On December 22, 2022, LastPass announced that they had a data breach a few months earlier. LastPass is a password management software that 25.6 million people use to store their passwords. The password vaults of many people were stolen. This Wired article goes into more details.
What Does This Mean?
If you use LastPass to store your passwords it is possible that your password vault was stolen. The vault is encrypted and individual passwords in the vault are also encrypted. If someone is able to crack your vault password they could see the contents of your vault, minus the actual passwords. This means they could also access your current LastPass vault unless you have additional protections (two-factor authentication) in place.
Though your individual passwords are further encrypted, the websites and usernames are not encrypted in the vault. This means someone would know you have a login to a given website and what your username is. That is enough information to target high-value sites like banking, paypal and so on.
What Should I Do?
If you are a LastPass customer, you should
- Change your LastPass vault password.
- Turn on two-factor authentication for your LastPass account.
- Change passwords on your high value (i.e. financial) logins that were stored in LastPass. Ideally change all passwords that were stored in LastPass.
- Consider if you want to switch to another password manager. There are many other products and exporting and importing passwords. This Wired article reviews several products.
What Does IT Think?
We think using a password manager is a great way to use complex passwords and make them easy to use. Most password managers have a web browser plugin so they work with a few clicks and no typing. This is a good reminder that any company is vulnerable to a breach, even a company that offers a security product. Because of this breach we no longer recommend LastPass as an option. We do recommend using a password manager. Again, the above wired article reviews some options and you can make a choice that fits your needs and budget.
On the weekend of January 29, 2022 we encountered an issue with the enrollment update from Agresso. The result was everyone was dropped and added back into their courses which has had impact on group membership and grade data for some activities. Fortunately, most grade data was not impacted, and we are exploring options to recover any grade data for those limited activities that were affected.
I am very sorry for the issue and want to assure you we’ve taken steps to prevent a similar issue in the future. We are still determining the root cause of the issue and have measures in place to prevent a recurrence until that root cause is addressed. Moodle enrollment is now back to being updated nightly (whereas before it was every 3 hours).
Faculty having questions or needing assistance can contact their Academic LFC and Bonnie Tensen.
You may have recently received an error message when trying to access Google Maps while logged into your Augsburg account. It appears that while it may have been previously available, Augsburg did not have Google Maps turned “On” as a non-core app available for Augsburg.edu accounts. A likely change by Google seems to have corrected what they would see as unintentional access. During our investigation, we have kept the service “Off.”
This change by Google also affected other Educational institutions that use Google Workplace services, and not just Augsburg.
Now we’ve turned it “On.” This is a good time to remind you that Google Maps does not fall under our Education terms of service so the privacy protections are the same as the consumer Google tools. Our Core Apps (Gmail, Calendar, Drive) fall under an education terms of service that includes FERPA protections. We have a web page that explains all of this.
In other words, non-core apps like Google Maps will collect data like the consumer Google products so be aware of that. And we recommend not requiring students to use any non-core apps for coursework since there aren’t FERPA protections like those that exist for core Google Workspace Apps.
We’ve been seeing more notifications in Gmail that a “message was not sent to Spam based on your organization’s settings.”
This is likely due to either the overall Gmail spam filter or your personal spam filter becoming more aggressive based on what its learning.
We have configured Augsburg’s Gmail to not flag messages between Augsburg people as spam. So Gmail thinks the message may look like spam but we’ve told Gmail that email between Auggies is not spam.
The spam ecosystem is constantly changing and the Gmail spam filter is constantly learning as spam changes. These changes are normal and we always monitoring for ways we can make the email experience better.
What’s going on this week
On Monday at 5AM we updated the WiFi software and adjusted the WiFi settings in the remaining dorms – Urness, Mortensen, Anderson, and Luther.
What’s planned for next week
We’re in a “watch and wait” mode now. We’re going to rely on feedback from students contacting the Tech Desk or using our WiFi reporting form to see if the experience is better. Since we don’t know exactly what the problem is we can’t check a specific metric or measurement to know if we’ve made an impact (recall we have little data from students so we’re making assumptions as to what may be the cause based on what we’ve heard from Gustavus and IT email lists).
Responses have slowed on our WiFi reporting form. Please keep using it as it will help us determine if the dorm updates have made a difference. When we don’t hear anything we then assume things are going fine.
What’s going on this week
After last week we have talked with our WiFi vendor about the fixes that Gustavus did. They pretty much agreed with the approach. The first thing to do, much like with your computer, is update our WiFi software. So that’s our first step.
During the Zoom call the vendor looked at our overall WiFi connection status and saw many more slower (2.4 GHz) connections then they expected to see. To see why that matters look at last week’s post in the technical section. Most every device should be connecting at the faster 5 GHz frequency. This is a symptom of the problem we’re trying to fix.
This week we’re starting our first round of updates. On Wednesday at 5AM we updated the WiFi software in OGC and Hagfors and adjusted some WiFi settings recommended by the vendor.
What’s planned for next week
Next week we continue WiFi software updates at 5AM on Monday with the remaining dorms.
Will these changes fix every WiFi problem?
The short answer is “no.” Some problems are due to old software or drivers on a laptop or other issues particular to the situation. But the systematic trend we’re trying to stop, devices (especially Apple devices) connecting to a distant slower wireless, should be improved by these changes based on what information we have from Gustavus, IT email lists, and our WiFi vendor.
We’ve started to get some good data from students who have used our WiFi reporting form. Thank you for taking the time to fill it out. Please keep using it as it will help us determine if the dorm updates have made a difference.
Day Student Government visit: 10/7/20
On Wednesday 10/7/20 Augsburg Day Student Government invited Scott Krajewski, CIO, to talk about the WiFi issues students are experiencing on campus. The senators had many good questions and shared experiences with Zoom disconnects and connection quality problems.
Scott shared this list of questions to help the Tech Desk troubleshoot student WiFi issues.
IT has created this WiFi problem reporting form based on the above questions for students to fill out. The Tech Desk will use this info to better troubleshoot and inform our solutions.
In the past week Augsburg IT has began researching the WiFi issues with other schools. Several other schools across the country are reporting similar Zoom issues with their campus WiFi. There are several theories as to the cause and related solutions. In particular, Gustavus Adolphus College in St Peter, MN experienced the same problems this summer. Augsburg IT met for an hour with Gustavus IT to review their experiences and their solutions. IT is now working with our WiFi vendor to verify the suggestions from Gustavus before changing our WiFi settings.
Technical Notes (for those who are interested)
Several schools hypothesize this has been a problem for a long time however we never noticed it before now. Using Zoom requires a constant connection whereas web browsing or streaming recorded video does not need a constant connection.
The working theory, as of today, is that Apple devices (computers and phones and tablets) are jumping to slower and more distant wireless connections. The WiFi network is actually two networks – one running at 2.4GHz and one running at 5GHz. The 2.4GHz network is slower and is there for older devices that don’t support the faster 5GHz network. Apple devices are ignoring a close 5GHz connection and instead are trying to connect to a further away (and poorer) 2.4GHz connection. And they are actively doing this during a Zoom session.
Since we have little data from our students at the moment we can’t be sure this is what is happening. However the anecdotes sound very similar what other schools are saying.
Every so often we get a question about private chats and meeting recordings. Let’s setup this scenario to illustrate how this works. Professor A is hosting a class in Zoom. Students B and C are attending. Everyone is using the chat feature of Zoom. Here’s the parameters of how Zoom recording/saving works:
People can only save what they can see.
- So when Professor A starts recording the meeting the public chats will be saved since Professor A can see them. If B and C are private chatting the professor cannot see them (that’s why they’re private) so they are not saved by the professor’s recording.
- Suppose student B private chats Professor A about a grade question during the recording. Since Professor A can see that chat it is now saved. So Professor A will want to delete that from the chat file if they are going make the chat available to the class with the recording.
- Suppose student B private chats student C about Professor A. If student C saves their chat they will have saved that private chat.
One thing to keep in mind is that in Zoom a professor is no different than a student in terms of what they can do. Everyone has the same type of account in Zoom’s eyes. The idea of a professor or student is something we’ve constructed that Zoom knows nothing about. So in the above example Professor A could instead be a student hosting a group project meeting for their accounting class.
We’ve been noticing more questions recently about suspicious emails that look like phishing. These days we tend to see more “spear phishing” campaigns. “Spear phishing” is just a way of saying it’s a targeted phishing campaign. People are studying our website to see our organizational structure to figure out who are people in authority. Then they send an email pretending to be that person from a free account they created (not associated with Augsburg or Luther Seminary).
These campaigns try to instill a sense of urgency from a person of authority needing help. These are techniques to try to lure you in and in the end get money from you.
Here’s a recent example:
Notice the carefully crafted signature to make it appear to be from Provost Kaivola. But also notice the email address it is from firstname.lastname@example.org. That is not an institutional email address. That odd email address should be a red flag.
The best course of action is to mark this as spam so Google will be more likely to block it. We see most of these getting blocked as they are becoming very common.
If you did reply they will reply back saying that they are in a meeting and need your help with something important (sense of urgency).
If you reply again they will ask for you to buy a gift card from some online store — we’ve seen iTunes and Steam recently — and they say they’ll reimburse you for it. Again they will say it is urgent. This is a script we’ve seen over and over with these spear phishing campaigns.
What should you do?
- If it seems fishy or odd, it is likely a scam. Mark it as spam so Google will be more likely to block it.
- If you’re truly not sure, contact the person directly by phone or institutional email address to confirm. Do not reply to the suspicious message.