Latest Event Updates
Back in February I received a phishing attempt for my account on Wikipedia. I knew it was a phishing attack because Wikipedia thought it was probably me when the IP address that was used to request my password reset. If anyone reads Graham Cluley they would know enough about hackers and stupid end user tricks to realize that it doesn’t have to really be me to hack me with this type of password attempt method that is very obvious.
While I am in IT and work with F5’s, security and servers in my position as a System Administrator, I do care that someone else could get nabbed in a phishing scam. so, being the proactive I thought I would give Wikipedia a heads up and that they may look into it as they gave me an IP address in the UK as the one that had asked for the password reset. Hum, I live in the US, have never left the country except for a few visits to Niagara Falls and a cruise to the Bahamas both when I was in my teens or early 20’s. Let me see, that would make it the late 70’s or early 80’s so I don’t think I was logged into a Wikipedia account at that time. You would think right?
You would also think that having a user, you have a pattern of log on attempts and IP’s from which they came from. This would eliminate that I was in the UK, or would trigger a security alert that would drop the request. At the very least it would send in wary email saying someone requested a reset from an IP in a location you have never tried to log in from before. Nah, instead I receive:
Someone (probably you, from IP address 126.96.36.199) requested a reset of your password for Wikipedia
Later in the email it says:
This temporary password will expire in 7 days.You should log in and choose a new password now. If someone else made this request, or if you have remembered your original password, and you no longer wish to change it, you may ignore this message and continue using your old password.
To me that is just ignoring the possible phishing attack, while the response was even more incredulous that I don’t think they take security very seriously to escalate it another level to verify a possible attack to other accounts from the same IP or range.
I don’t think there’s much we can do here – if you didn’t make the password reset request then it should be ignored.
This is why many companies are hacked. They don’t take it serious or choose stick their heads in the ground.Good security is more than changing your password.
I’ve been offline quite a bit the last year, with just a few posts here and there. A lot of my writings have been along the personal bent instead of technology, education and new technologies that are leading the field in education. With that in mind I will be separating the family and personal from the technology. I have another blog that I have started creating called “It Affects Me” I couldn’t get that URL, so I did a grammar no, no (sorry Michael) and called it http://iteffectsme.wordpress.com.
I plan to discuss it all, technology, education, coding, PowerShell and reviews of new technology.I have already found out that you cannot trust that what you would consider a good source to be one that will give you the time of day. What am I talking about? Here are teo examples. The first involves the @ScriptingGuys and this Tweet asking for help while whining a the same time: “What use is PS if I can’t run a program I’ve copied to 43 servers because of security in Win2012 Server R2?” I got some every helpful advise from @twiztedsteel who got me to the part I was leaving out.
The second was to @deployjeremy reading: “like the O365 #powershell tutorials. Looking for a script to add specific users to specific Groups. Staff to staff group, etc.” That was posted a month ago with no response at all. Not even an “I’m not sure.” That is completely unacceptable from someone who has a public presence on Microsoft’s Channel 9. Luckly in this case I used my AD skills to create a global Dynamic Security group that sync’s with Office365 in which I added all the needed users gythat group making them able to be a part of the group. It still needed some tweaking but its working. I’m hoping that the rest of the Powershell community is more helpful with questions than I have started out with.
I hope that everyone will visit both sites and enjoy them for what they are.
Currently Google, who like many of the other larger technology companies is forcing everyone’s hand with NPAPI, but a lot of you probably didn’t know that they changed YouTube’s API 2.0. This in turn broke plugins and Building blocks in a lot Learning Management Systems along with other web sites which were using a form of Mash Up. This includes the YouTube Blackboard Mash Up. While Blackboard does have instructions to work around the problem it has been over a year without a patch and none in site, While I understand that writing a patch or a building block is hard, either we are going to fix it or not, The directions provided by Blackboard work, but to me are not the easiest to follow and provide no picture. Below is the method I prefer with illustrations. I want to make it perfectly clear that the problem is with Google, not Blackboard that the MashUp is broken. While Googles statement on their Blog states:
The YouTube Data API (v2) has been officially deprecated as of March 4, 2014.
They state later on that it would continue to work until they made some other changes (April 20th, 2015.) they actually made the changes before that which is why there wasn’t already a patch from Backboard. I’ll give in to the point that it shouldn’t take a year to write a new Mashup using the API 3.0.
All the major technology companies believe it is in our best interest to change things behind the scenes without vetting it with the vendors that are using their hooks to do cool things with Googles product. Sometimes it is, sometimes it isn’t. Maybe Google should be communicating more with Vendors, working with them to write something that may get them started on the right track quicker. You just don’t deprecate something without helping those who are using it to try to fix it first. The same can be said for Oracle and Java. They took it upon themselves to move Java to high security, breaking quite a few web sites, including links to a lot of important sites..Not all sites were able to do their due diligence to get their sites updated to the latest and quite often buggy Java. This led to a lot of SysAdmins to start writing JAR files, setting up special installs of java that did not phone home and staying with an older more stable version until they could properly test the JAR with the new version and the affected web sites.
In the long run, there is too much power in the hands of too few companies and most users have no clue or care as long as it works. I appreciate that the users ask us to make it work, but I would prefer not to have to test multiple work around’s until I found the one that worked, Though it does keep me busy, I would really like to be doing something else that enhances the learning of the students in our schools instead of fixing something that Google broke..
These directions will help you add a YouTube video to Blackboard without using the Mashup Feature. Itt’s not really 18 Steps, the pictures are taking a step. There is 10 steps to add the video, which is a little more than normal, but it is effective and you can use the other features of the text editor to enhance the video. I hope that these steps are of use to you and I look forward to the day I can add the patched Building Block into Blackboard.
- Log into YouTube.com and select the video you wish to use.
- Select Share Below the video you wish to use.
- Select Embed
- Copy the text in the box that appears, it should look something like the wording highlighted in blue in the picture above and the example below.
- <iframe width=”560″ height=”315 src=”https://www.youtube.com/…….
- In Blackboard in your content area Click Build Content > Item
- In the editor section select the HTML icon
- Paste the Embed Code you just copied from YouTube into the HTML Box
- Click Update from the bottom right of the box
- The window will close and you will be back at the Item Content creation Window. Inside the window you will see a Yellow Square that is the embedded video. Don’t worry, that is normal.
- Complete anything else you wish to do in this window and click the Submit button to save your work.