Category Archives: lisblog

Information Security RoadShow


October is Cybersecurity Awareness Month. Join your colleagues from both the Middlebury and Monterey campuses for a presentation and discussion on critical cybersecurity issues including phishing and cracking.

  • On October 29th at 12:30 Eastern time, Information Security will host a Cybersecurity Roadshow.
  • You can join the discussion in Lib105A on the Middlebury Campus or on PolyCom 710205
  • Central Monterey meeting location McCone Boardroom

Please join us for this discussion. It is open to students, faculty, staff and the community. Computer security is the responsibility of us all.

For more information call Information Security at 802-349-5805

Sophos Anti-Virus for Home Use

All Middlebury students, faculty, and staff are entitled to a full installation of Sophos anti-virus software for use on a personally-owned computer. ITS has changed the location for virus definition updates and request that all users update their Sophos clients on their personally-owned computers. The latest installers are now available at

These versions are for student and faculty/staff home-users, on their personally-owned devices. Middlebury provides managed anti-virus software for Middlebury-owned devices that updates automatically. Please do not attempt to install a home-use version of Sophos on a Middlebury-owned system.

Thank you!

Wi-Fi Calling is Here

Following T-Mobile and Sprint, AT&T has just enabled a much-anticipated feature called Wi-Fi Calling for people who have an iPhone 6, 6 plus, 6s, or 6s plus running iOS 9.x on AT&T.

From AT&T’s web site…

With Wi-Fi Calling, you can talk and text over Wi-Fi when cellular coverage is limited or unavailable. For example, some indoor locations may be difficult for even a strong cellular signal to reach. Now, with a Wi-Fi connection, you can talk and text in those hard-to-reach places.

  • Wi-Fi Calling is easy to set up and use.
  • Once you set up Wi-Fi Calling, your phone automatically detects when to use it. Wi-Fi Calling will only be used if cellular coverage is weak or unavailable.
  • It works with your AT&T mobile number and compatible device—no new number or app required.

Once you set up Wi-Fi Calling on your phone, you’ll be able to enjoy the benefits. Just follow the steps in your phone’s settings to get started.

  • Make and receive unlimited domestic calls within the U.S., Puerto Rico, and U.S. Virgin Islands at no additional charge.
  • International long distance rates apply for calls made to international numbers.
  • Text messages sent or received using Wi-Fi Calling are counted and charged under your existing rate plan.

Here is a link to AT&T’s FAQ page on Wi-Fi Calling that should answer any questions that you might have.

Middlebury Security Alert for iOS Users

Middlebury ITS Information Security is currently investigating indications that members of the Middlebury community are using iOS apps infected with the recently discovered XCodeGhost malware.

XCodeGhost-infected apps can potentially steal private information and even launch phony authentication dialogues that can be used to attempt to steal usernames and passwords. Despite this capability, no information has yet come to light indicating that the infected apps were used for malicious purposes, such as harvesting personally identifiable information or stealing passwords

The majority of the XCodeGhost-infected apps were authored by Chinese developers who were tricked into downloading fake Apple development libraries. Therefore, the greatest impact of the XCodeGhost appears to be in China.  Some apps have been identified, however, that have world-wide use, including WeChat, Baidu, and others.

If you have an iOS device, our recommendation is that you remove from the device any apps known to be compromised with XCodeGhost. Download and reinstall the app from the Apple App Store once a fixed version has been made available.

A list of known bad apps can be found here:

Additional details on XCodeGhost can be found here:

Questions regarding this security alert may be directed to


The Canvas Pilot

Our current Learning Management System (LMS), Moodle, was adopted back in 2011. Four years later we are reflecting on whether Moodle is still the best LMS to serve the growing needs of Middlebury. This fall we are doing a pilot to evaluate Canvas and determine whether we want to continue with Moodle or move to Canvas. You can learn more about Canvas and Middlebury’s evaluation by following this site –

Continue reading

Improved Filtering of SPAM and Phishing Email

ITS has begun enabling new, proactive anti-spam and anti-phishing email filters intended to improve the filtering of unsolicited and unwanted messages, by leveraging external reputation-based lists of email servers that have been flagged for sending spam and/or malicious email.

We’ve had the new filters in “Tag” mode since October 2014, so we’re confident that they are accurate and we’ll be closely monitoring incoming mail queues during the days after the change. Still, there is a possibility that someone trying to sending you email will have their message blocked, if their email servers have been flagged for sending spam and/or malicious email. The sender, in such cases, will receive an email advising them that their message could not be delivered.

If you encounter such as scenario, (i.e. a legitimate sender is trying to email you, but the message is being blocked by Middlebury’s email servers), or you have noticed legitimate messages recently having been incorrectly tagged as [SPAM?], please contact the ITS Help Desk at and we will help you identify and resolve the issue.

General questions about this change may be directed to

Online Training Site of Interest

See the Library Journal article “Colorado State Library Expands Online Training Site” for information on technology training materials that may be relevant for the Library and ITS.


“The Colorado State Library (CSL) is continuing to build out its Library Creation & Learning Centers website, a free online resource where libraries throughout the state and beyond can access interactive technology and customer service training modules for staff, Maker space programming ideas, curated links to digital creation software, and more.”

“Using Articulate Storyline authoring tools, Faccioli also created a new series of interactive online training modules that communicate several key concepts from the in-person workshops, including how to conduct a technology reference interview; how to assess staff proficiency with technology; how to create resources to help with common questions; how to use effective one-on-one technology training techniques; how to deal with challenging patron situations in a positive way; how to tailor training techniques to the needs of adults; and how to design technology training classes for groups.”

Includes a Technology Proficiency Checklist for the really basics skills and instructional materials that would be helpful if ITS ever offers a basic computing class for staff.