SMU OIT issues advice on Heartbleed bug

cyber security

SMU OIT issues advice on Heartbleed bug

Heartbleed graphicThe Heartbleed bug made big news in mid-April 2014 as an online security vulnerability with potentially devastating consequences.

SMU’s Office of Information Technology has issued advice on protecting yourself against Heartbleed, detailed in this e-mail message dated Wednesday, April 16, 2014:

By now you’ve probably heard about the internet bug known as Heartbleed. This security vulnerability has impacted a large number of online sites potentially exposing password information. OIT has been diligent in assessing and addressing SMU provided services as soon as the software patches were released.

Due to the potential risk that existed with this vulnerability, we are encouraging the campus community to take the following steps to ensure the protection of their accounts and data:

  1. Reset your SMU password by visiting If you know your current SMU password, click on CHANGE. If you do not know your password, click Reset. Once you have set a new password, update any mobile devices that may also be configured for email or wireless access using that account.
  2. Apple iOS devices: If you previously installed the Cisco AnyConnect client on your Apple iPad or iPhone, please visit the app store and download the latest version of the client. The previous version was impacted by this security flaw. Several other applications that you may have downloaded from the app store are releasing updates to address this flaw. We recommended applying these updates as well.
  3. Android devices: Please check the software version that your device is running. If it is on version 4.1.1, it is vulnerable. Check for updates to the OS which will be released by your cell phone vendor. Several other applications that you may have downloaded from the Playstore are releasing updates to address this flaw. We recommended applying these updates as well.
  4. External sites: The following external sites have recommended a password change: Dropbox, Facebook, Google, Etsy, Fandango, Android/Google apps, Hulu, Instagram, Pinterest, Steam, Stripe, TurboTax, Tumblr, Prezi, and Yahoo. This is not a comprehensive list! Please check with each website on which you currently have an account to review their recommendations.
  5. Be on guard against phishing attempts! With so many sites encouraging users to change their passwords, we anticipate an increase in phishing emails. Please visit the websites directly to access any password reset utilities rather than clicking on links in an e-mail.

Password Security Tips

Although it is inconvenient to change all of your online passwords, we strongly encourage you to do so to protect your information. The following are a few password tips to remember as you update your accounts:

  • Do not use personal information in your passwords such as birthdate, zip code, name, pet names, etc.
  • Do not use the same password for all of your accounts.
  • Select a strong password using capital letters, lowercase letters, numbers and symbols.
  • Select a password that is easy to remember (so you don’t have to write it down) but make sure it is difficult for anyone else to guess!

> Get help and find more information at

April 17, 2014|News|

National expert to lead broad cybersecurity initiative at SMU

Fred ChangFrederick R. Chang, a recognized national expert in cyber security, has joined SMU to develop a multidisciplinary program aimed at tackling the most pressing cyber challenges facing individuals, business and government today.

Chang, whose career includes leadership positions in academia, business, and in government at the National Security Agency, is the new Bobby B. Lyle Endowed Centennial Distinguished Chair in Cyber Security. The position is made possible by a financial commitment from SMU trustee and longtime benefactor Bobby B. Lyle, for whom SMU’s engineering school is named.

> More about Fred Chang from SMU News

SMU’s first Centennial Distinguished Chair provides a faculty position endowed at $2.5 million, plus start-up funding of $1 million for the first five years to provide immediate support for the position and related research. The establishment of a Centennial endowment is available only to donors during the SMU Centennial commemoration, March 1, 2011, through Dec. 31, 2015.

In addition to holding the Lyle Chair, Chang also will be a professor of computer science in the Lyle School of Engineering and a senior fellow in the John Goodwin Tower Center for Political Studies in Dedman College of Humanities and Sciences. His appointments to positions in both the Lyle School and Dedman College reflect the interdisciplinary approach he believes is key to effective cyber research.

“Economic and national security are bedrock issues for our country,” said SMU President R. Gerald Turner. “Dr. Chang is prepared to take advantage of the University’s commitment to education, research and dialogue to deal with these critical issues, and will bring to the table students and faculty in all disciplines to find solutions. We are delighted to welcome him to SMU, where our students fully expect to be world changers.”

Network World: Cybercrime service automates creation of fake IDs, other verification documents

Chang has aggressive objectives to:

  • Conduct broad programs of research aimed both at creating a science of cyber security and addressing national cyber security priorities.
  • Apply an interdisciplinary approach to challenging problems, incorporating elements from disciplines not traditionally associated with cyber security such as law, business and the social sciences.
  • Help close the skills gap in cyber security by educating and tapping the innovation capabilities of SMU students to meet the demand for trained cyber professionals.

“Professor Chang arrives at SMU Lyle at an important moment,” said Lyle School Dean Marc Christensen. “The impact of cyber crime and cyber terrorism cannot be overstated. As Professor Chang joins SMU Lyle to lead our already strong cyber security researchers, he is poised to make a notable difference in this arena. We will be educating a generation of SMU graduates who understand the complexities of cyber-related issues whether their degree is in computer science or philosophy.  These students will be better suited to live, work, and play in the modern interconnected world.”

Chang served as the director of research at the National Security Agency (NSA) in 2005-06, where he was awarded the NSA Director’s Distinguished Service Medal. In addition, he has held several senior executive positions at SBC Communications, prestigious positions at both the University Texas at Austin and the University of Texas at San Antonio, and was most recently president and chief operating officer of 21CT Inc., an advanced intelligence analytics solutions company in Austin.

Learn more about Dr. Chang’s CV

“Dr. Chang’s experience at the highest levels of government, industry, and academia has given him a unique perspective on the cyber security landscape,” said Paul Ludden, SMU provost and vice president for academic affairs. “He has influenced the national dialogue and policies on cyber security through his work at the NSA, his testimony before congressional committees, and his presence on academic and industrial advisory boards as well as his peer journal editorial board work. He will continue that influence at SMU.”

“It is an honor and a privilege for me to have the opportunity to join SMU at this crucial time in the evolution of cyber security,” Chang said. “From the Lyle School of Engineering, to the Tower Center for Political Studies and across campus, I feel a tremendous sense of chemistry and collegiality here. There is also a sense of urgency, purpose and mission that is especially appealing. To be part of this is tremendously exciting to me.”

Written by Kimberly Cobb

> Read more of this story from SMU News

September 6, 2013|News|
Load More Posts