Director's Blog
2008 September

September 29, 2008

New LSCR employees

Filed under: administrative, announcement — Tom Holub @ 5:17 pm

LSCR has hired two new employees this month to fill vacant positions.

Craig Carlson joins us on the “Tilden” desktop support team.  Craig comes to us from UCSF, where he was working as the front-line desktop support person in the Pediatrics department.  (Coincidentally, our open position was created when Mical Wilson took a job at UCSF.  It’s all interconnected.)  Craig will initially be sitting with Mary Wielski in Wheeler Hall, and helping support the Tilden departments in Wheeler, Dwinelle, Barrows, and the PowerBar building, among others.

Ray Spence has joined our Unix team, replacing Julie Ashworth, who took a position at the Helen Wills Neuroscience Institute.  Ray comes to us from LBNL’s NERSC research computing facility, where he was in charge of some of NERSC’s infrastructural Unix systems.  Ray’s primary office will be in Evans Hall with Igor Savine, but he will also have space in Le Conte where he can hold office hours.  Ray’s primary responsibilities will be Unix systems outside the Math department, mostly in Physics and the biological sciences.

September 25, 2008

Network funding model changes

Filed under: administrative, network — Tom Holub @ 2:13 pm

Peggy Huston posted a message today about changes to the campus’ network funding model.  The current model, which is based on a per-month, per-connection charge, has a number of signifcant problems.  The four main issues with the current model are:

  • It fails to accurately track costs.  There are a number of reasons for this, but most importantly, wireless networking isn’t included in the cost model at all.
  • It encourages undesirable behavior.  From a technical perspective, we would recommend that every desktop computer be connected via its own individual wired connection.  The per-port installation and monthly costs of the current model encourage departments to use other connection mechanisms, such as commodity hubs or wireless, which provide poorer service and false economy.
  • It does not include the cost of upgrading legacy networking.  L&S has several buildings which are still using shared 10-megabit networking that was installed in the early 1990s.  The current funding model provides no way to replace those old, slow, unreliable networks.
  • Subsidies are asymmetrical and insufficiently funded.  Each department which existed on June 30, 2000, has a certain number of nodes in its “node bank.”   Some departments are node-rich and others are node-poor, for reasons which are historical rather than .  Newly-created departments have no node bank and thus no subsidy.  But most importantly, the campus has never truly provided enough funding for the node bank, which has forced us to run the network in deficit.

Most universities are moving towards some kind of per-head model for network funding.  Charing by head (or by knowledge worker, or FTE or whatever) is attractive for a number of reasons.  Primarily, FTE models adapt much better to changes in technology; when our current node-based model was developed, it may have made sense given the technology we were using at the time, but now that wireless is a large and growing part of our network costs, our model no longer maps onto our costs.  FTE models can be adjusted and trued up as the technology changes.  Also, FTE models tend to be neutral in terms of their effects on user behavior; they don’t provide incentives to engage in bandit networking.

At this point, it looks like the campus is going to move to an FTE model that will include all staff and faculty FTE.  It appears that students will not be included in the FTE count.

The biggest issues remaining to be discussed are around subsidy; is how much will be involved, and how it will be implemented.  It is clear that L&S departments cannot absorb significant new charges without an offsetting addition of funding; I will continue to advocate on the network funding committee for full subsidy of baseline networking for all faculty and staff.  Cal Moore, as a faculty representative on the same committee, is also looking out for the interests of academic departments.

There should be some interesting discussions over the next few months; I will continue to provide updates as I have new information.

September 23, 2008

Spear phishing

Filed under: tech — Tom Holub @ 4:10 pm

Everyone at Berkeley and at other universities is seeing more messages of this sort:

We are currently carrying-out a mentainace process to your berkeley.edu account, to complete this process you must reply to this email immediately, and enter your User Name here (———-) And Password here(———-)  if you are the rightful owner of this account.
This process we help us to fight against spam mails.Failure to summit your password, will render your email address in-active from our database.

You can also confirm your email address by logging into your account at:https://calmail.berkeley.edu/

NOTE: You will be send a password reset messenge in the 48Hrs working days after undergoing this process for security reasons.
Your response should be sent to admin manager
Email: customer.careservice@live.com

Thank you for using berkeley.edu!
THE BERKELEY.EDU TEAM

As you’re probably aware, this message was not sent by anyone at Berkeley; it is an attempt at “spear phishing”–targeted messages sent to specific populations to attempt to trick them into giving up information they shouldn’t, such as credit card numbers, social security numbers, or account passwords.  In this case, the phisher (who appeared to be located in Singapore) figured out the URL of our webmail interface, and a couple of other details about the campus environment, to try to make the message more convincing.  Usually a few people get caught every time the phishers change tactics.  Typically what they’ll do is use the compromised password to send more phishing messages and a ton of spam.

The setup at Calmail does a pretty good job of blocking these messages, but because the messages keep changing, and can come from anywhere on the planet, there is always a window of vulnerability when the phishers come up with something new.

Remember:

  • Never send your bank account or Social Security number through email
  • System administrators will never ask you for your password through email.  If you get a request for your password, you should know it’s bogus.
  • If you get a questionable message, check out the From: and the Reply-To: addresses.  Phishers will try to disguise the message to make it look like it’s coming from a local person, but if you look closely you’ll see that you’re responding to someone in another country or at a yahoo.com address.

Posts and comments on this blog are the opinions of their authors, and do not necessarily represent the opinions of LSCR, the College of Letters & Science, or the University.