ITS Locations

Help Desk

Teaching Learning Center Room 128
Monday-Friday, 8am-5pm
Phone: (208) 885-4357 (HELP) 
helpdesk@uidaho.edu

Administration

ITS Administration Offices
Administration Building
Room 140
875 Perimeter Drive MS 3155
Moscow, ID 83844-3155
Phone: (208)885-6721
Fax: (208)885-7539

Media Center

Teaching Learning Center 131 
Phone: (208) 885-6411
Fax: (208) 885-0566
mediactr@uidaho.edu

Records Management

Office of Records Management
Student Union Building
Room 53
875 Perimeter Drive MS 4247
Moscow, ID 83844-4247
phone: (208) 885-2580
records@uidaho.edu

Current Hours of Operation
Mon: 7:30-4:30pm
Tue: 7:30-11:30am
Wed: 7:30-11:30am
Thur: 7:30-11:30am

Vandal Cards

Student Union Building
Room 124
875 Perimeter Drive MS 4256
Moscow, ID 83844-4256
Phone: (208) 885-7522
Fax: (208) 885-9208
vcoffice@uidaho.edu

Telephone Services

Administration Building 
Room 133
875 Perimeter Drive MS 3155
Moscow, ID 83844-3155
Phone: (208) 885-5800
Fax: (208) 885-7539
its-ts-admin@uidaho.edu

alerts



Heartbleed Alert

Heartbleed Alert - ITS Recommendations

You may have been reading or hearing about the “Heartbleed” bug, which has affected a significant portion of all Internet websites. Below is some essential information regarding this bug and recommendations from ITS.


Who is affected?
Almost anyone using the Internet is potentially affected. The bug involves many, but not all, websites that communicate securely. This is typically seen as “https” or the lock symbol in your web browser, but also affects some other Internet communications.


What data could an attacker obtain?
An attacker could obtain data including your username, password, session cookie, encryption secret, or any other data sent to or from the website.


Should I change my UI Netid password?
If you are an affected individual (mostly Faculty and Staff), the ITS Help Desk will be notifying you sometime in the next two weeks to change your password as a precaution. Note that you should only change your UI password at the website “help.uidaho.edu”.

The majority of core ITS services including Office 365, BBLearn, and Banner were not affected by the vulnerability. Be suspicious of any requests to change your password that include a direct link or ask you take other action. Report suspicious requests to abuse@uidaho.edu or call the Help Desk to verify at 208-885-4357.
 
If you used your UI password on any non-UI sites, you should change your NetID password immediately and always use unique passwords on every site.


Should I change my password for other websites?
A high number of websites throughout the Internet were affected by the vulnerability. The websites most at risk are ones you accessed some time after April 7 and before they were patched, but because there is a possibility of your previous traffic being decrypted if it was captured (for example, on an open Wifi network), most affected sites are advising users to change their passwords. CNET has an article that lists many of the major websites affected and the current recommendation:
http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/

ITS recommends you change your password on affected sites, but keep the following in mind:

  • Be alert and wary of any requests to change your password and don’t click links or open attachments you weren’t expecting.
  • Always use unique passwords on every site. This prevents a compromised password on one site from affecting other sites and accounts.
  • Bookmark your most important sites and always use your bookmark to return to the site and change your password – don’t trust links in email.
  • Change your passwords periodically so you know how to do it on each site.
  • Use a third-party password manager like Keepass, 1Password, or Roboform to help securely store your passwords.
  • On sites that support login verification or multi-factor authentication, enabling those features will help prevent simple passwords attacks.


What is ITS doing about the vulnerability?
ITS teams have been working diligently to identify and patch affected systems since Monday of last week. Periodic network scans have been performed to identify and notify administrators of vulnerable systems. We are continuing to monitor the situation and alert those affected.
 
If you are interested in more detailed information about this vulnerability, please see the articles below: