Posts Tagged ‘Security’

Heartbleed OpenSSL Bug and D-PHYS Services

Friday, April 11th, 2014

On Monday the public was made aware of a severe bug in OpenSSL, a cryptography library which is used as the core of many cryptographically secured IT services. Since the bug was in the Heartbeat extension it has been named “Heartbleed”.

This bug allowed attackers to stealthily access parts of the memory used for cryptographic actions, i.e. it may include digital keys in use on servers or passwords transferred over encrypted connections.

If you used any password-protected D-PHYS web services or the D-PHYS mail server between 12th of December 2013 (or used the BackupPC web-interface since end of 2012) and Tuesday, the 8th of April 2014, there is a very small chance that your D-PHYS password and possibly other transmitted data may have been leaked to an attacker. We currently have no indication that this has actually happened on our servers.

To be safe, you might want to change the password of your D-PHYS account and any other account where the same password is used. See this Heise article for a discussion (in German) about whether you should change your password or not.

(more…)

The End of TWIG Webmail

Tuesday, February 5th, 2013

For the last 4.5 years, our customers could choose from two webmail solutions: Roundcube and TWIG. With the introduction of Roundcube we announced the eventual removal of the old TWIG service which hasn’t been updated in years and poses a serious risk in terms of security and spam distribution. Now the time has come to finally turn it off. All remaining TWIG users: please switch to Roundcube, TWIG will be disabled tomorrow, February 5, 2013.

Temporary SMB access restriction

Wednesday, April 11th, 2012

Last night a security problem was detected in the SMB server software we use for our group and home shares. In order to protect your data and our systems, we

temporarily restrict access to our group and home shares to the ETHZ IP address range

until security updates are available. If you’re outside the ETH network and need to access your data, use VPN. We expect the updates to be released later today or tomorrow and will then go back to world wide access.

Emergency reboot of Ubuntu workstations

Friday, September 17th, 2010

On Friday, September 17, at 22:00,  we will have to extraordinarily reboot our 64-bit Ubuntu workstations in order to deal with a nasty security issue. We’re sorry for the short notice but we’ve been unpleasantly surprised by this just as much as you have. If you’re reading this in time, please save all your data and log out if you can. Please note that also the terminal servers plimpy, plompy, plempy and plumpy (yes I know..) are affected. Thank you.

Linux Kernel Update

Friday, October 23rd, 2009

We installed new linux kernels for our systems and the machines need to be rebooted to run the new kernel. We will reboot the D-PHYS Linux Workstation “plimpy” this evening after 06:00 pm, not all the workstations. Please log out this evening before you go home, save all unsaved work and don’t start any long running jobs.

The terminal server “plimpy” is affected as well, please save all your open documents and log out from your LTSP terminal. Thank you.

Linux kernel local privilege escalation

Tuesday, August 18th, 2009

In case you’ve been wondering about the slightly dubious announcements of the past few days: on Friday (2009/08/14) a local privilege escalation in all Linux kernels of the last 7 years was published, together with an exploit. Unfortunately no patched kernels were available by Friday late afternoon, which put us into an awkward position. Generally it is not our policy to be sneaky about security issues, but in this case we really did not want to attract malicious script kiddies. That’s why we decided to keep our announcements somewhat vague. By now the worst seems to be over and all machines have been rebooted with patched kernels.

We apologize for any confusion or service degradation this episode may have caused on your side.

Linux Kernel Update

Monday, August 17th, 2009

We installed new linux kernels for our systems and the machines need to be rebooted to run the new kernel. We will reboot the D-PHYS Linux Workstations this evening after 08:00 pm. Please log out this evening before you go home, save all unsaved work and don’t start any long running jobs. You may also reboot your workstation yourself earlier.