Rants, Raves, and Rhetoric v4

Category: Learning Management Sys

  • DSID-0C090334

    Working with our clients on LDAP configuration almost invariable starts with SSL certificates. Self-signed, intermediate, and take up a while. The two tools, openSSL and keytool have become my friends. Working with a network admin for the client, I finally saw the legitimate certificate correctly signed by the intermediate certificate not the self-signed. This means I…

  • HtmlSecurity.config

    If you are a CE/Vista admin, then you should probably be aware of $WLDOMAIN/serverconfs/HtmlSecurity.config. This file has the regex code for blocking inappropriate input by users to exploit forms. Say a student wants to write a mail message to another student with JavaScript to execute malicious code to hijack a session. One of the regexes…

  • Pick Up Line

    (I will never use.) My name’s Vista. Can I crash at your place tonight? Noticed at geekpickuplines. Especially funny for me because the product I run is the Blackboard Learning Management System Vista Enterprise. We just call it “Vista”. (Yes, very confusing when Windows Vista users want to know the compatibility of Vista with Vista. The…

  • OpenSSL Handshake

    One of the questions we ask our clients initiating an engagement to help them setup external authentication from our LMS to their server is, “What is the certificate authority for your SSL certificate?” We have been burned by people purchasing certificates from authorities Java does not support. (And the support is indeed limited compared to say,…

  • LDAP Fiasco

    Last week I logged into the ticket management system to look at updates to cases overnight and saw a pop-up for a “widespread issue”, basically two school, involving LDAP. So I looked up the case. The two schools were on the same cluster. Most likely the problem was on my end, which sucks. Security people…

  • The Cause

    Found I develop free software because of CUNY and Blackboard following the Blackboard security issues story. It is a really good blog post. This conclusion made me smile. I am certain there are plenty of people in the system I support who strongly agree. I just wish there was an easier way of finding and…

  • Blackboard Security

    Interesting articles accusing Blackboard of being lax about security. A Black Eye for Blackboard Over Its Response to Major Security Flaws which is about Millions of student exams, tests and data exposed. I saw the security bulletins, but I was not aware of the back story leading to why it was announced. We run an unaffected…

  • Smaller Java Cache

    One of our campus Blackboard Learning System Vista Enterprise administrators reported to have reduced the number of Java cache related issues (failed sessions) by changing the Disk Space Allotment from the 1,000 MB default down to 100 MB. This is found in the Java Control Panel > General tab > Temporary Internet Files: Settings. I…

  • Duplicate Selective Release

    Analyst asked me to look at the server logs for a case where students were getting system exceptions. Armed with the JSESSIONID, I found many cases in the webct.log of an error called: “Stack size too large”. In my old email, I found a September 2010 discussion with Rajini Prabhu and Mike Cooling about thread-dump analyzers. In it Rajini…