MyLU Insider

MyLU Insider

Internal Communications

Cloudflare “Cloudbleed” Information Disclosure

Technology Services is closely monitoring an unfolding and wide-reaching security disclosure from the internet content delivery company Cloudflare. The underlying incident — dubbed “Cloudbleed” — potentially exposed sensitive information from internet sites that used Cloudflare during the period of September 22, 2016 through February 20, 2017.

Lawrence does not use Cloudflare, so Cloudbleed affects none of the university’s sites and services like the Lawrence website or Voyager. We are not aware of any impact on third-party service providers who work with Lawrence at this point.

Because Cloudflare serves over 2 million websites, it is possible that you will receive notification from sites and services you use if those services determine that any private information leaked because of Cloudbleed. Compared to other breaches, bugs, and vulnerabilities over the past year, Cloudbleed appears to be a mostly low risk to individual users. Fully understanding the coverage from media outlets can be difficult, but security researcher Ryan Lacky provides good advice for individuals who are concerned about what Cloudbleed means for them:

From an individual perspective, this is straightforward —the most effective mitigation is to change your passwords. While this might not be necessary (it is unlikely your passwords were exposed in this incident), it will absolutely improve your security from both this potential compromise and many other, far more likely security issues. Cloudflare is behind many of the largest consumer web services (Uber, Fitbit, OKCupid, …), so rather than trying to identify which services are on Cloudflare, it’s probably most prudent to use this as an opportunity to rotate ALL passwords on all of your sites. Best practice is to use a long random string for each password, unique for each site, and to manage that collection using a “password manager”, such as 1Password, LastPass, or the built-in password managers in modern web browsers. Users should also log out and log in to their mobile applications after this update. While you’re at it, if it’s possible to use 2FA or 2SV with sites you consider important (using something like TOTP/Google Authenticator or U2F), that’s a meaningful security upgrade, too.

(from the article Cloudbleed: How to deal with it — https://medium.com/@octal/cloudbleed-how-to-deal-with-it-150e907fd165#.7mysif5j1).

Technology Services will continue to track the Cloudbleed incident and will provide further recommendations if necessary.

For those interested, more information is available at the following locations:

In memoriam: Michael LaMarca

Michael LaMarca, the Raymond H. Herzog Professor of Science and professor emeritus of biology, died Feb. 9 of complications from a stroke in Rochester, Minn. He was 85.

A specialist in reproduction and developmental biology, LaMarca joined the Lawrence faculty in 1965 and taught with distinction until his retirement in 1995. His career as a scientist and teacher was distinguished by his legendary commitment to the disciplined study of the living world. He was recognized with Lawrence’s Excellence in Teaching Award in 1983.

From the study of amphibians to the exploration of human reproduction, LaMarca guided students for 30 years in both the technical and ethical investigation of biological science. His enthusiastic teaching style impacted thousands of students, especially those he mentored through independent study, many of whom went on to distinguished careers of their own as doctors, researchers and educators.

He served as the scientific director of the in vitro fertilization program at Appleton Medical Center from 1985 to 1995 and his guidance was critical to the impressive successes of northeast Wisconsin’s first such program. Under LaMarca’s tutelage, numerous Lawrence students were able to begin their own research careers there.

LaMarca’s own research earned him a place of influence and honor in the scientific community and took him to laboratories and research centers around the country, including Argonne National Laboratory, the Woods Hole Oceanographic Institution and Harvard University School of Medicine, among others.

A native of Jamestown, N.Y., LaMarca was the first member of his family to attend college, earning a degree in biology from the State University of New York at Albany. He spent four years in the Air Force during the Korean War, serving active duty stateside as a meteorological officer while achieving the rank of lieutenant. He went on to earn his Ph.D in zoology at Cornell University and spent two years teaching at Rutgers University before joining the Lawrence faculty.

He is survived by his wife of 63 years, Joan LaMarca, daughters Cathy Stroebel, Rochester, Minn., and Nancy Gordon, Eden Prairie, Minn., and four grandchildren: Ben, Hannah and Andy Stroebel; and Zach Gordon. He was preceded in death by his oldest daughter, Mary LaMarca.

The family has requested memorials be directed to the National Science Teachers Association or the National Academy of Sciences.

LUX: New name, slightly new program for admitted students

On Thursday night, Feb. 23 and Friday, Feb. 24, we will welcome dozens of applied and accepted students to Lawrence for our first admitted student open house of the year. We have renamed the program LUX, where we will be shining a light on the Lawrence University experience. (We trust families will not confuse this with our library friends’ search tool of the same name.)

This February program is an addition to our programming this year. We will still offer our two programs in April (9–10 and 23–24). For students who applied and were admitted through one of our Early Action rounds, we are offering this program to capitalize on peak interest at the right time, rather than making them wait till April for “the good stuff.”

For more about the program, please visit the LUX page.

Note to faculty and coaches: In previous open houses, we have encouraged your attendance at lunch to meet and mingle with families. We have changed up the programming, inviting local alumni to mix and mingle at lunch, so you need not feel obliged to attend lunch. (We will not turn you away, however, if you do choose to attend.)

Feb. 28: Seniors: Support, Strategies and Success (S4) alumni panel

What happens after graduation? Recent alumni Mike Pope ’12, Val Neff ’13 and Dr. Richard Amankwah ’06 will discuss how they transitioned to life after Lawrence. Learn what life was like after graduation, how they started their careers, found places to live, made new friends and more! This session starts at 6 p.m. in the Warch Cinema. Registration in LUworks is appreciated.

Feb. 24 deadline to apply for Leota Ester Fellowship at Bread for the World

Help provide legislative and administrative support to the government relations policy analyst(s) responsible for international humanitarian and poverty-focused development assistance issues at Bread for the World. Through the generosity of Leota Ester P’78, this opportunity pays a $5,000 stipend. Apply in LUworks.

Feb. 24: Fourth Friday Soup & Salad

Fourth Friday Soup & Salad
Feb. 24, noon–1 p.m.

This is a monthly lunch for Lawrence employees. Soup and salad will be provided; no reservations are required. The topic for discussion this month is “Social media and technology, what have you discovered works for creating space for conversation.” This week, you will be invited to set your cell phone down when you come for lunch.

Update: Brown recluse spiders

You might recall this past summer we dealt with brown recluse spiders at the facilities building. We treated the problem and did not see any further signs of the spiders. With the warmer weather, what appears to be brown recluse spiders have been seen at the facilities building. We are once again treating them. If you see anything that you are concerned about, please contact facility services at ext. 6602. Thank you.

Feb. 28: Caravel Autism Health info table

The Caravel Autism Health staffing coordinator will share information about flexible, paid part-time opportunities for students who want to work in autism behavioral therapy roles in the Fox Cities. Caravel uses the applied behavior analysis (ABA) process of applying interventions.  Visit the info table in Warch from 11 a.m. to 1 p.m. Register for 1:1 chats in LUworks.

Introducing … Resonance Communications Fellowship

Do you know or work with any talented, multi-interested students? Of course you do! Or are you a student who’s interested in a career in marketing, journalism, public relations, photography or graphic design? The Office of Communications is seeking freshmen, sophomores and juniors to apply for a new fellowship opportunity in our office.

This selective internship, which we’ve named the Resonance Communications Fellowship, will allow students the opportunity to work in several communications disciplines in support of the college’s reputation enhancement and related communications activities. They will be assigned a lead mentor and will have the opportunity to work with several staff members over the course of their fellowship. Fellows will be expected to make substantive contributions to the work of the department, with particular emphasis on storytelling—in a variety of forms—from the student perspective. Fellows will be assigned projects ranging from but not limited to: stories in Lawrence magazine, photo portraits, video editing, student blogs, social media campaigns, building/editing of the lawrence.edu website, admissions materials and promotional print materials for other offices.

Expectations of fellows will be similar to those of salaried staff, including regular, prompt attendance and the preparation of regular progress reports. Since much is expected of them, fellows will receive a salary above that of paid student workers.

If you know of a student who would be a great fit for this new opportunity, feel free to email Resonance coordinator Kasey Corrado at kasey.r.corrado@lawrence.edu and/or refer the student to the position posting on LUWorks.