Thursday, September 22, 2016

Power outage 7am-9am Sunday 9/25

All OCF services will be unavailable for a few hours this Sunday morning due to a scheduled power outage in the MLK Student Union. There will be no access to SSH and websites will be down for the duration.

We will be shutting down servers around 6:30am and hope to be back online by 9:30am.

UPDATE: Power was restored by 9:30am. All services should be back online as of 10:35am.

Tuesday, September 20, 2016

Taking applications for new work-study position

The OCF is looking for someone to fulfill the role of OCF Operations Strategist, a new, hired position developed by OCF staff and the first known paid position in OCF history. The Operations Strategist will work closely with the OCF throughout the Fall 2016/Spring 2017 academic year to help guide the OCF as it undergoes the major transition of becoming a fully self-sustained organization starting next year.

For the last several years, the OCF has relied on the support of paid Publications and Media Center staff to open and close on time, provide security, and carry out day-to-day operational tasks when volunteer staff cannot attend the lab. This arrangement is coming to a close next year, however, and thus the OCF is currently fully committed to acquire funding and develop the strategies we need for the front desk to become 100% staffed by OCF hires when the time comes. This new position provided by the PMC will ensure a smooth transition.

The Operations Strategist will play a crucial part during the entire process, and so will need to be committed to the position for the entire academic year. Moreover, the Operations Strategist is not just a front desk job. While performing desk tasks will be a minor part of the Operations Strategist's role, the great majority of the 12-15 hour work week will be dedicated to projects vital to the OCF's transition. We are seeking someone with creative problem-solving skills who can work autonomously on solutions to problems we will face in hiring and managing our own team to staff the lab.

The link to the application is here: http://bit.ly/2deW0ry. Unfortunately, we are only considering applicants who have work-study funds to last the entire academic year.

Interviews are next week.

Friday, September 16, 2016

Ongoing lab closures due to understaffing

The OCF has already had to announce one reduction in our hours of operation this semester, and we're sorry to say that further closures on top of that will be the norm for the next several weeks. Anyone who has visited the lab or our website in the last two weeks has noticed that we are missing a couple hours on Thursday and Friday from what was previously announced, and that, for the first time in recent memory, we are closed all day every Saturday.

While we would like to say there was something we can do about this, it is unfortunately out of our control: the Publications and Media Center is responsible for providing the paid employees who man the front desk during all hours the lab is open. Unfortunately, the PMC has been operating with a reduced staff this semester and is still seeking to hire replacements. We must conclude that these additional closures will continue for a few more weeks at least.

The OCF is not happy about the state of things, but the hiring process takes time, and there is not any way for us to speed things up. In the meantime, please keep an eye on our hours page; as much as possible, if we can predict when we will be closed, we will update the hours on our website. Please also check our homepage, as we will make an announcement there as soon as possible in the event of an unexpected closure during the day.

Weak user passwords have been reset recently

We're always looking for ways to make sure our users' accounts remain secure. It's important to have strong passwords because OCF accounts aren't just used for lab access or printing, but also for web hosting and many other services. These services are accessible via the internet, which means anybody (including those with no relation to UC Berkeley) could try to guess the passwords.

Recently, we attempted to guess the passwords of our users in an attempt to find users with exceptionally weak passwords and have them upgrade to a stronger password. To do this, we used both lists of passwords from online password dumps (including passwords used by real people on other services), lists of the most common passwords, and other methods such as trying different variations of each character of a password.

This is the same thing an attacker would do to try to break into a user's account. It's important to keep in mind that we cannot read users' passwords. We store them in a non-reversible manner as password hashes. Passwords are hashed using a one-way function that can be computed at login and compared to the stored hash. At no time are OCF staff able to find out the passwords of our users, except in the way above (by trying hundreds of thousands of passwords until one matches).

The guessing method only works on the weakest of passwords; it also explains why the best way to make a password strong is to make it long, rather than trying to make it more complicated by adding numbers or special characters.

We have removed the passwords from the accounts we were able to guess passwords for. These users should either reset their password online (if they have a CalNet account linked to their OCF account, as most current and recent students do), or use the manual verification process otherwise.

Friday, August 26, 2016

Downtime tonight (8/26) for kernel updates

There will be a brief period of downtime tonight (8/26), around 9 pm, likely lasting about 20-45 minutes, as we apply kernel updates to our servers and run some hardware checks. Our software mirrors may be down for more time, as that server has a potential hardware issue and could require longer to check.

Sorry for the inconvenience and contact us if you have any questions about our services or the upcoming downtime!

Tuesday, August 23, 2016

Changes to our lab hours

Our hours of operation this semester have undergone some changes from last year's. Without any ado, our tentative weekly hours for Fall 2016 are

Monday: 9am-6pm
Tuesday: 9am-8pm
Wednesday: 9am-8pm
Thursday: 9am-8pm
Friday: 9am-5pm
Saturday: 12pm-5pm
Sunday: 12pm-5pm

These hours are still subject to change. Specifically, once our Board of Directors meeting time is finalized, Monday's hours may be extended to 8pm and we will then close at 6pm on a different weekday. Remember, you can always see an up-to-date listing of our regular hours and our hours for the next seven days at https://ocf.io/lab.

The most noticeable difference between last year's hours and this semester's is that we have had to scale back our weekend hours, Friday through Sunday. The OCF does not take lightly that this change is a setback for the accessibility of our lab to our members, but this is the most agreeable outcome we can offer. When scaling back our hours, we were very careful to select the times which would ultimately affect the least number of users of the lab.

Nonetheless, we are proud to be reopening at 9am Wednesday morning for another collaborative and productive fall semester. If you have any questions, comments, or concerns about our new hours, please drop by one of our upcoming BoD meetings and let your voice be known.

Thanks for flying OCF!

Sunday, July 17, 2016

Introducing HTTPS for virtual hosts

The staff of the OCF strongly believe in the need for encryption of everyday communication. This case has been made not just by invasive government spying, but also by wireless carriers (like Verizon) maliciously modifying requests to increase ad revenue.We think that the internet needs to transition to encrypting all communications whenever possible.

Two years ago, we transitioned all of www.ocf.berkeley.edu (all regular user websites) to HTTPS-only. At the time, it was impractical to also transition virtual hosts, because there was no way for us to acquire the necessary SSL certificates without a lot of manual effort.

With the creation of Let's Encrypt, a free provider of SSL certificates that prioritizes automation, we're finally able to start offering HTTPS for virtually-host websites as well. Starting today, we'll be slowly rolling out HTTPS for our virtual hosts. We expect the full roll-out to complete within about 3 months.

What do I need to do?
Most likely, nothing. We'll automatically switch your site over to HTTPS when we acquire a certificate for it. (We're unable to immediately acquire certificates for all of our ~500 virtual hosts due to Let's Encrypt's rate limits.)

Will this break existing links to my website? Do I need to update posters with the new link?
No. We will issue 301 redirects to the updated URL.

Are you sending the HSTS header?
Not yet, but we'd like to in the future. We want to make sure we've tested the current setup for some time first, as once we start sending the header, we can never go back to plain HTTP.

We do send the HSTS header for www.ocf.berkeley.edu (user websites).

My site broke after the switch to HTTPS, what do I do?
It's unlikely, but possible, that some sites will break because of this. Typically, this is because of the wrong site URL set within a CMS like WordPress. You should be able to fix this by logging in to the admin panel and making sure your site URL has https:// at the front.

If there's anything we can do to help, don't hesitate to send us an email.

Thursday, May 26, 2016

Power outage, services down

At 9:35am, a power outage in MLK caused our servers to go down. We are working to bring most services back up by using power from a different circuit. We are in contact with facilities to restore power.

Update 1:03pm: All services should be restored.