October 5, 2005
Issue No. 69
Stanford iTunes Launches on Campus
by Victoria Szabo
Last year Stanford joined the Apple Digital Campus Initiative, along with Duke University, the Missouri School of Journalism, the School of Information Sciences and Technology at Penn State University, and the Ohio State University. This core group was formed in collaboration with Apple Computer, Inc. to consider how pervasive technology impacts higher education, and to develop communities of practice around promising methods and tools.
The group made its public debut in a featured session at the National Learning Infrastructure Initiative conference in New Orleans last February, where Stanford was represented by Victoria Szabo, Academic Technology Manager for the Office of the Vice Provost for Undergraduate Education and ATS for the Introduction to the Humanities Program. A podcast for the session is available.
Stanford's Pilot Project and The Courses That Participated
Each charter member of what has since evolved into the Apple Digital Campus Exchange, a growing network of higher education institutions, has developed pilot projects focusing on a different pervasive technology resource. Stanford's pilot project focuses on developing a Stanford-only version of the iTunes Store, Apple's popular download site for digital audio content. Stanford iTunes allows authorized users to upload and manage audio content using Apple's free, cross-platform audio content-management tool, iTunes. Users of Stanford's iTunes launch the iTunes application through a special URL that directs them to the Stanford content after passing through SUNet ID-based authentication.
In the Stanford iTunes system, which is the base for what Apple hopes to develop into a product for broader higher education use, authorized administrators are able to upload and tag content into the appropriate course space through a special administrative interface. In addition to providing metadata related to the content itself, administrators can assign audio files to a tabbed organizational scheme that translates into downloadable playlists. The files, AAC or mp3 files, can then be played back either on a computer or on a portable audio device such as an iPod or other digital audio player.
The Office of University Communications and the Office of the Vice Provost for Undergraduate Education began testing an early version of the tool in Spring 2005, offering both course-related and general interest audio content to the Stanford community. This past spring, four IHUM courses (Myth and Modernity, Literature into Life, Anatomies of Change, and Poetic Justice) experimented with the Stanford iTunes store to distribute course audio. Audio content included music, spoken word recordings of class texts, and faculty lectures. University Communications put up several Presidential lectures and other resources to test out the system, with much more new and archival content in the works.
What's Next
In Fall Quarter 2005, the curricular pilot will expand to include courses in ATS-supported departments and units across campus, as well as special events connected with the Alumni Association and other campus groups. University Communications, Undergraduate Advising and the Center for Teaching and Learning expect to add audio transcripts of one-time events, podcasts of recurring events, and specially-created audio resources in the coming months as well.
In addition to providing additional Stanford-specific content, University Communications also plans to launch a publicly available iTunes space to reach audiences beyond Stanford. In 2006, depending upon the results of the Fall Quarter pilot, the Stanford iTunes team hopes to launch the tool more broadly to the wider campus community.
While the initial pilot version of Stanford iTunes relied on SUNet IDs to control access, the next generation pilot will include finer-grained controls. The CourseWork development team in Academic Computing is working with Apple to make Stanford iTunes accessible via the CourseWork interface. This will allow users who are authorized to see restricted-access content through CourseWork can have their privileges securely passed along to the Stanford iTunes system. It will also enable instructors to provide a wider range of content to their students, and will create an environment where students can safely use a drop-box feature to submit their own audio files to the archive online.
In addition, the Apple engineering team is working on enhancements to the user and administrative interfaces, as well as exploring options for implementing digital rights management tools and seamless linking to purchasable audio content.
Assessment and Results
As the Stanford iTunes team continues to refine and expand the use of the tool, they are also performing assessments of its effectiveness and are actively soliciting feedback on future development. In Winter 2006, Stanford expects to report initial results to the Apple Digital Campus Exchange on its findings on the effectiveness of this tool as a teaching and learning resource and as a means for building a broader campus community.
For More Information
For more information, or to participate in a pilot, please contact Victoria Szabo, vszabo@stanford.edu in VPUE or Scott Stocker, stocker@stanford.edu in University Communications. To visit Stanford iTunes and find out more about the project see:
http://itunes.stanford.edu/
Return to Top
Spyware, Adware, and Being Aware
by Jay Stamps
The news about "spyware" and "adware" is that there's no good news. Certain kinds of spyware are invasive and distracting. Some kinds are nearly impossible to remove without entirely rebuilding your computer, but may be quietly insidious. Some species share all these characteristics.
"Spyware" is a common term, though difficult to define, for a computer program that "spies" on you, typically on behalf of some marketing outfit; it tracks where you travel on the Internet, and, if well designed, it is invisible to you. "Adware" spews advertisements most often in the form of "pop-up windows" in your web browser (such as Internet Explorer), though pop-up ads in themselves do not indicate that your computer is infected with adware, and they appear on many web sites as a matter of course.
There's little you can do to avoid these nuisances if you spend much time on the Internet.
An important defense against malicious software comes in the form of protective software. This defense is available freely to Stanford affiliates at
http://ess.stanford.edu/.
For convenience I use the single term "spyware" to refer to various unsolicited computer programs in most of what follows. I will presently explain the distinction, to the extent that there is one, between "spyware" and "viruses."
Malicious Software
The broadest term is "malicious software": software on your computer that you didn't knowingly or willingly install, or else thoughtlessly installed, or were tricked into installing. This software often serves others' interests without your being aware of the fact. It sometimes affects the proper functioning of your computer and possibly your local computer network, as well as other computers around you.
In the case of spyware, you most often will have "signed" an "End User License Agreement" (EULA) that you didn't carefully read, in order to download and install a program that's "cute" or ostensibly useful. You may have just visited a web site. That's sometimes all it takes.
The distinction between viruses or worms, so-called, and spyware is largely artificial. The principal difference is that the former are usually contagious (i.e., they're built to be spread unwittingly by their carriers, usually Windows PCs these days), while the latter is usually, if not always, picked up during intentional encounters and held close.
It's not to be assumed these close encounters are of an illicit sort: The Internet is a jungle, to be sure, and it provides a home to lots of friendly animals. One may nonetheless pick up an instance of spyware merely by visiting a favorite web site.
At present spyware targets Windows PCs much more than Macintosh computers or machines running other operating systems such as Linux. Some spyware may prevent you from getting your work done, especially if you depend on a web browser like Internet Explorer to do your work. But no web browser is, in principle, immune.
And spyware is "legal" in most circumstances (so far), while the relevant authorities will try to hunt down and prosecute virus and worm authors. The game is constantly changing, though. Spyware providers may well eventually design their products to spread themselves as efficiently as certain viruses or worms. There may eventually be laws regulating spyware in a meaningful way.
What to Do about Spyware
An important defense against malicious software comes in the form of protective software. This defense is available freely to Stanford affiliates at http://ess.stanford.edu/. Stanford has paid to hire these sentries for you.
- Symantec AntiVirus for the PC and Norton AntiVirus for the Mac.
- SpySweeper for the PC. Other anti-spyware tools that are helpful in prevention and removal are also freely available on the Internet. See "Additional Reading and Resources" at the end of this article for several that are pretty good, and safe to use.
But you still have your own obligations, especially if you use a Windows PC. The best advice to protect yourself from spyware and adware annoyance and invasion is:
- Think twice before visiting web sites with free software that you can download, or web sites that you wouldn't want your children to visit, or web sites that you don't need to visit.
- Don't download and install too much free software - or even "shareware" - unless you're pretty sure you know what you're doing, or are following reliable advice. Install only the software you really need.
- Keep your preferred web browser current and up-to-date. At this time, Internet Explorer is of particular concern, and you may keep it updated using BigFix or the Windows Automatic Updates service, preferably both.
The old saying that an ounce of prevention is worth a pound of cure is apposite: If you can avoid your computer's becoming infected with spyware, then avoidance is the course to take, to the extent possible.
Please know that no one responsible for Stanford's networking infrastructure is paying attention to your computer, unless it's creating problems on the network. You simply have a job to do, and those who provide networking services only want you to get your job done. Just play it safe for your own sake, the sake of those who share your local network, and that of the technical people who support you.
What Spyware Can Do to You
Spyware can be very obtrusive - even destructive - in its behavior: most spectacularly in the case of "browser hijacking". "Browser hijacking" is analogous to your being taken to a vacation resort not of your choosing, but based on your transient visits to one or another Internet site. You no longer control where your web browser takes you and you may not be able to get your work done. But the story gets worse.
Certain spyware can even grab encrypted information from secure web sessions, including financial transactions. Be especially cautious when an online service offers a deal that seems too good to be true, such as "faster connections" using your existing Internet Service Provider, merely by virtue of installing some additional software. Such services may be snooping on your secure connections on behalf of their corporate clients. Please see "Additional Reading and Resources (Security Violations)" at the end of this article for more information.
HTTP Cookies
And finally, "HTTP Cookies," the same technique that allows Amazon.com to recognize you each time you visit, also may permit marketing agencies and their clients to track your web-browsing habits. You might or might not care that someone is trying to understand your browsing habits, but be aware that someone almost certainly is.
So I must quickly explain "cookies," which are not software applications, and are therefore not technically spyware. The name is strange, and it has a history; you'll find further reading in "Additional Reading and Resources" at the end of this article. Cookies are saved to a file on your computer, are generated by a web server, allow that web server (possibly along with other web servers) to identify you when you visit certain web sites, and more. Cookies aren't necessarily bad. That Amazon.com, among many other web sites, identifies you when you visit is convenient. Cookies can be handy when used as intended. But they can be used to "spy" on you as well, as can many other modern technologies.
Most anti-spyware programs look for certain kinds of HTTP cookies, and will offer to remove them. Removing them may sometimes cause problems, so pay attention when Spy Sweeper, for example, gives you the option to delete a cookie. And cookies, since they're not programs, can't do anything actively malicious on their own.
Where to Go for Help
If your web browser is misbehaving, your computer may well be infected with spyware. You can call 725-HELP , use HelpSU or call your local technical support staff for assistance. You're not alone. But please do what you can to avoid having to call for such help by following the advice I've offered.
Additional Reading and Resources
The following links offer additional reading and resources:
Spyware
HTTP Cookies
Security Violations
Free Anti-Spyware Utilities:
Spy Sweeper
Ad-Aware
Spybot-S&D
HijackThis (for more experienced computer users)
Return to Top
New IT Self Help Web Site
by Kim Siedler
As the Stanford community becomes more and more savvy about using technical resources, ITSS has answered the call to build a Self-Service Website to help you gain technical information quickly and easily without having to wait for on-site or phone assistance:
http://ithelp.stanford.edu/
The new site contains links to answers for some of the most commonly asked questions about computing and related services at Stanford. The easy-to-use site contains six self-help menus, where you will find links to information about connecting to the Internet, wireless access, getting a SUNet ID or changing a password, purchasing a computer or obtaining software, signing up for phone service, computer security, and more. You'll also find links to information about some of the most commonly used online applications at Stanford, such as Axess, Oracle, and Kronos.
Consult the Top Ten Help Issues page, updated monthly. Chances are good that you may just find the answer to that question that everyone has been asking. And if you have a question about a service outage, be sure to check both the Hot News and the Scheduled Outages sections.
To take advantage of this convenient resource, you are invited to visit http://ithelp.stanford.edu/.
Return to Top
How to Fight Spam
by Casey Chen
If you regularly open your inbox to find that the majority of new mail is spam, you are not alone. This article describes some easy ways to reduce the spam in your life. You can find information about implementing one or more of these options at ITSS' Anti-Spam site:
http://www.stanford.edu/services/email/antispam/
- ITSS' Spam Deletion Tool is the most effective way to kill spam. It catches and discards spam before it enters your Inbox, and it's quick and easy to use.
- Create a filter in your email program (e.g., Eudora) that will put the spam in a Trash or "Antispam" folder instead of your Inbox. You can find instructions for creating these filters for many popular email programs (including Eudora, Outlook, and Procmail for Unix) at ITSS's Anti-Spam site.
- ITSS' Anti-Spam Filter identifies incoming spam and tags it. The Spam Deletion Tool and Email filtering systems can't work without it. Take a look at the Spam Filtering page on ITSS' Anti-Spam site to learn how the system determines what qualifies as spam and what does not. It will help you understand how best to use the other options.
If you have questions about spam or how to get rid of it, you can also submit a HelpSU request, at http://helpsu.stanford.edu/, or you may call the Stanford IT Help Desk at 725-HELP (725-4357).
Return to Top
"Tricks" and "Treats" at the IT Open House
by Nuriya Janss
Whether you find technology scary or fun, you'll be sure to enjoy all there is to see and learn at this year's Information Technology Open House on Thursday, October 27, 10:00 a.m. to 2:00 p.m., in Meyer and Green Libraries. Last year's Halloween theme was so popular with faculty, staff, and students that we're doing it again-so mark your calendars and get your costumes ready!
This year's event will be bigger and better than ever, as it combines the annual Open House with the Campus Wide Agreement Show. In joining ITSS and Stanford University Libraries & Academic Information Resources (SULAIR) as an open house sponsor, CWA brings more than 15 vendors, who will be on hand to show their latest products. ITSS and SULAIR gather representatives from over 30 campus-wide technology services groups to provide information and advice about Stanford's rich technology resources. See also SULAIR Resources on Display at the IT Open House in this issue.
The IT Open House offers a unique opportunity to "one-stop-shop" for information on:
- Purchasing computer equipment and software through Stanford programs;
- Connecting to SUNet from home;
- Protecting computers from viruses and spyware;
- Taking advantage of library resources and services;
- Using technology in the classroom: programs to help in teaching, course software, data collections available for research and instruction; and
- Much more!
And where else can you find a group of wizards just waiting for your hardest tech questions? Bring your tech conundrums to ITSS's "Quiz the Wizard" panel.
Come for the educational value and stay for the fun. There will be plenty of both, with refreshments, raffles, and gifts as well.
Check the web page for details:
http://itopenhouse.stanford.edu/
Return to Top
Stanford's Redesigned Computing and Communication Web Site
by Dave Ream
Over the summer, ITSS and SULAIR made substantial changes and improvements to the Stanford web's Computing and Communication pages. You can find the site by selecting "computing" from the Administration, Faculty, or Staff & Employment menus on the Stanford home page or by going directly to:
http://computing.stanford.edu/
The site, often referred to as "CompComm," is the central source for links to service information, help resources, and ordering tools for all things "IT" at Stanford.
The update changed the visual design to look more like Stanford's top level web pages and introduced a few major improvements to the site's usefulness.
Menu-Based Navigation
When you visit computing.stanford.edu, you are now presented with menus that link you directly to the source you need, whether it's an information page, a download site, or an online help or ordering resource. No more having to link to -- and read through -- a bunch of "getting started" summary pages on your way to the information you really want.
Improved A-to-Z Services List
The last time the Computing and Communication site was updated, ITSS and SULAIR added a multi-page, alphabetical catalog of technology services that included descriptions and links to provider web sites. This time, in addition to auditing and updating that list from top to bottom, the site's designers have consolidated the catalog onto a single, searchable page. They also added a links-only version of the list to the top page, providing single-click access to service information for those who don't need to scroll through descriptions to get what they need.
Google-based Search Utility
The site now utilizes Stanford's central, Google-based tool for searches. The central search utility provides more comprehensive, intuitively accurate results than those delivered by the previous custom-built, CompComm-only search utility and database.
Please send comments and suggestions about the updated site to compcomm-team@lists.stanford.edu/.
Return to Top
Find It @ Stanford and Google Scholar Search Result Integration
By Paul Zarins
Collaboration between SULAIR and Google has produced improved integration between Google Scholar and Stanford's "Find it @ Stanford" link resolver. Most notably, Google Scholar search results show, when appropriate, a "Find it @ Stanford" link leading to a Stanford menu of options for full-text and other services for the desired resource. See also Use Google to Search Project MUSE in this issue.
Google Scholar offers the ability "to search specifically for scholarly literature, including peer-reviewed papers, theses, books, preprints, abstracts and technical reports from all broad areas of research." Recently, Google began offering the option for "on-campus users ... [to] see additional links in Google Scholar search results which facilitate access to their library's resources. These links lead to the library's servers which, in turn, direct them to the full-text of the article."
If you are connected from a Stanford IP address, this added functionality is activated automatically. Google Scholar also offers a Preferences page on which a researcher can set or change the institutions covered. If you search for "institution = Stanford" in the Preferences, you will find two choices available: Stanford University (Find it @ Stanford) and Stanford University Medical Center (Find it @ Stanford Med). While the underlying SFX link resolver software is the same, the separate installations at SULAIR and Lane Medical Library present different linking and service options.
In many cases, the availability of full-text is provided through paid Stanford subscriptions. Thus, non-Stanford persons using Google Scholar, even with a Stanford setting, will not be able to reach such resources.
Try these searches via Google Scholar for a first look at the service:
- einstein
- Arabidopsis
- "smaller class size" (in quotes)
Return to Top
New SULAIR Digital Web Sites
by Stuart Snydman
The Stanford University Libraries and Academic Information Resources (SULAIR) has an ongoing program to produce and acquire digital library collections. SULAIR's newly formed Digital Services Group manages a variety of digitization labs, including the Robotic Book Scanning Lab, featuring the first fully automated page-turning and book scanning device in the world. In these labs, SULAIR develops online resources of digitized books, journals, photographs, maps, manuscripts, and audio and visual materials. Digitizing materials provides enhanced access to existing collections, and can serve as a way to acquire new collections using innovative digitizing technologies.
The following is a sample of collections recently made available online:
- The GATT Digital Library: This site provides access to documents and information of and about the General Agreement on Tariffs and Trade (GATT), an organization that promoted international commerce and the reduction of trade barriers among member states from 1947-1994. Over 30,000 public documents and 300 publications of the GATT are accessible from this site, a digital library created in a partnership between (SULAIR) and the World Trade Organization (WTO).
- Stanford University Publications: This site provides online access to selected catalogs and administrative publications of Stanford University published between 1891 and 2001. (Publications from other universities are also available.)
- Survey of Race Relations: This site provides access to digital copies of all items in the Survey of Race Relations collection held at the Hoover Institution Archives at Stanford University. The survey contains documents and papers related to an investigation conducted in the early 1920's of economic, religious, educational, civic, biological, and social conditions among Chinese, Japanese, and other non-European residents of the Pacific Coast of the United States and Canada.
- Medieval and Modern Thought Text Digitization Project: This collection includes reference works, source collections, and primary and secondary books in the broad area of medieval and modern thought.
Links to these and other collections can be found at a new portal for collections digitized by SULAIR:
http://collections.stanford.edu/
Check back frequently, as new content will be added often.
Return to Top
What's New for Stanford Grokker
by Chris Bourg
Last fall, Stanford University Libraries and Academic Information Resources (SULAIR) teamed with Groxis to provide Stanford Grokker to the entire Stanford community. Stanford Grokker is an innovative research and information management tool that simultaneously searches many data sources, and presents results in a topically organized visual map. Grokker has been downloaded almost 3000 times since last year and the response has been very positive. Whether you're new to grokking, or have been using Grokker for some time, this coming year will bring big changes in the way you conduct your research.
Grok: verb, from Robert A. Heinlein's 1961 Science Fiction classic, Stranger in a Strange Land, a Martian word meaning literally "to drink" and metaphorically "to be one with." To grok is to understand something so deeply that it is fully absorbed into oneself. By making discoveries and seeing how information is related, grokkers obtain a profound understanding of the world. You grok?
What Does Stanford Grokker Offer?
Stanford Grokker provides a single point of access to Socrates, HighWire Press, Expanded Academic ASAP, Academic Search Premier, the Library of Congress, the RLG Union Catalog, and the web. Grokker presents results from these sources in a topically organized visual map, rather than in the long list of results typically provided by most search engines. Grokker's innovative mapping enables users to quickly identify and save relevant and valuable information, and to discover relationships among results.
SULAIR and Groxis continue to work together to add new features to Grokker and to expand the number of research sources that you can access with Grokker. JSTOR, a full-text electronic journal archive, is coming this fall. Also coming soon is a new version of Grokker, a web-based application that is accessible from anywhere. (Grokker is currently a desktop application that you download to use.) Visit http://www.grokker.com to preview Grokker's capabilities on the web.
When Should I Grok Instead of Search?
Use Grokker when you want to immerse yourself in information about a subject. Think of Grokker as a powerful research tool that complements search engines, making search results easier to manage and ultimately more useful. A search engine alone is great when you know exactly what you are looking for, but is less effective when you need to search for information in the process of researching and exploring a topic. When you don't necessarily know what you are looking for and you want to go beyond the obvious to explore and discover, an unending, unorganized list of results falls short and Grokker's visually organized approach works best.
Getting Grokker
Stanford Grokker is available now in the residence clusters and on computers in Green and Meyer Libraries. Stanford faculty, staff and students can download Stanford Grokker to their personal computers at http://grokker.stanford.edu/.
The Stanford Grokker team wants to hear feedback on how we can continue to improve Grokker. Please send comments and suggestions to support_stanford@groxis.com/.
To see how Grokker can help you discover relationships among topics - and to have a little bit of fun - visit the Grokker puzzle page at http://www.yougrok.com/.
Return to Top
ReportMart3 Brings Welcome Improvements to Financial Reporting at Stanford
by Suzanne Schiessler
ReportMart3 is Stanford's new reporting interface to Oracle financial data, replacing ReportMart2. Faculty and staff across the campus are using ReportMart3 expenditure, revenue, and fund balance reports to help them manage budgets and determine just how much money they have to spend.
ReportMart3 was implemented on June 27, 2005 as one of many steps being taken to improve overall financial reporting capabilities at Stanford. Feedback from users has been positive.
New Features
New features and improvements include:
- more intuitive screens and navigation paths.
- report organization by categories (i.e., Expenditures, Revenue and Fund Balance, Labor Distribution, etc.).
- new uniform report names, including unique identification numbers.
- a "My ReportMart" feature which allows users to save frequently used reports to a favorites list for quick and easy access.
- improved report run time for many reports.
- immediate access to all documents and tabs upon report completion. Specific tabs can then be selected for viewing, printing and exporting to Excel.
- simplified download process for Mac users. Only one PDF download with all tabs rather than dealing with multiple PDF documents with similar names.
- visibility of reports offline for maintenance or repair with projected return status.
- integrated report help information (i.e., report instructions, example report criteria screen prompts, and sample report output).
- uniform wildcard searches using the % sign.
Accessing ReportMart3
Unlike its predecessor ReportMart2, ReportMart3 requires that access be granted to users. If you were an authorized user of ReportMart2, you were automatically granted authority to access ReportMart3. If you are a new user, you can request access to ReportMart3 by first submitting a HelpSU ticket. Then follow-up with your manager to be granted the appropriate authority using Stanford's Authority Manager web application.
To log into ReportMart3, type ReportMart3 in your Internet browser. An active link is also available on SUPAD. All previous ReportMart2 links will redirect users to ReportMart3.
Available Help Resources
To keep up with the latest information on reporting, subscribe to ReportSU-finance@lists . Drop in labs are offered on Fridays from 9 a.m. to noon in the Encina Modular B ITSS Instructional Lab C located at 427 Arguello Way (just west of Encina Hall). The labs are staffed with experts to help you with your reporting needs. Or you can contact HelpSU. When submitting an online ticket for help with reports, select the Administrative Applications Request Category and ReportMart3 Request Type.
For the latest information on ReportMart3 including training, helpful job aides and resources, go to the Oracle Financials web site, Reporting Training and Job Aids page located at:
http://www.stanford.edu/services/oracle/reporting/training.html
Return to Top
Kronos Time and Leave System Upgraded
by Valerie Beeman
The University-wide system for time and leave reporting, Kronos, was upgraded to a new version on August 1. Approximately 950 administrative users and 12,000 employees use Kronos for time and leave entries. With the upgrade, Kronos moved to being available through Axess, on the Employee Information Tab in a new section called Time and Leave Reporting.
Significant user interface gains are evident in the new version, such as easy navigation, pull-down menus and pick lists to make selections, and printing using just the browser's print icon.
With the new version, all users see the same online Timecard, which was not the case with the previous version. Another particularly important new feature is the ability for over 2,000 employees to use Kronos who have not been able to use the system previously (due to having more than one job or charging more than one account). In the past, these employees had to submit paper timesheets, making it difficult for the University to provide accurate time reports in compliance with state and federal regulations.
End user training materials, including online tutorials, step-by-step instructions, and many other useful reference tools are on the Payroll Office site:
http://kronostraining.stanford.edu/
Return to Top
ITSS Client Services Reviews Held throughout the Year
by Teresa Janeway
The Marketing team in ITSS Client Support is dedicated to giving the Stanford community a thorough non-technical analysis and benefits explanation of services provided by ITSS. Services
Reviews are held periodically throughout the year with an emphasis on clear and concise delivery of IT services that are designed for staff of all levels of technical experience and knowledge.
University Medical Center
This year, a special review was held for our colleagues at the University Medical Center that focused on services available specifically for the hospital. Many services offered to campus are not available to the hospital because of their separate reporting, organizational, and policy structure. The review was held in February 2005, at the Clark Center and showcased the benefits of having SUNet ID's, the use of Biblesheets (building diagrams for telecommunications), the SpectraLink phones, and uses for their Campus Card.
All Stanford Staff
In April, the team held the first of three general session reviews for all Stanford staff at the Clark Center Auditorium. The April review included sessions on BigFix Patch Management (computer security), ChaMP (hardware maintenance), Software Licensing (software products and purchases), and ESS (Essential Stanford Software).
The July Services Review was moved to Tresidder Union based on feedback received, to be closer to the center of campus for more staff to have the opportunity to participate. Topics reviewed included the Registry, Windows Infrastructure (Active Directory) service, benefits of using Stanford DSL, and the Sundial Calendar.
In August, once again at Tresidder, the team focused on how departments can get help with IT services with Computer Resource Consulting, the Help Desk services, Net-to-Jack Service for networking reliability, and the new IT Self Help website. All staff and faculty are welcome to attend the general overview technology sessions.
For More Information
More information on the latest review can be found at:
http://servicesreview.stanford.edu/
Return to Top
New Student Telecom Fee and Telephone Service
by Nancy Ansaldo
Effective Fall 2005, there is a new Telecom Fee that will be included with all student housing bills. This fee ($48 per quarter) includes an in-room network connection with multiple IP addresses. A small portion of that fee ($5 per quarter) will be for basic phone service with call-waiting. See also New Telecommunications Fee for Students in the April 2005 issue of this publication.
Student Telecom Changes
Over the summer, a basic phone was installed in every residence. Along with these installations, student phone service offerings at Stanford will also be changing. As of September 1, all student phones installed will include basic local dialing (on-campus and a twelve mile calling radius) with call-waiting. There is no need to sign up for basic phone service as it will already be active in the rooms. Students may also opt to sign up for an additional basic line in their unit for a one-time installation fee. Additionally, an optional Feature Package with Voice Mail and Caller ID is available for a fee.
Line billing, which has been available to graduate student housing only, will be discontinued and all students will need to use a Personal Billing Number (PBN) or calling card to place long distance calls from campus. Students can submit an order for the optional feature package as well as a PBN through Axess.
The in-room network connection with multiple IP addresses is also active in the rooms. Students just have to register their computers through Axess.
Summary of Basic Service
- One wall mounted telephone in every student living unit;
- Ability to receive incoming calls and place outgoing calls;
- Free 12 mile calling radius from campus (Palo Alto, Mt. View, Menlo Park, Atherton, Redwood City);
- Call Waiting;
- Access the phone number by calling 7-CALL or 7-2255; and
- Line blocking (no outbound Caller-ID). Dial
- 82 at the beginning of the call in order to send the Caller ID for that one call
- Optional feature package is available (Voicemail & Caller-ID).
For More Information
For more information regarding the Telecom Fee please visit:
http://rescomp.stanford.edu/
For more information regarding the new phone service, visit:
http://studentphones.stanford.edu/
Return to Top
Scholarly Communication and Scholarly Publishing Issues Web Site Launched
by Grace Baysinger
High journal prices, consolidation within the publishing industry, the devaluation of the dollar, and the digitization and resale of older content continue to stretch and stress the Stanford Libraries' collection budgets. Access and preservation of digital content are other areas that include opportunities and challenges as libraries at Stanford work to build and maintain collections for long-term access for students, faculty, and staff.
Scholarly communication and scholarly publishing issues affect all of us. A web page has been created to help you learn more about these issues, what is happening on campus, what Stanford authors should consider before signing away copyright ownership, and what is happening elsewhere. The "Scholarly Communication and Scholarly Publishing Issues" web page is at:
http://library.stanford.edu/scholarly_com/
This site includes links to a wide variety of information, including a profile of journals and journal packages that cost $1,000 or more dollars a year in the Stanford University Libraries. We invite you to become familiar with the content on this site and to help develop strategies for dealing with them.
Return to Top
SULAIR Resources on Display at the IT Open House
by Eleanor Brown
This year's Information Technology Open House is on Thursday, October 27, 10:00 a.m. to 2:00 p.m., in Meyer and Green Libraries. Stanford University Libraries and Academic Information Resources' (SULAIR) services and resources will be on display in Green Library (at the entrance by the red fountain, directly across from Meyer Library).
Cecil H. Green Library, East Entrance
Stop by Green Library on October 27 to learn more about:
Added attractions include tours of Green Library led by University Librarian, Michael Keller and raffles for prizes that include an iPod shuffle, signed books by Stanford authors, and more.
For more information about the many other resources and services that you can explore at the IT Open House, see "Tricks" and "Treats" at the IT Open House in this issue or the web at:
http://itopenhouse.stanford.edu/
Return to Top
Essential Stanford Software Updates
by Tom Goodrich
For readers new to Stanford, Essential Stanford Software (ESS) is a collection of applications -- some free, others licensed by the University -- that help faculty, staff and students accomplish day-to-day tasks and keep their computers secure.
New students should have received a CD with a set of ESS software, but the latest versions are always available on the web at:
http://ess.stanford.edu/
There have been some recent changes and additions to the ESS site:
- Eudora 6.2.3 is now available for both Mac and Windows. This version fixes a number of problems, mostly related to IMAP.
- SecureFX 3.0.1 and SecureCRT 5.0.1(file transfer software) are now available on ESS for Windows. SecureFX has much improved drag-and-drop capabilities. If you use both applications, you can integrate the session files and just have one for both. Please read the configuration instructions for details.
- Fetch (version 5.0.2) has replaced MacSFTP as our recommended secure FTP application for Macintosh OS X. ITSS polled the local support community over the summer and the overwhelming response was in favor of making this switch. For those who prefer to use MacSFTP, since the license is valid through the end of the academic year, ITSS will still keep it on ESS. However, to avoid confusion, they've moved it to the "Previous Software Versions", under the "Resources" category.
- As of this writing, the version of Symantec AntiVirus (for Windows) is still 9.0.3. Version 10 was released by Symantec, but its startup scan uses an inordinate amount of system resources and many users reported extreme slowness until the scan was completed. Version 10.0.1 was subsequently released to remedy this, but Symantec has acknowledged that startup scans under this version do not run. As soon as a version fixing these problems has been released and tested, ITSS will place it on ESS and notify the support community.
- Adobe has released Acrobat Reader 7.0.3, which addresses security holes in previous versions of 7.x. However, there is no stand-alone installer for 7.0.3, so please encourage those whose computers you support to run the "Check for updates now" from the Help menu in Acrobat Reader.
Please note that ESS is far from the only software available for your use while you're at Stanford. Check out the Software Licensing site as well at http://www.stanford.edu/services/softwarelic/.
If you have questions about ESS applications, please submit a HelpSU request.
Return to Top
Keeping Your Mobile Data Safe
by Richard Steinberger
Almost all of us use at least one Mobile Computing Device (MCD), and many people use more than one. MCDs include laptop computers, Portable Digital Assistants (PDAs: Palm Pilots, Pocket PCs) Smart phones, USB flash memory, iPods and other devices that can sync with and/or store data from personal computers. In many respects, these devices have made our lives much easier.
We can easily carry much of our data and computing capabilities with us. But all this convenience and portability often involves risks we may not have considered.
The Risks of Mobile Computing
MCDs contain "lots" of memory (often several gigabytes or more) and they are highly portable and frequently unprotected. In other words, they are relatively easy to steal or lose, and, unless precautionary measures are taken, an unauthorized person can gain access to all the information that is stored on them. You don't even need to have your device lost or stolen for an intruder to access it. An unauthorized person can quickly and silently copy the data from an unprotected device left in an office or a hotel room. A network intruder could silently invade and steal, expose, or damage data and/or interfere with the operating system. The result can be a crippled device, one infected with a virus, and/or a device whose data has been invisibly downloaded by an intruder. In the worse case, an intruder can install a spyware program that surreptitiously captures the owner's keystrokes (e.g., credit card numbers, passwords) and other sensitive information.
What's on Your Mobile Computing Device
The risks of using a MCD are dependent on what kinds of data are stored on them. If a device contains Category A data (the highest, most sensitive data) and that device is lost or stolen and/or if the confidential data is publicly exposed, the legal and financial consequences can be quite significant. (See Stanford data classification information, including what consists of Category A data. (The cost of replacing the device itself may not be inconsequential either.)
Therefore, the most important question becomes, "What data is stored on your Mobile Computing Device?" Confidential financial information? Account names and passwords? Social Security and/or credit card numbers? Unpublished research drafts? Sponsor names and contract details? Proprietary designs or undisclosed inventions? Personal Health Information? Benefactor names? Course grade reports? Staff member reviews? Personal contact names and phone numbers? Decryption keys or passphrases?
If you're storing any of this information on your MCDs, you should reevaluate whether this is a business requirement or merely a convenience. If you absolutely need to carry confidential data on a portable device, the rest of this article will help you protect it.
The Critical Questions
The critical questions that you, as a mobile device user, need to ask are: What would happen if an unauthorized person gained control of this? What if the device data were lost, altered, stolen, or publicly exposed?
While it can be difficult to know the exact consequences of a future loss or theft, it's pretty safe to assume that if confidential data (especially Category A data) were stored on the device, an internal investigation would need to occur. In addition, Stanford may be required to contact each individual person whose personal data was lost or disclosed, and to contact law enforcement agencies. Stanford may be also exposed to legal action. These consequences can make dealing with the pain of a lost or stolen device seem especially severe.
Best Practices
The good news is that there are some relatively simple best practices that can help you minimize these risks. The following best practices, which are relatively inexpensive and easy to implement and use, can help you better protect data that is stored on MCDs.
- If the device is a laptop computer, keep the patches up to date. This reduces the possibility that a system can be compromised by an attacker, or some kind of malware (computer virus, worm or Trojan horse program). Stanford provides an automated patch update service for Microsoft Windows computers, called BigFix. PC users should download the BigFix client from: http://www.stanford.edu/dept/itss/ess/pc/index.html. In addition, most vendors (e.g., Microsoft, Apple, Red Hat) provide simple notification and update procedures.
- Use a password to lock the system. The system should require that a password be provided when you log in, or when the system is accessed after a period of inactivity (e.g., 15 minutes). Enable the password locking feature of the screensaver on laptops and PDAs and choose a strong password, appropriate for the device (i.e., a PC should have a stronger password than a smart phone). Note: A password is not guaranteed to stop a determined attacker from gaining access. But it will make it more difficult (i.e., it will require a level of skill that many intruders will simply not have).
- Use locking devices on portable computers. A laptop computer should always be locked to a large heavy object when it's not being transported or otherwise protected. Locking cables that fit most computers are usually available for under $30. Some Stanford departments may provide these to staff on request.
- Use a "personal firewall" on computers. A personal firewall is a complex but inexpensive program that can be installed on PC or Mac systems. (Unix/Linux systems also generally include some firewall capabilities.) Both Microsoft and Apple provide simple firewalls on their latest operating systems.
Windows XP SP2 automatically enables the firewall. Windows XP SP2 users may access the firewall in the Control Panel item, Security Center. Mac OS X users may access and enable the firewall by opening the System Preferences menu and selecting the "Sharing" item, then clicking on the Firewall tab.
Users of older versions of Windows, Mac, and Linux users should consult with HelpSU staff for details on setting up vendor-provided firewalls. Several third party vendors (e.g., Symantec, Zone Labs, Sygate) also provide easy-to-configure free and inexpensive firewalls. Use of a personal firewall is strongly recommended. It will effectively defend a computer from many of the most pervasive and dangerous network attacks.
- When using wireless connectivity features (e.g., 802.11, Bluetooth) make sure the device's security settings are set "as strong as possible". Even though the state of wireless security has improved significantly in the last few years, it is recommended that this technology still be regarded with suspicion. Thus, never send or receive sensitive data over a wireless link unless another more secure end-to-end encryption technology is also being used. Examples of more secure technology include: SSL, SSH, and VPNs. All modern web browsers support SSL. Macs include some SSH tools. More SSH tools for Macs and PCs are available at the Stanford Essential Software site.
- The most reliable way to prevent people from viewing confidential data is to encrypt it. If your devices store Category A data, you need to make sure that this data is encrypted. The two basic approaches are: 1) to encrypt individual files and/or folders that contain confidential information, or 2) to encrypt the entire disk or device. Each of these approaches has some advantages and disadvantages.
The main advantage to approach (1) is that it's relatively easy and straightforward. Microsoft and Apple provide OS-level support for this and several third-party vendors do as well. Third-parties also provide encryption software for Palm and Pocket PC devices.
The main disadvantage to approach (1) is that it can require some discipline to ensure that all confidential data is created and stored only in encrypted locations (including when it is backed up).
Full disk encryption can be more complicated to set up and generally requires a third-party solution. Stanford is investigating some of these approaches. In the meantime, most users should use vendor-provided file/folder encryption. See Appendix 1 in this article for details. More technical users may wish to try some of the products listed in Appendix 2.
Keep in Mind
- All the encryption in the world won't help if your laptop briefcase gets stolen and it contains plain text (unencrypted) copies of confidential data on CDs or hardcopy.
- Locking devices are useless when mobile computers aren't actually locked to them.
- The strongest password is almost useless when it is written down next to the computer.
- All encrypted data can be permanently lost if you lose its key (or passphrase). Decryption keys locked in safes, safety deposit boxes, or otherwise stored (escrowed) in a safe location can help prevent a data loss catastrophe.
- Mobile device users should never download free software from the Internet without a high level of assurance that the product is safe, i.e., that it contains no adware, no spyware, no Trojans, viruses or worms.
What to Do If "The Worst" Happens
If any device containing Category A data is lost, stolen or appears to have been accessed without permission, report this to appropriate University staff. It's important to do this, even if the equipment is not University-issued, because it allows Stanford to comply with applicable state, federal and international laws.
Appendix 1: Setting Up Vendor Encryption on PCs and Macs
Folder encryption on PCs will encrypt a selected folder, including all its files and (optionally) all sub-folders. This capability is only available on Windows XP Professional with an NTFS filesystem.
To enable folder encryption on a PC, right click on the folder you want to enable for encryption and select Properties. In the General tab, click Advanced. Under "Compress or Encrypt attributes", select "Encrypt contents to secure data" and click OK. Click OK a second time and you will see a dialog box that reads, "Confirm attribute changes". Select "Apply changes to this folder, subfolders and files" and click OK.
If you have a PC that does not run Windows XP Professional, you may want to consider some of the free or commercial encryption alternatives listed in Appendix 2.
To enable encryption for a Mac running OS X, start the System Preferences application and select Security. If you haven't set a Master Password, select that option and choose a password that you will not forget (and/or have stored in a safe place, e.g., locked drawer). Next select "Turn on FileVault..." This will result in all of your user files being encrypted. Your user files are all those in your home directory (generally /Users/your_login_name) and below. FileVault does not allow you to encrypt arbitrary folders that are not in your user space. Therefore, all confidential data needs to remain in your "user area".
Appendix 2: Commercial Encryption Tools for PCs and Macs
Some of these products may be worth exploring if the vendor-provided encryption is not available on your system, or if you want a more flexible alternative.
- PGP desktop - for Macs and PCs
- Truecrypt - whole disk, device or file/folder encryption for PCs.
- SecureDoc - for PCs and Pocket PCs
- PointSec - for PCc, Pocket PCs, Palms, and Smart phones
- DESlock+ - for PCs
Return to Top
