Microsoft stopped maintaining the 13-year-old operating system software on April 8, 2014.
That means XP is no longer secure enough to use on the UC Davis network—or to use online, period. If you still use XP, you need to move to a newer operating system.
UC Davis policy prohibits use of unsupported OS or application software on machines that connect to the campus network. Unmaintained software is a common entry point for viruses and malware, which can then spread to other UC Davis computers.
Campus is now advising everyone to change our Kerberos passphrases
. Go to computingaccounts.ucdavis.edu, select "Change your passphrase," and follow the instructions.
You should not use your Kerberos passphrase for any non-UC services. Re-using passwords increases the risk of a breach.
Seriously consider changing your passphrases for other services, such as banks and retailers, once they have fixed their own vulnerabilities.
Do not respond to suspicious email messages, especially when they ask you for your passphrase or other personal information. More information is available at security.ucdavis.edu
Other websites are suggesting passphrase changes, see below.
In response to this issue, the CS Systems Support Group (SSG) has performed network scans on all CS and IDAV networks and have contacted those people with systems that are vulnerable to this risk.
What Should I do?
Experts are advising to change any passphrase on a site that was vulnerable, after they patch for the issue. If you used a passphrase on multiple sites, and one was vulnerable, change all of those website passphrases as well. While you are doing that, remember, it's best to make a unique passphrase for every site. More information on passphrases.
Places that have reported patching and are advising passphrase changes
These websites are reporting they had the Heartbleed vulnerability, and it is now patched. It is suggested you change your passphrase on these sites now. For other websites, check the Websites Reporting on Heartbleed Patching, below.
Amazon Web Services (for website operators only, Amazon.com was not affected)
Websites Reporting on Heartbleed patching
A year or more ago, the Systems Support Group (SSG) announced that the Computer Science department now standardly uses the campus DNS servers when configuring systems Name to Address Resolution (DNS). The old CS server, regnant.cs.ucdavis.edu was left up and is still forwarding DNS requests to Campus.
Not for long, however!
April 14th, in the morning, regnant will be turned off.
If you haven't changed your systems DNS servers settings, you may find your network is slow or non-functional after this date. If so, here are the servers you should be using (in order from primary to secondary):
All other setting can remain the same, but regnant's IP (22.214.171.124) should be removed from your systems settings.
For modern linux systems, you should use your GUI network configuration tools.
More than likely you already made this change, or we made it for you. We have found some systems that haven't been changed over, and have written their owners to remind them of the change.
You are the best person to ascertain what holds value in your life. This includes your electronic data. Whether it’s documents you have spent hours on, presentations you use monthly, email correspondence that you cherish, calendar events, contact information, you should not rely solely on others to backup this data.
Download your Google
With many Google products, you can download an archive of your data:
After clicking “Create an Archive” choose the products you want an archive for, or choose all of them, then click “Create Archive”.
Archives can take hours or even days to create, but if you leave the checkbox alone for “Email me when the archive is ready” you will get an email when it’s done.
When you are done downloading the archive put it in a safe place. For the least risk, put it in two places, so if disaster strikes one location, your data will be safe in the other.
For more information on this Google Service, read here: Download your data: FAQ
From Google's Apps Status Dashboard details on Gmail
1/24/14 12:23 PM The problem with Gmail should be resolved. We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better
Services that are having difficulties are: www, email, authentication (CAS, Kerberos), and LDAP.
Some services remain down at this time.
The work is done on the fume hoods, power was restored to Kemper, and the SSG has powered up servers and services.
It doesn't appear that any of the regular power was off, only emergency power.