown the middleburry.org domain, and to suspend the domain holder’s email service.
Please contact InfoSec@middlebury.edu with questions.
A year ago the Internet saw a rash of malware known as ransomware. This malicious form of cyber attack is known for infecting a computer and encrypting a drive. The victim is then unable to recover their data until paying a ransom to the attacker. Middlebury, like many other institutions was not immune to this form of attack.
A week ago the FBI announced a new variant on a common form of these attacks known as CryptoWall. This form of ransomware is known to have four methods of infecting a computer.
- Phishing: the attacker may lure a victim into downloading an infected attachment through a phishing campaign and thereby compromising the drive on their system.
- Phishing: the attacker lures the victim into clicking on a link to a malicious web site where the victim unknowingly downloads the malicious software onto their system and compromises their drive.
- Infected ad: the attacker posts and infected ad on a website which a user might click thereby causing the download of malicious software.
- Compromised website: the attacker compromises a website so when a user visits the website they unknowingly download malicious software and compromise their system.
According to the FBI, by far the most common method of attack is phishing, particularly with attachments in the message.
What you can do to protect yourself:
- Never open attachments or click links in emails that you do not recognize or trust.
- Know what a phishing attack is and how to spot one. visit http://go.middlebury.edu/phish or http://phishing.org
- If you think you have fallen for a phish change your password. then call x2200
- If you believe you system is compromised, unplug it from the power and the network. Shut it down immediately. Do not worry about saving your work. then call x2200.
- Backup your data routinely. If you save your data to Middfiles or your home directory it will be backed up automatically.
- Never disable your antivirus software.
- Send any suspect emails to firstname.lastname@example.org
- Only download software from known vendor sites.
- Don’t click on ads in web sites. Visit vendor websites directly.
By default in WordPress you cannot add tags or categories to pages. These are only available for posts. We’ve added the Post Tags and Categories for Pages plugin. You can enable this to add tags and categories to your pages.
We had been using the ShareThis module for Drupal to provide share links for news stories on the Middlebury and MIIS websites. The ShareThis service provides reports on the number of shares to each platform, but we weren’t using the reports and the trackers that the service adds to do this were numerous. We’ve replaced ShareThis with the Drupal service_links module, which provides links to share content without third-party trackers. We’re still using ShareThis on the Museum of Art and 25th Reunion site, but will replace it with Service Links on those as well.
Tweaks and Fixes
- An archive copy of the 2014-2015 Handbook site is now available as a PDF.
- Fonts on the WRMC site have been normalized to use the Google Fonts EB Garamond, Arvo, and Paytone One, ensuring that the correct fonts are loaded on all platforms. The site had previously been using some fonts that were only available on Macs.
- Fixed a CSS issue with the tabs below the scrolling banner on the MCSE site.
A problem occurred on June 25th that caused Windows computers to temporarily lose their network drive mapping when logging in. We have researched what may have caused this issue, and believe we have fixed it. Please call or email the Helpdesk (email@example.com) if you see any problem with your network drives the next time you login to your computer.