Feed aggregator

EndNote alternative? ReadCube Grows Up!

In Plain Sight - Tue, 2014-06-03 13:58

ReadCube arrived on the reference management scene in late 2011. I looked at it a year ago and found it lacking in comparison to the “big 5” — EndNote, Menedeley, Papers, RefWorks and Zotero (these are in alphabetical order, I am not playing favorites here!).

ReadCube released a mammoth upgrade about a month ago making it worthy of consideration as your primary reference manager. Read Cube works with any browser on both Mac and Windows machines, it also works on iOS devices; there is no Android version yet.

Altmetrics

The basic version is free and now integrates with Microsoft Word, and provides simple altmetrics information. Altmetrics describes a way to measure the impact of the article you are reading. The PRO version costs $5/mo. or $45/yr. but you get several features for your money. It syncs across your iOS devices, adds unlimited cloud storage, advanced article metrics, and “watch folders”. What’s a watch folder? When new article PDFs are added to folders on your computer that you have told ReadCube to watch, they are automatically added to ReadCube. Note: I do not have a PRO account so the above is based on the ReadCube website.

Test Drive:
A search using the PubMed Special Queries (found near the bottom of the PubMed homepage) “Comparative Effectiveness Research” search tool to find information about cost-effective diagnosis of pulmonary embolism found 81 results. Several of these articles looked quite good and I wanted a way to move all of them into ReadCube in one step. It appears that you can only import one article at a time (!) from PubMed by using the by Add to Read Cube bookmarklet.

Comparative Effectiveness Search through PubMed

ReadCube encourages you to use their in-application search. It is convenient, but feels stripped down and is limited to GoogleScholar and PubMed. Sophisticated PubMed searchers will feel hamstrung by the simplified search. GoogleScholar results are shown by relevance, you cannot sort by year. I also searched in Scopus and Web of Science and was able to import one article at a time into ReadCube with the bookmarklet.

GoogleScholar and PubMed search within ReadCube

UCSF full text is easily accessible by selecting “University of California, San Francisco” from the drop down menu in Institutional Affiliation found in Preferences.

Formatting in-text citations and references in Word works well. Like Papers, pressing Control twice will launch the citation tool.

All in all, ReadCube has improved rapidly. As you can see from the above there are some capabilities I would like to see added to ReadCube. With a devoted user group and the quick evolution to date I expect to see further evolution soon.

Please contact me if you have questions. Evans.Whitaker@UCSF.edu

Categories: In Plain Sight

Ishi: The Greatest Anthropological Treasure

Brought to Light Blog - Fri, 2014-05-30 11:03

Syanpse, the UCSF Student Newspaper, published a wonderful article about Ishi and his history with UCSF this week, Ishi: The Greatest Anthropological Treasure, by Yi Lu.

Portrait of Ishi

Read the article and follow it up with The Story of Ishi on the UCSF History website for more information. The Archives & Special Collections has information regarding published resources available here and other institutions.

Categories: Brought to Light

Don’t call it a comeback…

Convergence - Fri, 2014-05-30 08:45

…It’s been here for years. I’m not talking about LL Cool J’s career. I’m talking about the eLearning Studio located in the UCSF Parnassus Library Tech Commons, room CL-245.

The room’s not new, but the Learning Technologies Group (LTG) is continuing to encourage the UCSF community to take advantage of all the features that are available to them. Take a look at this pic for some highlights of the software and hardware available in the Studio:

 

The LTG have helped hundreds of staff, students, and faculty with projects like:

  • Creating presentations for showing at conferences that they can’t attend
  • Adding narration, interactivity, and graded quiz questions to PowerPoint lectures
  • Creating screencasts for training in a website database
  • Flipping the classroom and creating engaging online learning
  • Recording interviews and editing the final footage
  • Annotating video screencasts and narration of a piece of software in action
  • Digitizing analog media and archiving the footage

If you’re working on a project like this or have another need in mind, go ahead and reserve the eLearning Studio for a time that’s convenient for you. If you need any software or equipment support or would like an orientation to figure out the best way to get your project done, contact the Learning Technologies Group to schedule an appointment.

And, as always, check out the Multimedia Support Center for how-to guides and instructions on using the software and equipment in the Tech Commons.

This post is part two of a two part series on What’s New at the UCSF Tech Commons.

Image Credit: Dylan Romero

 

Categories: Convergence

RefWorks Write-n-Cite and EndNote Updates

In Plain Sight - Wed, 2014-05-28 16:20

EndNote. Summer usually sees the launch of a new version of EndNote, so I suppose we’re awaiting news on EndNote X8.  In the meantime you can download X7.1, an update for X7.

 

 

 

 

 

 

 

With this latest release, you can now:

  • Sync Smart and Combined Groups across desktops.
  • Use an expanded set of tools to annotate your PDFs.
  • Easily navigate through full text attachments with added PDF link navigation.
  • Take advantage of improvements to Find Full Text and DOI matching during PDF import.
  • Easily spot Quick Search keywords in search results.
  • Quickly save references from additional online Capture sources including: ERIC database, Wikipedia, WorldCat OCLC, DSpace, and more. (Available in EndNote online)

Write-n-Cite Update for RefWorks is now ProQuest for Word.

RefWorks released a new version of Write-N-Cite in April: Windows versions 4.3.1217 and Mac versions 4.3.1203. Note that they’re now calling it ProQuest for Word.

Categories: In Plain Sight

5 Great Things About Mavericks

Convergence - Wed, 2014-05-28 12:04

This post is part one of a two-part series on What’s New at the UCSF Tech Commons.

Mavericks has arrived at the UCSF Library! Stop by the Tech Commons (CL-240) on the second floor of the UCSF Library and try out Apple’s newest operating system, Mavericks. This is a great opportunity to try out the operating system before upgrading your work or personal computers (PS Mavericks* is free!).

*After a 14 year run, Apple operating systems are no longer named after big cats and are now named after locations in California.

Tech Commons staff have been testing Mavericks and discovering new features and applications that members of the UCSF community will be excited about. Members of the Tech Commons & Desktop Services (Benjamin Stever) and Learning Technologies Group (Dylan Romero) have collaborated to identify our top five new features with the biggest bang for their buck and listed them below (in no order of importance):

  iBooks App (review by Dylan)

I am a sucker for creating multitouch books using iBooks Author. It is by far one of my favorite new applications for its ease of use and ability to produce stunning, interactive content. With the release of Mavericks, you can now view these multitouch books on your Mac computer and are no longer limited to viewing on an iPad or iPhone. This has instantly increased the audience for multitouch books, which means iBooks Author users have a lot of work to do!

Read more about the iBooks App http://www.apple.com/ibooks/

New iMovie (review by Dylan)

One of the most popular applications in the Tech Commons is iMovie. After filming using digital video equipment checked out through the Library, quickly edit your clips together and create a digital story in iMovie. With the latest release of iMovie, the process of editing your videos continues to get much easier. Check out the new iMovie interface, all new themes, as well as built-in story-boarding tools to help you prepare for your big production!

Read more about the new iMovie http://www.apple.com/imovie

And for more information on saving your iMovie project on Tech Commons workstations, please visit the Multimedia Support Center.

Keynote (review by Dylan)

We love to create presentations using Keynote! With the complete overhaul of the iWork suite, we are eager to try all of the new features and themes included in this release of Keynote (well, maybe not the Spin or Shimmer transitions). Keynote has an all new interface and inspector with a built-in “presentation coach” that will help you along the way while adjusting to the Keynote update. Check out the newest version of Keynote in the Tech Commons, I know we will!

Read more about the new Keynote http://www.apple.com/mac/keynote/

Finder (review by Ben)

Spring cleaning is upon us, so let’s get to work cleaning up that desktop clutter. The update to Finder makes it easy with the addition of tabs. Similar to tabbed browsing in most modern web browsers (e.g. Firefox, Chrome, Safari, Internet Explorer), tabs give the option to manage multiple instances of Finder in one, clutter-free window. All the functionality you’d expect is there, from opening and closing tabs with keyboard shortcuts to merging all open windows. A small change to a fundamental component of OSX, but one we’re really excited about.

Read more about Finder tabs http://support.apple.com/kb/HT5840

Preview (review by Ben)

When it comes to PDF applications, the options are seemingly limitless. Preview has always been a great PDF reader, but with newly-enhanced annotation capabilities, it has emerged as frontrunner in a crowded pack. A robust selection of tools including highlighter, notes, shapes, color options, and signatures are now available. Browse your markups and stay organized with the Annotation Inspector. Annotations carry over to your iOS devices, as well as most other PDF applications. Check out the latest options in Preview under the Tools menu.

You can read more about Preview here http://support.apple.com/kb/ht2506

For a complete list of new features in Mavericks, visit the Apple website. And stop by the Tech Commons on the second floor of the UCSF Library any time the Library is open to use a Mac or PC workstation and contact LTG staff for assistance.

Image Credit: Apple

Categories: Convergence

Moving Mementos, 1930-1938

Brought to Light Blog - Wed, 2014-05-28 10:58

Take a quick 7 minute break to watch this newly digitized and previously rarely seen footage we presented at last night’s Bay Area Video Coalition’s (BAVC) program– Video Capsule: Treasures from Bay Area Archives! UCSF’s contribution was this amalgamation of clips from “moving memento” films of the 1930s. For a time the UCSF School of Medicine had a tradition of creating these dynamic mementos of each class of students of staff. The films are comprised of faculty and staff introductions and a variety of candid scenes around campus and in the hospitals.

Or watch the video on the Internet Archive.

Categories: Brought to Light

May 27th VIDEO CAPSULE: Treasures from Bay Area Archives

Brought to Light Blog - Wed, 2014-05-21 09:32

Join us next Tuesday, May 27th, at the Exploratorium at 7pm to take in some rarely seen audiovisual treasures from local archives– including some of our own! UCSF’s contribution is an amalgamation of clips from “moving memento” films of the 1930s. For a time the UCSF School of Medicine began a tradition of creating these dynamic mementos of each class of students of staff. The films are comprised of faculty and staff introductions and a variety of candid scenes around campus and in the hospitals.

Here is more information from the Bay Area Video Coalition (BAVC), and do note that while the program is free there is a link to RSVP:

WHAT: Video Capsule: Treasures from Bay Area Archives
WHERE: Exploratorium, Pier 15: Kanbar Forum. Please enter the Exploratorium through the historic Pier 15 Bulkhead located directly on the Embarcadero.
WHEN: Tuesday, May 27 at 7PM
ADMISSION: Free

Join Bay Area Video Coalition (BAVC) Preservation program staff for an evening of video preservation revelry. Anchored by recent selections from BAVC’s Preservation Access Program*, tonight’s program includes archivist favorites, unexpected gems, and rarely seen treats from artists and arts organization participants from the program as well as friends from other Bay Area preservation organizations– including Stanford Media Preservation LabSan Francisco Media ArchiveUCSF Archives, the GLBT Historical Society and California Audiovisual Preservation Project. We invite you to join us as we share recent, prized work, making for a congenial celebration of archival craft and our media legacy.

Co-presented with BAVC by the Exploratorium Cinema Arts.

Let us know you’re coming. RSVP here.

Please note: there will be no Museum access during this program. Join the Exploratorium during adult evening hours on May 29th, 6-10pm, which will include a film screening co-curated by Walter Forsberg and Exploratorium Cinema Arts.

*The Preservation Access Program is made possible through the generous support from the National Endowment for the Arts (NEA).

 

Categories: Brought to Light

See your failures: Taking screenshots with PhantomJS running Behat tests

CKM Blog - Wed, 2014-05-14 14:04

PhantomJS is a headless browser which, when combined with Behat, can run the same tests you can run in a browser like Chrome or Firefox. Headless testing is faster because it doesn’t actually render anything for a user. This makes it ideal for rapid test driven development.  

A downside to headless testing is that when it fails it can be hard to see exactly why.  Figuring out whether it is your code or your test that is causing the issue can be extremely frustrating and you might find yourself asking; Why can’t I just see it?  The frustration mounts when the same test runs just fine via Selenium in a GUI browser.

OK, was that enough buildup?  Are you ready for the good stuff?  Right then, here we go.

Any Selenium2 Behat driver already has a method of taking screen shots at any point built in.

$screenshot = $this->getSession()->getDriver()->getScreenshot();

In any method of your FeatureContext class, this will return a nice PNG of whatever the browser looks like right then.

So all we really need to do to start seeing the last step in our failed tests is wrap this up in a reusable method Behat will understand. Using Behat’s hook system, we can add a method to our FeatureContext class which is called after every single step. In the method, check to see if the step failed. If so, take a screenshot to save to disk and BAM!… we’re done. The full method looks something like this:

/** * @AfterStep */ public function takeScreenshotAfterFailedStep($event) { if ($event->getResult() == 4) { if ($this->getSession()->getDriver() instanceof \Behat\Mink\Driver\Selenium2Driver) { $screenshot = $this->getSession()->getDriver()->getScreenshot(); file_put_contents('/tmp/screenshot.png', $screenshot); } } }

For the Ilios Project we made this code a little bit more generic to store the screen shot in the system temp directory (which changes for different operating systems) and give it a unique name so that if more than one step fails in a single test run, you won’t overwrite the screenshot file.

/** * @AfterStep */ public function takeScreenshotAfterFailedStep($event) { if ($event->getResult() == 4) { if ($this->getSession()->getDriver() instanceof \Behat\Mink\Driver\Selenium2Driver) { $stepText = $event->getStep()->getText(); $fileTitle = preg_replace("#[^a-zA-Z0-9\._-]#", '', $stepText); $fileName = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $fileTitle . '.png'; $screenshot = $this->getSession()->getDriver()->getScreenshot(); file_put_contents($fileName, $screenshot); print "Screenshot for '{$stepText}' placed in {$fileName}\n"; } } }

I wasn’t able to figure out how to print the screenshot location to Behat’s console using their pretty colors, so if anyone knows how to do that, please let me know!

Categories: CKM

National Hospital Week (May 11-17)

Brought to Light Blog - Mon, 2014-05-12 14:05

More historic images brought to you this week in honor of National Hospital Week! Celebrated May 11-17, Hospital Week serves to recognize the dedication of all hospital professionals.

Operating Room at City County Hospital, circa 1890

UC Hospital Men’s Ward, circa 1920s

UC Hospital, circa 1918

UC Hospital Lobby, 1920s

UC Hospital Kitchen, 1924

Read more about the history of San Francisco’s hospitals on the UCSF History website.

Categories: Brought to Light

Wacom Display Showcase

Convergence - Wed, 2014-05-07 11:33

You may remember that we wrote about the Wacom Interactive Pen Display back in 2013. Since then, we have seen faculty and staff create new, powerful learning materials for UCSF curriculum.

To get people excited about using the technology and to showcase some of the work that has been done with the display, we have put together the following showcase video:

As described in the showcase, join the Learning Technologies Group at a Multimedia Clinic to learn more about using the Wacom interactive display, see a demo and get started on a project using this great piece of technology. There is still time to register for the Friday, May 9 Multimedia Clinic!

The showcase video was developed using software and digital video equipment available and supported in the Tech Commons. If you are interested in learning how to use the resources and software to create this type of video for your course or department, join us at a Multimedia Clinic or contact the Learning Technologies Group directly!

Side note: While developing this video we confirmed the correct pronunciation of the word Wacom. It is pronounced “Wah-Kum”, not Way-Kum nor Wack-Kum.

Image Credit: Alex Kwa via the NounProject

Categories: Convergence

Celebrating National Nurses’ Day (May 6) and National Nurses’ Week (May 6-12)

Brought to Light Blog - Tue, 2014-05-06 11:26

Happy National Nurses’ Day! Here’s a selection of a few of our favorite images of nurses from the UCSF Historic Photograph Collection. For more images, check out our Digital Collections.

Moffitt Hospital Nurses’ Station, circa 1970s

UC Nurses, World War I, Base Hospital # 30

Nurses at the 30th General Hospital, June 1943

Tuberculosis service, circa 1930s

Three UC Nurses– Rigney, Dubois, and Catton– in the nursery with infants an unidentified man, 1912

UCSF School Of Nursing students watching TV in the Nursing Dorm, circa 1955

UCSF School of Nursing students in the Nursing Dorm archway, circa 1950s

UCSF School of Nursing class in Toland Hall, 1941

Categories: Brought to Light

A Fix for Problems with RefWorks Write-n-Cite and Mac Mavericks OS.

In Plain Sight - Mon, 2014-05-05 16:04

From the Dudley Knox Library:

Upgrading to OS X 10.9 Mavericks may disable Java or remove it.  If you have installed OS X 10.9 Mavericks, you will need to make sure the prerequisites are installed to ensure WNC 4 functions correctly on the computer.

If you are prompted to download Java when attempting to install Write-N-Cite 4 for Mac after upgrading to OS X 10.9, please restart the computer and download Java by navigating to the Apple Icon > System Updates.

Once you have reinstalled/enabled Java, please check for Microsoft Office updates.  You can check for Microsoft Office updates by opening Microsoft Word and navigating to Help > Check for Updates.

Once you have updated Microsoft Office, installed all system updates for OS X 10.9 and have verified that Java is enabled in OS X 10.9 Mavericks, please restart your computer and reinstall the latest version of Write-N-Cite 4 for Mac.

If you need further advice please contact refworks.support@refworks-cos.com giving full details of your problem and also the versions of Java, OS X, Word and WNC4 that you have installed.

Categories: In Plain Sight

Online Learning and Dispersed Teams

CKM Blog - Thu, 2014-05-01 21:50

I recently started taking my first online course. In the course, one must work on projects with other students. Members of our work group are not always online at the same time. The level of communication and coordination needed is vastly greater than would be if a group gathered to work together in person.

The similarities between working on a software project with a geographically dispersed team are obvious.

Ken Haycock’s talk on working in teams is a tour de force. It includes strategies for clarifying goals, dealing with the stages of team growth, and navigating dysfunctions.

It takes a great deal of tact and care to deal with conflict in person.  It takes much more tact and care to navigate troubled waters in a project online.

For me, Haycock pulled together everything I had learned about teams and more into one 50 minute talk.  The most salient point for me was when he described the student in the team who did all the work, and, as it was being turned in, said “… and of course, I did all the work”.

Haycock describes how one might almost want to say in reply “Well, more fool you!”  The importance of negotiating standards at the start was the point he was making.  Unstated performance expectations must be brought to the fore.  If someone wants to get an A+, someone else is ok with a B-, and they make it clear from the start, then a source of tension is resolved before it gets too late to do anything about it.  To work in a team is to have everyone contribute fairly, and to get the benefit of the combined wisdom and experience of the group.

Haycock also talks about conflict in teams.  Conflict, unfortunately, seems to be an integral part of becoming a team that performs well. It’s the storming of the forming, storming, norming and performing stages of team development.  Yet conflict is all the more difficult to deal with when you can’t see the non-verbal cues of the participants.

In her talk, The Monster Inside Library School: Student Teams, Enid Irwin talks about her survey on the worries that online students have.  These worries include having nothing to offer, getting things wrong, others taking control, and others not contributing fairly.

Such worries can stem from a perceived lack of control of time and grades, and a lack of enthusiasm or trust for teamwork.  Such feelings on the part of everyone can have a negative feedback effect.  The antidote?  Enthusiasm!

The point is to gain experience working in teams in a world where cross-functional geographically-dispersed teamwork is more important than ever. Irwin talks about how a good attitude can make a team a success.  Staying silent or stubborn, on the other hand, can be disastrous.

Irwin’s talk highlights the importance of engaged participation. She discusses the different types of teamwork and characterizes what success would look like for each:

  • teams that solve problems present a consensus if successful
  • teams that set policies will be a success if the policies stand on their own after the team has dispersed
  • teams that build a product will be successful if the product that is built is tested and meets requirements

To perform well and achieve success for their team, team members must first of all bring a positive attitude and participate!

It won’t be easy to put in practice all the good advice distilled in the resources above, but a dedication to participation and an eagerness to meet the challenge will go a long way toward doing so.  I look forward to learning more in practice, for that is what it takes: practice.

Categories: CKM

New Lesson Resources Available

Convergence - Wed, 2014-04-30 12:14

Following up on the 2013 Convergence post on new activities in the CLE, we have developed and added the following Lesson resources to the CLE Support Center for faculty and staff:

To see an example of a Lesson, visit the Lesson section of the CLE Consultation/Showcase page.

If you are interested in learning more about using the Lesson in a CLE course, please join us at a regularly scheduled CLE Clinic, held every fourth Friday of the month. Learning Technologies Group staff are also available for CLE consultations.

Please share your successes with the Lesson activity with the larger UCSF community by replying in the comment section below!

Categories: Convergence

New UCSF Library Subject Guide for Citation/Reference Management Software

In Plain Sight - Wed, 2014-04-30 10:01

The UCSF Library has now given our citation management subject guide a complete overhaul, taking into account new developments in this area and the increasing popularity of applications such as Mendeley and Papers. A new section helps you decide which application is best for you. Though intended primarily for UCSF affiliates most users will find useful information here.

 

Categories: In Plain Sight

Top 10 CLE Tips and Tricks

Convergence - Mon, 2014-04-21 11:20

The Learning Technologies Group would like to invite you to our next installment of the CLE Clinic, which takes place this Friday, April 25th, from 9am to 4pm in the Parnassus Library. This is best time and place to get answers to all of your CLE questions. 

We’re excited to announce that during this Clinic’s Collaboration Roundtable, we (the LTG staff) will be presenting our Top 10 CLE Tips and Tricks! This will include tips on embedding videos on the home page, adding extra credit assignments to the gradebook, quizzing best practices and more.

So grab your lunch, and head over to CL-210 on Friday at 12 noon. If you have a few tips of your own to share with the group, all the better! This will be a fun and collaborative discussion.

To see a full schedule of the day’s events, and to register: http://tiny.ucsf.edu/LTGClinics

Thank you, and we hope to see you there.

(Image info: Designed by Ben King via the NounProject.)

Categories: Convergence

Finding Aids to the Eric L. Berne Papers now available on the Online Archive of California

Brought to Light Blog - Fri, 2014-04-18 09:06

Detailed finding aids for the six collections of Eric L. Berne Papers are now available for researchers to examine on the Online Archive of California. These collection guides provide an in-depth look at the work and writings of Eric L. Berne, M.D. (1910-1970), a San Francisco-based psychiatrist, UCSF lecturer, best-selling author, and father of the theory of Transactional Analysis (TA).

Each finding aid provides a full description of the collection, including dates, background information, scope and content, extent, type of materials, any access restrictions, and a complete box and folder list. The finding aids are all full-text searchable. They can be accessed through the UCSF Archives and Special Collections page or via the Online Archive of California. The following guides have been published:

Eric L. Berne Papers, 1939-1973, MSS 82-0

This accession primarily contains photographs and reel-to-reel audiotape recordings of lectures and meetings of the San Francisco Social Psychiatry Seminars, an organization founded by Berne.

Eric L. Berne Papers, 1931-1970, MSS 89-12

This accession contains a significant portion of correspondence, writings, records of the San Francisco Social Psychiatry Seminars (later the International Transactional Analysis Association), and military psychiatry records.

Eric L. Berne Papers, 1933-1971, MSS 2003-12

This accession primarily contains writings, notes and lectures.

Eric L. Berne Papers, 1929-1970, MSS 2005-08

This accession includes records of Berne’s medical school education, military service, and travels, as well as a significant amount of writings and audio recordings.

Eric L. Berne Papers, 1963-1970, MSS 2013-18

This accession contains 7 recorded lectures by Eric Berne and 44 audiocassettes from the International Transactional Analysis Association Tape Library.

Eric L. Berne Papers, 1904-2007, MSS 2013-19

This large accession includes early personal correspondence, diaries, travel ephemera, educational files, writings, photographs, and artifacts.

These collections are open for research and can be viewed in the UCSF Archives reading room. Please visit this page to make an appointment or contact an archivist: http://www.library.ucsf.edu/collections/archives/access

Digitization work on these collections is progressing quickly. Check back soon for updates on the Eric L. Berne Digital Collection!

Detailed processing and digitization for the Eric L. Berne Papers was made possible by generous support from 17 TA Associations worldwide and many individual donors through the International Transactional Analysis Association.

Categories: Brought to Light

Heartbleed: What you need to know

Mobilized - Wed, 2014-04-16 08:35

 No doubt you’ve heard about the Heartbleed bug affecting countless websites and devices over the past week. Reports of the bug are many, yet information about how it works and what you can do to protect yourself can be difficult to extract from the widespread media response. Here we’ll take a brief look at what Heartbleed is, how it works, and what you can do.

Not a virus, not a breach… so what’s in a bug?

Some of the confusion around Heartbleed is related to the semantics of computer security. If you have owned a personal computer in the last decade, you’re likely familiar with computer viruses that affect your computer’s performance by embedding themselves in your device’s Operating System (i.e. Windows, OSX, etc.) Major data breaches have also made it to the front page of news outlets more frequently in recent years as hackers target user information stored online. In December 2013, Target announced a breach where millions of credit card numbers were stolen. Sony had a similar breach back in April of 2011 where over 77 million accounts were compromised.

Heartbleed is neither a virus, nor a major breach. Unlike a virus, there was no software written with malicious intent. And yet, unlike a major breach, this was not a planned, organized effort to gain access to information. It is actually a flawed piece of code in OpenSSL.

SSL stands for Secure Sockets Layer, a computing protocol designed to encrypt and protect information. This technology was developed so that information could be sent and received privately, without tampering. OpenSSL is just one implementation of the SSL technology, and it can be used to protect data transmission on websites, email servers, chat servers, virtual private networks (VPNs), and more. You may notice a lock icon (see image to right) followed by https:// in your web browser’s address bar when you visit an encrypted website. The s is short for secure and these both signify that the connection is encrypted. Not all websites use encryption, and not all websites employ OpenSSL to achieve encryption. Still, roughly half a million websites use the OpenSSL version that is vulnerable to the Heartbleed bug according to Netcraft’s April 2014 Web Server Survey.

What’s the danger?

So where exactly does this vulnerability occur in OpenSSL? That is as humorous as it is terrifying. Here’s the vulnerable code:  “memcpy(bp, pl, payload);”

Did you catch that? Let’s look a little closer.

Heartbeat to heartbleed

Heartbeat is a term used to describe a connection check done between a server and a client. For context, imagine you are connecting to a server (i.e. a website). The client (you!) will send a heartbeat message to the website, and the website will send it back to you. This response notifies the client (again, that’s you) that the connection is still open and functional. The heartbeat message is useful because it prevents data from being transmitted when the connection is lost, and unnecessary connections can be closed.

If you look again at the vulnerable code “memcpy(bp, pl, payload,)” that’s the heartbeat. The payload part of that code can be manipulated to ask servers for extra information (e.g. usernames, passwords, and other information that was supposed to stay encrypted.) That means a hacker could use the common heartbeat function with a website you’ve visited in the past and exploit the Heartbleed bug to pull back extra data — data that could contain your sensitive information!

The web comic XKCD came out recently with a informative — and humorous — visual take on it. Gizmodo has a far more detailed, but still very understandable, technical overview of the issue.

What should I do?

It is recommended that you change your password on affected sites after they have been patched. Changing your password does not address the underlying vulnerability, so be sure websites have implemented the fix before you make the change.

Mashable has compiled a useful “hit list” of popular sites where you can verify whether or not you should change your password. Additionally, LastPass has created a tool where you can input a website URL for vulnerability assessment.

You can also review UCSF’s Heartbleed bug information where they mention UCSF MyChart, Mail@UCSF, and MyAccess sites are not vulnerable.

Is my phone or tablet affected?

Apple released a statement last Thursday that they are not employing OpenSSL as the method of authentication for their iOS and OSX platforms, or other “key web services.” You do not need to change your AppleID password unless you use the same password for another service that may have been compromised.

Google’s Android operating system has not employed OpenSSL since version 4.1.1, but Google web services which require login (GMail, Google Docs, etc.) were vulnerable to the bug. You should change your Google account password. Additionally, if you are running Android version 4.1.1, you should check if an update is available for your device.

So many passwords! How to keep track?

We all know the rules. Don’t use the same password twice, make them complex, and change passwords frequently. In the real world, managing so many passwords is incredibly difficult. Remembering these passwords on the go with your mobile device is that much harder.

There are, however, several password managers available that can help with this daunting task. The aforementioned LastPass is a very popular web-based password manager with free and premium options available. The premium option gives access to mobile applications at $12 a year. My personal favorite, KeePass, is an open-source application available on most platforms. You can gain mobile access to your KeePass encrypted database by hosting it in a Cloud Storage provider like Box, Dropbox, Google Drive, etc. LastPass, KeePass, and other password managers can help keep you safe by storing unique, complex passwords in a secure place.

Additional Information

The Heartbleed official site is http://heartbleed.com, and you can find some less technical information in this overview at Gawker’s Non-Geek’s Guide. WIRED  also has an eye-opening review of how this happened and the lesson we should learn from it. Be safe out there, folks.

No related posts.

Categories: Mobilized

UCSF Archives Lecture Series: Lessons at UCSF from the Early AIDS Epidemic, April 16, 2014

Brought to Light Blog - Fri, 2014-04-11 16:13

Join us on Wednesday, April 16th for a special program featuring prominent UCSF faculty. This is the second lecture in a series launched by UCSF Archives & Special Collections.

Learning from Our History: Lessons at UCSF from the Early AIDS Epidemic

UCSF played a leading role in the early response to the AIDS epidemic. UCSF faculty and staff helped create important models of care, made many key discoveries into the nature of the disease and its management, and faced the many emotional and ethical burdens at a time when personal safety could not be assured in patient care. This event will be less a lecture and more a conversation of those early days with four prominent UCSF faculty members, each of whom were present and active from the very first days of what would become a massive epidemic. They will offer their own perspectives on this history and engage with each other and the audience in this program.

Presenters: Drs. John Greenspan, Paul Volberding, Molly Cooke, Jay Levy (UCSF) Date: Wednesday, April 16, 2014
Time: 12:00 pm – 1:15 pm
Location: Lange Room, UCSF Library, 530 Parnassus, 5th floor

This lecture is free and open to the public. Information on how to sign up or donate to AIDS Walk San Francisco will be available before and after this event. AIDS Walk San Francisco benefits HIV/AIDS programs and services throughout the Bay Area, including some at UCSF.

About the UCSF Archives & Special Collections Lecture Series

UCSF Archives & Special Collections launched this lecture series to introduce a wider community to treasures and collections from its holdings, to provide an opportunity for researchers to discuss how they use this material, and to celebrate clinicians, scientists, and health care professionals who donated their papers to the archives.

Categories: Brought to Light

It’s All About Audience

CKM Blog - Fri, 2014-04-11 16:01

Back in February, the new Web Projects Team made known our purpose and guiding principles. All of that still holds true, but we realized that “Support education and meet the research needs of our users regardless of location or device” might need some clarification. UCSF is a somewhat unique academic institution having more staff than students and no undergraduates, among other things. So who is the primary audience that the library supports?

Primary Audiences served by the Library

  1. Teaching faculty
    • usually also involved in clinical research or practice or basic science research
  2. Students in degree programs
    • professional students in medicine, pharmacy, nursing, and dentistry
    • graduate students in basic science
    • graduate students in social sciences, nursing, and history
  3. Researchers in basic science or clinical medicine
    • faculty
    • postdocs
    • PhD students
    • lab managers/research staff

Notice that there is a fair amount of overlap between audiences with some people wearing multiple hats.

Of course there are others who use the Library too, for example, alumni, the public, visitors, Library staff, outside librarians, etc. They can all still benefit from parts of our site, but their needs will not drive decisions about how to structure our web pages and services. Ultimately, everything about the UCSF Library web should make it easier and more intuitive for the three audiences listed above to meet their research and education needs. All else is secondary, though not necessarily unimportant.

UCSF by the numbers

To define these audiences, we began by simply consulting the counts already provided by UCSF. However, those completely ignore Lab Managers and Research Assistants who have many of the same library needs as postdocs. There are also other staff members who do a lot of legwork for faculty, and therefore, reflect the library needs of faculty even though they are not counted as such. And if you talk about “students,” you must realize that the library needs of a medical student are completely different from those of a social sciences PhD. This means that the numbers are a rough estimate for our purposes.

These less obvious realities were gleaned from talking to people. The Library already tends to focus a lot on the Service Desk and subject liaisons when thinking about user interactions. To balance that, we decided to interview a variety of other library employees who act as liaisons to various user segments with library needs. A big thank you goes out to these individuals who took the time to share their super-valuable insights about user work patterns, language, and challenges!

  • Megan Laurance on basic science researchers
  • Art Townsend on Mission Bay users
  • Ben Stever and Kirk Hudson on Tech Commons users
  • Polina Ilieva and Maggie Hughes on researchers of special collections and archives
  • Dylan Romero on those who use multimedia stations and equipment and the CLE

A few other sources of insight came from meetings of the Student Advisory Board to the Library, LibQual feedback, and the Resource Access Improvement group.

We also came to the conclusion that it is helpful to think about users in terms of what they DO rather than by title alone. It’s the nature of their work that really defines their needs regarding library support. Once again the numbers are a rough estimate, but the segmentation they reveal is still helpful.

Next Steps

The Web Projects Team will continue to make iterative improvements to the Library web presence, some small and some larger, driven by our now established Purpose and Guiding Principles and through the lens of our primary audiences.

We will also be regularly checking feedback from end users via usage statistics and quick user tests, and that will in turn, drive further improvements. In addition, we’ll continue to share about the evolution of the Library web and improvements to the user experience. If you have questions or comments on any of this, we’re all ears!

photo credit: Reuver via photopin cc

Categories: CKM
Syndicate content