InfobITS Logo ITS - Fall 2006
In This Issue QuickbITS Archives IT Directory Publishing Info
QuickbITS

Added Protection: No Passwords "In the Clear"
by Naomi Okinaga

In our ongoing effort to provide more security online, ITS has implemented and required encryption for all UH passwords on all ITS applications. Data transferred between computers can often be created with programs that provide cryptographic protection for additional security protection (also called encrypted data). If there are no encryption techniques employed, data is often passed "in the clear", "in clear text", or "in plain text."

Applications such as our email client services, Webmail, registration services, and other ITS applications listed at http://www.hawaii.edu/askus/717 are all secure. As a self-check, if you are using web pages with an address starting with "https", not http, or logging into a server with a software program such as SSH (1), and not the basic Telnet (2), your password is being sent with encryption and not subject to being seen with devices that may surreptitiously be on the network and capable of deciphering your password.

Our protection, which requires passwords to be encrypted for all the major ITS applications, insures that use of your UH Username and password in accessing various services that might contain important confidential information are protected against unwanted compromises. From requiring secure server connections via SSH and SFTP (3) to our UH Unix systems and secure login into our mail server implemented in January 2004, to completion of secure SMTP (4) connections for our mail server this past July 2006, we can now say that no passwords are passed in the clear for ITS applications.

As we complete this one important phase of security, we still need to be cautious and vigilant in other areas of security. Standard best practices are still recommended for ensuring no other breach of security. For other recommended acceptable use policies, please refer to the UH Safety Guide.

Footnotes:

  1. SSH (Secure Shell) is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer.
  2. TELNET (TELetype NETwork) is a network protocol used on the Internet or local area network (LAN) connections.
  3. SFTP (SSH File Transfer Protocol) is a network protocol that provides secure file transfer and manipulation functionality over any reliable data stream.
  4. SMTP ( Simple Mail Transfer Protocol) is the de facto standard for email transmissions across the Internet.

Choosing an ITS Supported PDA
by Osamu Makiguchi

The vast array of PDAs (Personal Digital Assistant) found on the electronics store shelves can be confusing to wade through when you are deciding to purchase a new one. UH community members who plan to purchase a PDA that will connect to ITS services should purchase a model supported by ITS.

ITS currently supports PDAs using the Palm OS 4.x /5.x and Windows Mobile 5 (WM5) operating systems (OS). Those not supported include Blackberry devices, Linux-based devices and prior versions of Palm OS and Windows-based PDAs.

All Macintosh and some PC users should select a PDA based on the Palm OS platform since these PDAs come with software that allows you to synchronize your PDA with desktop software provided by the PDA manufacturer called Palm Desktop. ITS will also support Palm OS-based devices synching to Microsoft Outlook since the conduits are provided with the PDA.

PC Users Have a Choice

Microsoft WM5-based PDAs are also an option for PC users. Although there are third party software available to synch WM5 devices to Macintosh software, ITS currently does not support this option. ITS only supports WM5 devices synching with Microsoft Outlook on the PC.

There are several factors to consider when deciding between a Palm OS PDA and a WM5 PDA. First is cost. Palm OS devices range from $99 to $500+ whereas WM5 devices cost $300+. Another consideration is the hardware or physical factor, i.e., size, weight, and the control buttons. Users should test out the ease of use of the PDA at the store as well as determine the size and weight limits you are willing to live with. WM5 devices tend to be heavier and bulkier than some of the Palm OS devices.

Lastly, the OS (software) differences should be evaluated to find one that best fits your tastes. Windows users may be more comfortable with WM5 devices since it uses the familiar Windows motif with the "Start" button. But many people say they prefer the Palm OS because it seems to run programs faster.

In the end, the decision between getting a Palm OS or WM5 device is a personal decision. It is interesting to note that in 2006, Windows based PDAs surpassed the 50% market share mark so WM5 devices are becoming more popular.

Wireless and Phone PDAs

ITS is currently evaluating wireless and Smartphone technologies for the PDA. These technologies will allow UH users to get email and surf the Web. An official ITS supported list of Wireless and Smartphone devices will be provided in a future article.

Where to Get Support

ITS Helpdesk
Phone: (808) 956-8883
Toll Free (neighbor isles): (800) 558-2669
Email: help@hawaii.edu


"File Drop" Added to List of ITS Services
by Naomi Okinaga

As the name implies, "File Drop" is a method of sharing files by "dropping" them into a server. It overcomes typical email file size limits and provides improved security for sensitive information. Faculty and staff have found this to be an easy method for sharing large files among their co-workers and colleagues while collaborating on a project.

The maximum file size allowable using File Drop is set at 100MB. Although many in the community share files as attachments to email, File Drop overcomes the usual email attachment size limits and permits larger files to be shared.

Advantages also include the fact that the files are encrypted for additional security, and the service is flexible to allow UH users to share their files with those not affiliated with UH. (Either the sender or receiver of the files must be affiliated with UH as one of them will be required to use their UH Username and password to authenticate access.)

Please note that:

  • The files are purged automatically after three days.
  • File Drop is a shared UH resource (sharing of non-work related files negatively impacts the server capacity and access for other customers).
  • As always, the sharing of illegal copyright files is governed by the E2.210 policy and users are subject to criminal penalties for any illegal pirating of copyrighted information.

The University of Hawai'i File Drop service is found at http://www.hawaii.edu/filedrop

An archive of Frequently Asked Questions (FAQ) which contains more information is available at: https://www.hawaii.edu/filedrop/help

If you have any questions not found in the FAQs, you may send feedback from a link at the FAQ site, or call the ITS Help Desk at 956-8883 on Oahu or (800) 558-2669 from neighbor islands.


Hard Drive Crashes: The Harsh Reality
by Byron Watanabe

If not disposed of before it happens, every hard drive will eventually fail with what is commonly known as a "hard drive crash." Hard drives contain many mechanical components and moving parts, including a read-write head (similar to an old tape recorder) that floats just above the magnetic storage surface of the disk. The term "hard drive crash" has its roots in the catastrophic occurrence of having the read-write head fall into contact with the storage medium, often damaging both beyond repair.

While laptops are especially susceptible, every hard drive has a limited lifetime. The keys to dealing with this reality are to do what you can to avoid problems, but always prepare for the reality that a hard disk may fail when it is least convenient. The most critical loss in this situation is any data that cannot be recovered and may not have been backed up. The most important point to remember about hard drive crashes is that the damage is best limited by regularly backing up important data.

It is worth noting that not every computer failure is a hard drive crash. If a system won't boot or has problems starting up it may be due to a corrupted Operating System (e.g., Windows) and there may still be ways to recover data stored on the hard drive before fixing the problem.  

The most common way to corrupt Windows is to not properly shutdown the system, typically in a situation of a power failure or a software lockup that requires a powerdown while the system is still running. If there is important data at risk, special recovery software may be used to restart the computer and then move off critical files. Alternatively, a technician may be able to connect the hard drive to another computer and move critical files off the drive.

If an actual hard drive crash occurs then it will be more difficult to retrieve the files and beyond the experience of most users. This kind of hardware failure is often indicated by an error message from the system BIOS (basic input - output system) indicating that it can't find the hard drive within the operating system. Another indication may be noises from the hard drive, such as a clicking sound when the computer is turned on. In this case the computer must be taken to someone equipped to perform disk recovery. This can cost from $200 to $1500, and there are no guarantees that any service will be able to recover all the files since the data may have been damaged irreparably.

The following practices may reduce the chance of hard drive-related problems:

  1. Perform a defragment of your drive at least once a month. This reorganizes data into areas within the drive to make it more accessible. Most operating systems include a defragment program. Instructions for defragmenting a hard drive in Windows XP can be found at: http://www.hawaii.edu/askus/37
  2. Perform a full system scan of every file on the hard drive once a month. Instructions for scanning files can be found at: http://www.hawaii.edu/askus/689
  3. Use reliable anti-virus, anti-spyware and anti-spam protection programs. Keep these tools enabled and download any updates to them as soon as they are available. Information on tools recommended for UH computers is at: http://www.hawaii.edu/askus/593
  4. Routinely delete temporary files to free up space on your drive before it becomes full. One reason a drive may have problems is that it does not have enough storage accessible to open a program. Instructions for deleting temporary Internet files and cookies are available here: http://www.hawaii.edu/askus/688
  5. Exercise caution in downloading; problems are commonly associated with faulty or malicious software downloaded from unknown or untrustworthy sources.
  6. Always ensure that the system is fully shut down before turning off power or unplugging.

    And no matter what else you do:
  7. Back up your important data regularly. As with exercise, it is most important to establish a routine and stick to it. Files can be saved to a rewritable CD/DVD, portable hard drive, or USB flash drive as soon they are closed or a work session is over. Or all document files can be backed up at a regular time each day or at certain times of the week. It is most critical to back up personal files, which may include email, documents, bookmarks and other items that would be difficult or impossible to replace. For best protection from loss of data, backups should be stored in a separate location from the computer itself.

"SpySweeper" Anti-Spyware Offered
by Jocelyn Kasamoto

SpySweeper LogoIn our efforts to improve security for the UH community, ITS has licensed Webroot SpySweeper v5.2 anti-spyware software for Windows 2000/XP. The software is available free of charge for use on UH-owned computers and laptops, including computers in campus computer labs, and may be downloaded by faculty and staff for this purpose.

SpySweeper detects and removes spyware. Spyware describes applications that makes unwanted changes to a computer and silently collects information and sends it away without the user's knowledge. Spyware may arrive on a computer bundled with freeware shareware, through email or instant messenger, as an ActiveX installation, or through the Internet. File-sharing programs that swap music, photos, or other files are a common source of spyware. Spyware generally collects private information which may then be sent to a hacker for malicious purposes, without the user's knowledge or consent.

Spyware is often difficult to detect and remove for the average user. Malicious spyware programs like Trojans, keyloggers and system monitors, are capable of capturing keystrokes, online screenshots, and personally identifiable information like social security numbers, bank account numbers, logins and passwords, or credit card numbers.

Aside from potential identity theft, many spyware programs use up your computer's memory and network bandwidth as it "phones home" to the spyware's home base using your Internet connection. This can lead to sluggish performance and/or system crashes on the spyware-infected computer.

A valid UH Username and password are required to obtain the site licensed SpySweeper software. AND it MUST be downloaded from a UH location, it CANNOT be downloaded from a home computer. Ad-Aware and Spybot are free downloadable anti-spyware programs that ITS has tested and recommend for home computers. For more information on all anti-spyware available through ITS please see the "Anti-Spyware" section of the online document Securing Your Desktop.

The SpySweeper version licensed by ITS is an anti-spyware software only and doesn't include anti-virus. For antivirus software go to the UH Computer Virus and Threat Information page. The licensed version also does not run on Windows servers or 64-bit Windows. SpySweeper v5.3 may be downloaded from the UH Download Page.

Although Webroot specifies 256MB RAM minimum to run SpySweeper, it may slow down your computer with 512MB RAM (runs okay with 1GB RAM). If your computer slows down, you could disable some of the active shields.

Webroot SpySweeper Knowledge Base can be accessed at: http://support.webroot.com/ics/support/default.asp?deptID=776

If you have questions about anti-spyware or anti-virus software, please contact the ITS Help Desk at 956-8883, email help@hawaii.edu or call (800) 558-2669 toll free from the neighbor islands.


Sustainability Initiative: eWaste Disposal Days
by Editor

As new and improved models of computers, cell phones and other electronic devices continues to hit the marketplace so likewise does the need to safely dispose of unwanted equipment. The eWaste Disposal Days program, sponsored by Apple, was a great success.

With participation by the Department of Education (DOE) and Apple, UH facilitated a one-week statewide program October 23 to 27, 2006 during which "ewaste" was collected from University of Hawaii, public and private schools and the general public. Six drop off sites at UH campuses located on the islands of Hawaii (the Big Island), Kauai, Maui, and Oahu were open daily for collection.

The program was a tremendous success with a total of 51 containers (each with a capacity of 2,700 cubic feet per) of equipment collected; this amounts to a total of 1.2 million pounds of eWaste which didn't end up in our local landfills. Instead, it was shipped to centers for disassembly and environmentally safe recycling.

The eWaste Disposal Days was a one-time program, recycling through ITS is no longer available. An archive page for the program containing links to current guidelines and options for recycling of UH equipment can be accessed at: http://www.hawaii.edu/ewaste

A Sustainability Council has been established on the UH Manoa campus to advise on ways that the University can function more sustainably. You can monitor their efforts and events at their web site: http://www.epscor.hawaii.edu:81

Vehicles Lined Up All Week During eWaste Disposal Days

Equipment was Sorted, Stacked, and Palletized

51 Containers Full Were Shipped


Information Technology Services
Maintained by: editor@hawaii.edu

© 2008 University of Hawai'i
Last Updated: January 2008