Monday, 30 March 2015

Arranging lecture recordings the easy way...

It is now much easier for you to record your lectures. Rather than relying on being able to book a room that is equipped with the myEcho system, now you can indicate that you wish your lecture to be recorded at the timetabling stage and we will ensure that the room you are allocated is equipped to record your lectures.

MyEcho is now available as an equipment item for timetabled events in CMIS, and timetablers in departments can add this to events prior to the events being allocated a room by the CiCS Room Booking team. If you would like to request MyEcho recordings then please contact your departmental timetable unit and ask for them to select the “MyEcho Recording” option.

Once all events have had a room allocated, we will contact the named staff member to confirm the myEcho booking and to discuss some of the publishing options.  It is therefore very important that you specify who will be lecturing for the requested modules.

The deadline for requests via this process will be 15th May. After this date you will still be able to arrange recordings via the service request form although the availability of rooms will be subject to the Room Bookings process.


If you have any questions/comments on this please contact the Timetabling Support & Room Bookings team.

Wednesday, 4 March 2015

Smack vulnerability

Yesterday a security vulnerability was discovered in technology used in OpenSSL clients and Apple TLS/SSL clients. The Smack, State Machine AttaCK, vulnerability as it’s known, allows a man in the middle attack to take place when both a client and the server it is communicating with have susceptible software.


What to do about it:

The likelihood of attack is low and patches are already available. The most important thing is to patch your web browser and plugins. This vulnerability does affect Java and so it’s really important that you check your version of Java and update it to the latest version.


If you use CIS or MyApps then you may need to modify your settings after patching, information on how to do this can be found at:


If you patch your computer regularly then you will be fine. We recommend that you set your computer to check for and install updates automatically.



Servers - Information for technical staff

There is also a server side aspect to this vulnerability called the Freak attack.


If you administer a server that provides secure connections then you should check to make sure it is not offering, or accepting, cipher suites or certificates that are now considered insecure. You can run a quick health check on the configuration of your server at https://www.ssllabs.com/ssltest/analyze.html