Friday, August 26, 2016

Downtime tonight (8/26) for kernel updates

There will be a brief period of downtime tonight (8/26), around 9 pm, likely lasting about 20-45 minutes, as we apply kernel updates to our servers and run some hardware checks. Our software mirrors may be down for more time, as that server has a potential hardware issue and could require longer to check.

Sorry for the inconvenience and contact us if you have any questions about our services or the upcoming downtime!

Tuesday, August 23, 2016

Changes to our lab hours

Our hours of operation this semester have undergone some changes from last year's. Without any ado, our tentative weekly hours for Fall 2016 are

Monday: 9am-6pm
Tuesday: 9am-8pm
Wednesday: 9am-8pm
Thursday: 9am-8pm
Friday: 9am-5pm
Saturday: 12pm-5pm
Sunday: 12pm-5pm

These hours are still subject to change. Specifically, once our Board of Directors meeting time is finalized, Monday's hours may be extended to 8pm and we will then close at 6pm on a different weekday. Remember, you can always see an up-to-date listing of our regular hours and our hours for the next seven days at https://ocf.io/lab.

The most noticeable difference between last year's hours and this semester's is that we have had to scale back our weekend hours, Friday through Sunday. The OCF does not take lightly that this change is a setback for the accessibility of our lab to our members, but this is the most agreeable outcome we can offer. When scaling back our hours, we were very careful to select the times which would ultimately affect the least number of users of the lab.

Nonetheless, we are proud to be reopening at 9am Wednesday morning for another collaborative and productive fall semester. If you have any questions, comments, or concerns about our new hours, please drop by one of our upcoming BoD meetings and let your voice be known.

Thanks for flying OCF!

Sunday, July 17, 2016

Introducing HTTPS for virtual hosts

The staff of the OCF strongly believe in the need for encryption of everyday communication. This case has been made not just by invasive government spying, but also by wireless carriers (like Verizon) maliciously modifying requests to increase ad revenue.We think that the internet needs to transition to encrypting all communications whenever possible.

Two years ago, we transitioned all of www.ocf.berkeley.edu (all regular user websites) to HTTPS-only. At the time, it was impractical to also transition virtual hosts, because there was no way for us to acquire the necessary SSL certificates without a lot of manual effort.

With the creation of Let's Encrypt, a free provider of SSL certificates that prioritizes automation, we're finally able to start offering HTTPS for virtually-host websites as well. Starting today, we'll be slowly rolling out HTTPS for our virtual hosts. We expect the full roll-out to complete within about 3 months.

What do I need to do?
Most likely, nothing. We'll automatically switch your site over to HTTPS when we acquire a certificate for it. (We're unable to immediately acquire certificates for all of our ~500 virtual hosts due to Let's Encrypt's rate limits.)

Will this break existing links to my website? Do I need to update posters with the new link?
No. We will issue 301 redirects to the updated URL.

Are you sending the HSTS header?
Not yet, but we'd like to in the future. We want to make sure we've tested the current setup for some time first, as once we start sending the header, we can never go back to plain HTTP.

We do send the HSTS header for www.ocf.berkeley.edu (user websites).

My site broke after the switch to HTTPS, what do I do?
It's unlikely, but possible, that some sites will break because of this. Typically, this is because of the wrong site URL set within a CMS like WordPress. You should be able to fix this by logging in to the admin panel and making sure your site URL has https:// at the front.

If there's anything we can do to help, don't hesitate to send us an email.

Thursday, May 26, 2016

Power outage, services down

At 9:35am, a power outage in MLK caused our servers to go down. We are working to bring most services back up by using power from a different circuit. We are in contact with facilities to restore power.

Update 1:03pm: All services should be restored.

Sunday, May 15, 2016

Home directories read-only Sunday for a few minutes

We are in the process of upgrading our NFS storage. To do this, we'll need to make home directories read-only for a few minutes on Sunday afternoon, then once again late Sunday evening.

We anticipate the read-only mode to last only about 15 minutes, but there may be an additional 5-10 minutes of full downtime while we transition into it.

Most websites should continue to work during read-only mode. SSH will continue to work, but with limited capabilities.

Friday, April 15, 2016

Downtime tonight for hardware upgrades

There will be up to 45 minutes of downtime tonight for hardware upgrades. We don't expect to use the full window, but are reserving it in case of problems. It will begin some time around 10pm.

Sorry for the inconvenience -- this should make future operations much more stable.

Tuesday, March 29, 2016

Misleading Daily Cal article incorrectly suggests OCF connection to printer abuse

We were disappointed to find that the Daily Cal has published a misleading article about recent printer "hacking" at UC Berkeley.

The online edition of the article contained (and still does) a photo of the OCF lab taken yesterday. The print version is even more misleading:


The OCF was not involved in this attack in any way. Our printers are not exposed directly to the internet, and our volunteer staff take security very seriously. We were quite shocked to see ourselves on the Daily Cal article.

It's really unfortunate that a lot of people will see this image and think that the OCF was compromised. Our volunteer staff have put a lot of work into the OCF, and we don't like to see it tarnished this way.

We appreciate that the article itself did not reference the OCF. And we'd greatly appreciate help from the Daily Cal in replacing the misleading photo and issuing a clarification.

Update March 30: The Daily Cal has updated the caption of the photo, but refuses to correct their mistake by replacing the photo, citing "a pretty strict policy on retraction".

While we're glad they've recognized the mistake and added the clarifying caption, we still believe they should act with integrity to correct this mistake. It is not responsible journalism to place the photo of a widely recognized but completely unrelated organization above an article about poor security practices.

Many people don't read Daily Cal articles in full, but instead see snippets posted on Facebook or elsewhere. In these snippets, a picture of the OCF is still prominently featured, and the work of our volunteer staff is still being devalued.

This could have been prevented if the staff of the Daily Cal had taken a few minutes to shoot us a quick email prior to publishing that article. A lot of damage has already been done. The Daily Cal should take responsibility for their error and correct it.

Update April 1: The Daily Cal has now replaced the photo with one of a printer which was actually affected by the attack. We thank them for correcting the mistake.

Short webserver downtime 3/29 for maintenance

We'll be performing some short maintenance on our webserver tonight (3/29) to install instrumentation that would let us diagnose the kernel panics we've been experiencing recently on it.