At the end of last year we’ve promised an update on how we are planning to make access to our services more secure. In this post we expand on those plans. In short: we are going to deploy 2FA on Science accounts and make it mandatory for services that are reachable from the internet. How this all works from an organizational standpoint is, at this point, not complete clear yet. Do we need a “in-person” vetting procedure? Or do we allow users to enable this themselves in DIY? Ideas on this will surface after the test period. ...

A new version of Mathematica (14.2.0) has been installed on all C&CZ managed Linux systems, older versions can still be found in /vol/mathematica. When connected wired or wireless on campus or through VPN, the software for Windows, Linux and macOS can be found on the C&CZ Install disc. During the installation you must specify: License server: mathematica.science.ru.nl License: L4601-6478 According to the Mathematica Quick Revision History: “Version 14.2 introduces a powerful tool in Tabular, which provides a very streamlined and efficient way to handle tables of data laid out in rows and columns, with hundreds of other functions enhanced to make use of its special features. Additional new functions and improvements have been added to enhance neural nets and LLMs, work with game theory, improve GPU computation, and expand images and videos.” ...

Due to a phishing attack targeting science accounts, and the subsequent abuse of RU mail servers to sent out spam and phishing from valid science e-mail accounts, we were forced to employ a set of defensive measure as evident from cpk/1381, cpk/1382, cpk/1381. To prevent further abuse (and disruption) caused by compromised accounts, we have had to temporarily restrict access to some science services. These services include: Anything related to e-mail: Roundcube, authenticated SMTP, IMAP, and POP3. SSH access to the LILOs (see cpk/1383 for a workaround). DIY as well as the new replacement. Email services are now being reopened on a per science account basis. A set of approximately 1,000 accounts has regained normal access. To request access, please contact us. ...

C&CZ has been working to replace the current DIY website to make it easier to add new functionality to it. This work included a rewrite of the website and a large part of our tooling to the Go language. Taking the Dutch term for DIY (Doe Het Zelf - DHZ) prefixing it with Go, this resulted in the codename “godzilla”. A pre-release of this new website is running on https://godzilla.science.ru.nl. Note this site is fully functional (modulo bugs), so any changes made there are really being made to your science account. Eventually this version will run on https://diy.science.ru.nl. ...

The Science VPNsec and OpenVPN service will be discontinued as of 2024-12-01 (1 Dec 2024) 2024-11-26. To ensure continued secure access to our network, we recommend transitioning to eduVPN, our officially supported VPN service. This was first announced in February 2024. If you have any questions or require assistance, feel free to contact us.

A new version of Mathematica (14.1.0) has been installed on all C&CZ managed Linux systems, older versions can still be found in /vol/mathematica. When connected wired or wireless on campus or through VPN, the software for Windows, Linux and macOS can be found on the C&CZ Install disc. During the installation you must specify: License server: mathematica.science.ru.nl License: L4601-6478 According to the Mathematica Quick Revision History: “Version 14.1 introduces the unified Wolfram application and expands Wolfram Language by offering new tools for working with neural nets and LLMs, for finding differences in content, for working with images and videos, and for exploring scientific evaluations through biomolecules, astrophysics and more” ...

Recently, the Radboud news reported that students can have small repairs to their laptops done in the RUpair-shop without any labor time being charged. For students and employees of FNWI, the C&CZ helpdesk provides a similar service. Stefan Reijgwart and Dominic van den Broek in particular are specialists in repairing laptops, among other things.

The latest version of Matlab, R2024b, is available. The software and license codes are directly available for Science accounts and can be requested by other entitled users by sending mail to the helpdesk. The software can also be found on the install-share. All C&CZ-managed Linux machines have this version installed, the older version (/opt/matlab-R2024a/bin/matlab) will be available temporarily. The C&CZ-managed Windows machines will not receive a new version during the semester to prevent problems with version dependencies in current lectures. ...

If you use C&CZ storage, you now have the new option to access these via network protocols other than SMB (for Windows and macOS) and NFS (for Linux), namely: sftp: a secure variant of FTP https: a (read-only) view of the share for browsers webdavs: a (read-write) view of the share for browsers and webdav clients s3: a read/write view using the Simple Storage Service (S3) Each of these may be active at the same time, and optionally can have an end date, so you can “open up” a share for writes from another organisation which then automatically “closes” at the end date. For sftp, authentication is done via an SSH key. The other protocols are authenticated with a username and password. These credentials are not tied to any person and are easily revoked or re-generated if the need arises. ...

The Science mailservice used Spamhaus for decades as one of the blocklists to filter spam in mail. When we were notified that we would need a commercial license that would cost ca. 5kEUR/y, we investigated how much more spam would come through without the Spamhaus service. This showed that users would get more spam, but most of it would be delivered in the Spam folder. Next to that, we expect that the spam filtering of the also used Exchange Online Protection will improve. ...