CERN: Computing updates https://home.cern/ en CERN to host International Conference on Quantum Technology for High-Energy Physics (QT4HEP22) https://home.cern/news/announcement/computing/cern-host-international-conference-quantum-technology-high-energy <span>CERN to host International Conference on Quantum Technology for High-Energy Physics (QT4HEP22)</span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>We are pleased to announce that registration will open this week for the International Conference on Quantum Technology for High-Energy Physics, which will be hosted at CERN on 1–4 November 2022. The event will take place in the CERN Main Auditorium, with featured sessions being broadcast live.</p> <p>The conference will serve as a forum to discuss both the potential of and the challenges surrounding the nascent quantum technology and what overall impact this new frontier of science might have on high-energy physics (HEP). Bringing the whole community together, we will discuss recent developments in the field and keep looking for those activities within HEP and beyond that can most benefit from the application of quantum technologies.</p> <p>Spread across four days, the event will cover a number of topics ranging from four quantum technology areas (theory, sensing, computing and communication) to collaboration with academia and industry, entrepreneurship, training and education activities. There will also be a series of tutorials and hands-on sessions co-developed with companies and providers, to explore the fascinating field of quantum science to its fullest extent.</p> <p>Following <a href="https://home.web.cern.ch/news/news/computing/exploring-quantum-computing-high-energy-physics">a successful workshop on quantum computing in 2018</a> that marked the beginning of a range of new investigations into quantum computing at CERN, this is the first edition of the QT4HEP conference and a great opportunity to share knowledge and ideas, advance quantum expertise and skills and foster common activities with academia and industry on national and international levels.</p> <p>Join us as we unlock the full potential of innovative quantum technology and its great promise to support scientific research: <a href="https://indico.cern.ch/e/QT4HEP22">https://indico.cern.ch/e/QT4HEP22</a>.</p> <p>_______________</p> <p><strong>About CERN QTI </strong></p> <p>The CERN Quantum Technology Initiative (CERN QTI) is a comprehensive R&amp;D and knowledge-sharing initiative to investigate applications of quantum technologies for high-energy physics and beyond. Given CERN’s increasing information and communications technology and computing demands, as well as the significant national and international interest in quantum-technology activities, CERN QTI aims to provide dedicated mechanisms for the exchange of both knowledge and innovation.</p> <p><em>Find out more at <a href="https://quantum.cern/">quantum.cern</a> and on <a href="https://twitter.com/CERNquantum">Twitter</a> and <a href="https://www.linkedin.com/showcase/cern-quantum-technology-initiative-cern-qti/?viewAsMember=true">LinkedIn</a>.<br /> Link to the roadmap: <a href="https://doi.org/10.5281/zenodo.5553774">https://doi.org/10.5281/zenodo.5553774</a>.</em></p> </div> <span><span lang="" about="/user/151" typeof="schema:Person" property="schema:name" datatype="">anschaef</span></span> <span>Tue, 09/27/2022 - 15:53</span> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-09-27T13:43:06Z">Tue, 09/27/2022 - 15:43</time> </div> </div> Tue, 27 Sep 2022 13:53:26 +0000 anschaef 185452 at https://home.cern Computer Security: Push & pain https://home.cern/news/news/computing/computer-security-push-pain <span>Computer Security: Push &amp; pain</span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>With the demise and tighter regulation of cookies as a result of the EU’s General Data Protection Regulation (GDPR), more and more websites are moving to alternative methods to get at your data. For curiosity, for spamming, for selling, for promoting – based on the principle of “if it’s for free, you pay in data”. <a href="https://www.bleepingcomputer.com/news/security/sites-trick-users-into-subscribing-to-browser-notification-spam/">Browser notification spam</a> is increasingly becoming the new method to promote unwanted extensions, fake software, adware bundles, adult sites and scam sites. Don’t fall for it! Tame your curiosity. And follow the general mantra of “STOP – THINK – DON’T CLICK”.</p> <p>Browser notifications are becoming the new spam of the web, presenting you with a kind of paywall before you can access a webpage, video or web functionality. But you don’t pay with money, you pay with your data – location data, activity tracking – or by installing unwanted extensions. For example, the French bank Crédit Agricole asks for location data when it is not even clear what the purpose of such a request is. Ideally, you should just decline unless you see a benefit for your usage of that webpage (e.g. finding an ATM in your vicinity).</p> <p>Similarly, we have seen an increased number of devices running Omnatuor – mainly unsolicited, unwantedly and maliciously. Omnatuor.com is part of an advertising service that website publishers can use to generate revenue on their sites. Unfortunately, there are malicious programs that are redirecting users to these Omnatuor.com ads without the permission of the publisher in order <a href="https://www.trendmicro.com/en_us/research/21/g/browser-notification-spam-tricks-clicks-for-ad-revenue.html">to generate revenue</a>. Your data, your clicks, their money.</p> <p>It goes without saying that installing additional extensions, programs or software from untrusted third-party websites must be avoided. Just. Don’t. Do. It. You never know what you’ll get. Adware? A hidden VPN gateway (see our <em>Bulletin</em> article on “<a href="https://home.cern/news/news/computing/computer-security-tunnel-madness">Tunnel Madness</a>”)? <a href="https://home.cern/news/news/computing/blackmailing-enterprises-you-are-patient-zero">Malware</a>? With any installation, you put your device, your digital life and, probably, also the operation and reputation of the Organization <a href="https://home.cern/news/news/computing/computer-security-blackmailing-academia-back-pen-and-paper">at risk</a>. Avoid that pain. Avoid push notifications via your browser. Once again: “STOP – THINK – DON’T CLICK”.</p> <p>So, if a webpage acts in weird ways, doesn’t display properly, hosts ads in places where they shouldn’t be, triggers pop-ups of other webpages, asks to install additional software or redirects you to websites you didn’t expect, the time has come to be vigilant and <a href="https://malwaretips.com/blogs/remove-omnatuor-com/">check your device</a>. Consider installing an ad-blocker from your favourite browser’s app store (like Privacy Badger, uBlock or Ghostery, to name just a few). And feel free to contact us at Computer.Security@cern.ch for advice and help.</p> <p>____</p> <p><em>Do you want to learn more about computer security incidents and issues at CERN? Follow our <a href="https://cern.ch/security/reports/en/monthly_reports.shtml">Monthly Report</a>. For further information, questions or help, check <a href="https://cern.ch/Computer.Security">our website</a> or contact us at Computer.Security@cern.ch.</em></p> </div> <span><span lang="" about="/user/151" typeof="schema:Person" property="schema:name" datatype="">anschaef</span></span> <span>Fri, 09/23/2022 - 12:50</span> <div class="field field--name-field-p-news-display-byline field--type-entity-reference field--label-above"> <div class="field--label"><b>Byline</b></div> <div class="field--items"> <div class="field--item"><a href="/authors/computer-security-team" hreflang="en">Computer Security team</a></div> </div> </div> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-09-23T10:34:35Z">Fri, 09/23/2022 - 12:34</time> </div> </div> Fri, 23 Sep 2022 10:50:00 +0000 anschaef 185375 at https://home.cern CERN openlab trains next generation of computing experts https://home.cern/news/news/computing/cern-openlab-trains-next-generation-computing-experts <span>CERN openlab trains next generation of computing experts</span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>In July and August, 32 students came to CERN to work hands-on with cutting-edge computing technologies through the CERN openlab Summer Student programme. Last week, the students presented their projects in a series of five-minute “lightning talks”.</p> <p>CERN openlab is a unique public–private partnership, through which CERN collaborates with leading technology companies – including Intel, Oracle, Siemens, Micron, Google and IBM – to accelerate innovation in the computing technologies needed by its research community. Today, over 30 joint R&amp;D projects are being carried out at CERN through CERN openlab.</p> <p>Education and training are important parts of CERN openlab’s mission. Thus, each year, the companies participating in CERN openlab sponsor a nine-week summer-student programme. The selected students participate in a series of lectures (available free and online <a href="https://www.youtube.com/playlist?list=PL6583_bOAHxYEv4SWFykqbA2kIBFUb12U">here</a>), visit different parts of the Laboratory and work on projects guided by IT experts at CERN. This year, projects addressed technologies such as quantum computing, supercomputing, machine learning and open data.</p> <p>“During their stay at CERN, the students are immersed in an environment of cutting-edge technology and innovative thinking,” says Enrica Porcari, head of the CERN IT department. “They also bring fresh ideas and approaches to the teams they work with at CERN.”</p> <p>32 students from 19 countries were selected for the 2022 CERN openlab Summer Student programme, from 1770 applications. Their five-minute “lightning talks” summarising their projects can be accessed here: <a href="http://cern.ch/go/n9Mr">http://cern.ch/go/n9Mr</a> and <a href="http://cern.ch/go/t6fX">http://cern.ch/go/t6fX</a>. A panel of judges scored the talks, with the top three students receiving prizes from CERN. The top three were as follows:</p> <p>1st place: Kane Bruce (USA), ‘<a href="https://cds.cern.ch/record/2834126">EOS continuous integration improvements (ARM64, Ubuntu, OpenSUSE)</a>’.</p> <p>2nd place: Jay Patel (India), ‘<a href="https://cds.cern.ch/record/2834160">Generative models using Continuous Variable Quantum Computing</a>’.</p> <p>3rd place: Leyla Naz Candogan (Turkey), ‘<a href="https://indico.cern.ch/event/1191489/contributions/5011706/attachments/2507831/4309634/Leyla Naz Candogan - Lightning Talk.pdf">Boosting online recalibration of physics objects for the 40 MHz scouting demonstrator system at CMS</a>’.</p> <p>This year’s summer students were also joined by the winners of two recent competitions. Jay Patel, a computer-engineering student from India, was awarded a place in the programme as a prize for having won the QHACK quantum machine-learning hackathon in February. Three other prize winners from the QHACK also came to CERN for a special week-long visit in July. “I was amazed by the work environment at CERN,” says Patel. “I really felt welcomed and, after doing a master’s in quantum computing, I would love to go back and work at CERN.”</p> <p>Eugenio Marinelli came to CERN after winning <a href="https://techdecoded.intel.io/resources/winners-announced-for-the-oneapi-great-cross-architecture-challenge/#gs.cfxn7a">the oneAPI Great Cross-Architecture Challenge</a>, organised by Intel with support from CERN and Argonne National Laboratory in the US. He used the set of cross-architecture libraries found in the oneAPI toolkit to develop a new application for quickly and accurately decoding digital data stored in synthetic DNA. “My experience at CERN was very good,” says Marinelli, who is now studying for a PhD at EURECOM in France. “I particularly enjoyed being exposed to the international environment at the Laboratory.”</p> <p>Applications for the 2023 CERN openlab Summer Student programme will open in November.</p> </div> <span><span lang="" about="/user/151" typeof="schema:Person" property="schema:name" datatype="">anschaef</span></span> <span>Fri, 09/23/2022 - 11:02</span> <div class="field field--name-field-p-news-display-byline field--type-entity-reference field--label-above"> <div class="field--label"><b>Byline</b></div> <div class="field--items"> <div class="field--item"><a href="/authors/andrew-purcell" hreflang="en">Andrew Purcell</a></div> </div> </div> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-09-23T08:52:29Z">Fri, 09/23/2022 - 10:52</time> </div> </div> Fri, 23 Sep 2022 09:02:54 +0000 anschaef 185374 at https://home.cern Computer Security: Forwarding can spoil privacy https://home.cern/news/news/computing/computer-security-forwarding-can-spoil-privacy <span>Computer Security: Forwarding can spoil privacy</span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>We have discussed the lack of security of the email protocol (“<a href="https://home.cern/news/news/computing/computer-security-email-equals-letters">Email equals letter</a>”), the risk of receiving emails (“<a href="https://home.cern/news/news/computing/computer-security-i-love-you">I love you</a>”) and the dangers of opening attachments (“<a href="https://home.cern/news/news/computing/computer-security-truth-lies-url">The truth lies in the URL</a>”) in many previous <em>Bulletin</em> articles. But have you ever considered the risks for your privacy when you send an email?</p> <p>The email protocol was never designed to be secure nor to preserve people’s privacy. Modules for adding encryption, like PGP, GPG or GnuPG, work rather badly and require that your recipient have the means to read your encrypted email. Instant messengers like Threema or Signal are much better in that respect and guarantee full confidentiality of your peer-to-peer communication (note that <a href="https://www.howtogeek.com/710344/psa-telegram-chats-arent-end-to-end-encrypted-by-default/">Telegram doesn’t provide E2E encryption</a>), with the small risk that some nation states (e.g. the US <a href="https://signal.org/bigbrother/">with regards to Signal</a> and Switzerland <a href="https://threema.ch/en/work/support/legal">with regards to Threema</a>) might still use their power to intercept that communication. But email offers no such guarantees. It is, by default, not encrypted, so your email service provider can eavesdrop on your emails stored in their service (in fact, this is the gmail business model – as it’s for free, your data is the payment). And if your email communication does not use any of the “S” protocols like HTTPS, IMAPS, POPS – note the “S” at the end of each – your email in transit is also not encrypted. For CERN, email between CERN email addresses and emails transiting through CERN’s network can be considered reasonably secure. The email service is currently hosted on site and will in the future be transferred to a cloud service contractually bound to privacy, which means that your emails sitting in your inbox are well protected. And email communication uses HTTPS, IMAPS and POPS by default. So, you are fine here, security-wise and privacy-wise. But note that you are less fine when your recipient forwards your email to an external email address or when your recipient is an e-group containing external email addresses.</p> <p>Therefore, if you regularly receive sensitive emails, make sure that you do not automatically forward them to an external email address (you can check your settings <a href="https://account.cern.ch/account/Management/MyAccounts.aspx">here</a>). This is particularly true if you are CERN staff. Also, if your service receives sensitive emails, make sure that its mailing list contains only CERN email addresses and no external forwards. It’s always best to use CERNBox for transferring or sharing sensitive material. CERNBox is hosted at CERN, transfer contents are encrypted, and all data is physically protected by the CERN Data Centre in Meyrin (“<a href="https://cdsweb.cern.ch/journal/CERNBulletin/2012/18/News%20Articles/1442980?ln=en">Don’t let your mail leak</a>”). Be vigilant and help us protect the Organization: don’t let forwards spoil your privacy.</p> <p>_____</p> <p><em>Do you want to learn more about computer security incidents and issues at CERN? Follow our <a href="https://cern.ch/security/reports/en/monthly_reports.shtml">Monthly Report</a>. For further information, questions or help, check <a href="https://cern.ch/Computer.Security">our website</a> or contact us at Computer.Security@cern.ch.</em></p> </div> <span><span lang="" about="/user/151" typeof="schema:Person" property="schema:name" datatype="">anschaef</span></span> <span>Tue, 09/13/2022 - 12:58</span> <div class="field field--name-field-p-news-display-byline field--type-entity-reference field--label-above"> <div class="field--label"><b>Byline</b></div> <div class="field--items"> <div class="field--item"><a href="/authors/computer-security-team" hreflang="en">Computer Security team</a></div> </div> </div> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-09-13T10:38:56Z">Tue, 09/13/2022 - 12:38</time> </div> </div> Tue, 13 Sep 2022 10:58:32 +0000 anschaef 185326 at https://home.cern CERN openlab summer students present online “lightning talks” https://home.cern/news/announcement/computing/cern-openlab-summer-students-present-online-lightning-talks <span>CERN openlab summer students present online “lightning talks”</span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>On Wednesday 14 and Thursday 15 September, the 2022 CERN openlab summer students will present their work at the public “lightning talk” sessions <a href="https://indico.cern.ch/event/1191489/">(session 1,</a> <a href="https://indico.cern.ch/event/1191490/">session 2)</a></p> <p>Students will each give a five-minute presentation, introducing the audience to their project, explaining the technical challenges they have faced and describing the results they have found during their projects. Each student will have the opportunity to showcase their progress while also informing the audience about different cutting-edge IT projects they have been working on.</p> <p>This year marked the first in-person openlab Summer Student programme since the start of the pandemic, with students returning to the openlab corridor once again. Since some of the students will not physically be at CERN at the time of the Lightning Talks, the decision for the presentations to remain online was to ensure that all students have an equal opportunity to present in front of their peers and the wider CERN community.</p> <p>Over nine weeks (June-September) the CERN openlab summer students have been working with some of the latest hardware and software technologies. 32 students representing 19 nationalities were part of this year’s openlab Summer Student Programme. During their time at CERN, the summer students, alongside working on their projects, attended a series of lectures given by IT experts on advanced CERN-related computing topics.</p> <p>Join us on 14 and 15 September to discover more about the exciting projects the students have been working on. The presentations are free and open to everyone at CERN. Enrica Porcari, Head of IT, will give an introductory talk at the start of the first session. On 14 September, the presentations will start at 15:00 and finish by 17:15 CEST, and on 15 September the presentations will start at 15:30 and finish by 17:45 CEST.</p> <p>You can follow the live webcasts by following the links below:</p> <p><a href="https://indico.cern.ch/event/1191489/">Session 1</a><br /><a href="https://indico.cern.ch/event/1191490/">Session 2</a></p> </div> <span><span lang="" about="/user/21331" typeof="schema:Person" property="schema:name" datatype="">thortala</span></span> <span>Mon, 08/29/2022 - 15:40</span> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-08-29T13:38:26Z">Mon, 08/29/2022 - 15:38</time> </div> </div> Mon, 29 Aug 2022 13:40:06 +0000 thortala 185245 at https://home.cern Computer security: Room at the top https://home.cern/news/news/computing/computer-security-room-top <span>Computer security: Room at the top </span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>What do “Daniela.Wick@cern.ch”, “Kris.Avandal@cern.ch”, “Magnus.Fallbaum@cern.ch”, “Petra.Kosmanen@cern.ch”, “Ron.Waitmal@cern.ch” and “Stephanie.Porasky@cern.ch” have in common? No, they aren’t members of the personnel even if they pretend to have a CERN email address and their names sound similar to those of some of our colleagues in the CERN Computer Security team. No, they have no business with CERN at all, even if their email messages claim otherwise. And no, they are not trustworthy, as they tried to steal your password. Welcome to the annual clicking campaign, revised.</p> <p>22 731 emails were sent out on 1 August purporting to come from one of the made-up email addresses above, presenting you with an important message on your “New voicemail from +41792231243” or the “Update on your invoice”, concerning your “Office 365™ Subscription” or your “Signed contract”, asking you for “Action Required”, or just sending you the latest “COVID 2022 Report”. 22 731 emails, one to each CERN email address assigned to a member of the personnel owning a CERN mailbox. Each email trying to lure you to click on the embedded link, which, if clicked, presented you with a login page ready to accept your username. And, for those who made it that far, asking for your CERN password… For those who took that last step, BOOM! Not only did you <a href="http://home.cern/news/news/computing/computer-security-truth-lies-url">put your device and your digital life at risk when clicking on the initial link</a>, by handing over your CERN password to a malicious website you <a href="https://home.cern/news/news/computing/computer-security-banks-and-work">opened the door to fraud and sabotage</a>. Once again, remember the mantra “STOP – THINK – DON’T CLICK” before opening attachments or unsolicited links – they might bring nasty surprises. And remember that your password is yours and yours alone and should only make it into <a href="https://home.cern/news/news/computing/computer-security-new-single-sign">CERN’s old and new single sign-on (SSO) pages</a>. Anything else could wreak havoc – on CERN’s operations, finances and reputation.</p> <p>But not this time, fortunately, as the emails were part of our annual campaign on cybersecurity risks and <a href="https://home.cern/news/news/computing/computer-security-wrong-link-wrong-login-and-boom">the dangers of (sophisticated or not) unsolicited emails</a>. Still, the reaping was sadly fruitful. More than 1800 people clicked and fell into the trap by entering their username in the fake SSO page and trying to enter their password, too. 1800 accounts. If that had been a real attack, they would now be in the hands of an attacker. 1800 accounts available to spam the world through CERN’s email system, abusing CERN’s computer centre for cryptocurrency mining, downloading costly journals and scientific papers from CERN’s digital library, extracting (confidential!) data or documents from our storage systems, stealing money from the CERN treasury or sabotaging the operations of CERN’s accelerators or experiments. There is still room for improvement. There is still some room at the top.</p> <p>Hence, look out for these things:</p> <ul><li>Is the sender familiar to you? Note that email addresses, including those terminating with CERN.CH, <a href="https://home.cern/news/news/computing/computer-security-email-equals-letters">can easily be spoofed</a>.</li> <li>Do the message contents make sense to you? Is it related to your professional or private life? Is it relevant to you, did you expect it? Is it written in a language you understand, reasonably clearly and understandably? If you don’t have a subscription with “Deutsche Telekom”, then the invoice is likely not for you; the same goes for the delivery notification for a UPS package when you haven’t ordered anything.</li> <li>Hover your mouse over any link. Does the link start with HTTP(s)://[SOMETHING].CERN.CH before the next /? (Yes, this is tricky – if the URL confuses you, better check with us at Computer.Security@cern.ch)</li> </ul><p>And, finally, the silver bullet against account abuse. Complement your password by protecting your account with a so-called second factor: your mobile phone or a hardware token. When logging in (about twice per day), you would be asked as usual for your password but also to provide this second factor. A simple number generated by a smartphone app or hardware token. This two-factor authentication (2FA) is <a href="https://home.cern/news/news/computing/computer-security-log-click-be-secure">the silver bullet for account protection</a>, as the attacker now needs to not only phish your password by the aforementioned means, but also steal your smartphone (or hardware token) – and we all know always where our smartphone is, don’t we? So, give it a try and check out how to obtain and manage 2FA <a href="https://cern.service-now.com/service-portal?id=kb_article&amp;n=KB0006587">here</a>.</p> <p>In short, please help us reach the top. Enable 2FA for your account, remember STOP – THINK – DON’T CLICK and check for malicious emails using the following tips:</p> <figure class="cds-image" id="CERN-HOMEWEB-PHO-2022-157-2"><a href="//cds.cern.ch/images/CERN-HOMEWEB-PHO-2022-157-2" title="View on CDS"><img alt="home.cern,Miscellaneous" src="//cds.cern.ch/images/CERN-HOMEWEB-PHO-2022-157-2/file?size=large" /></a></figure><p>Do you want to learn more about computer security incidents and issues at CERN? Follow our <a href="https://cern.ch/security/reports/en/monthly_reports.shtml">Monthly Report</a>. For further information, questions or help, check <a href="https://cern.ch/Computer.Security">our website</a> or contact us at <a href="mailto:Computer.Security@cern.ch">Computer.Security@cern.ch</a>.</p> </div> <span><span lang="" about="/user/21331" typeof="schema:Person" property="schema:name" datatype="">thortala</span></span> <span>Fri, 08/19/2022 - 16:21</span> <div class="field field--name-field-p-news-display-byline field--type-entity-reference field--label-above"> <div class="field--label"><b>Byline</b></div> <div class="field--items"> <div class="field--item"><a href="/authors/computer-security-team" hreflang="en">Computer Security team</a></div> </div> </div> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-08-19T14:11:00Z">Fri, 08/19/2022 - 16:11</time> </div> </div> Fri, 19 Aug 2022 14:21:14 +0000 thortala 185028 at https://home.cern Computer Security: Banks and work https://home.cern/news/news/computing/computer-security-banks-and-work <span>Computer Security: Banks and work</span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>Over the past few months, the Computer Security team and the Identity and Account Management team have started to roll out two-factor authentication (2FA). 2FA is considered to be the silver bullet for protecting computing accounts. You find it everywhere: for accessing Facebook, Twitter, Gmail and many other services. Your bank uses it to protect your money. Still, we are facing resistance. And I’m starting to wonder why it is that people at CERN are perfectly willing to protect their bank accounts with 2FA while trying to avoid using it to protect their work, which is what puts the money in said accounts in the first place…</p> <p>CERN is <a href="https://home.cern/news/news/computing/computer-security-about-risks-and-threats">under attack</a>, like any other organisation, institute or company, many of which have been hacked or compromised and their data stolen (see <a href="https://home.cern/news/news/computing/computer-security-what-do-accelerators-and-pipelines-have-common">here</a> and <a href="https://home.cern/news/news/computing/blackmailing-enterprises-you-are-patient-zero">there</a>). A successful ransomware attack against CERN could have <a href="https://home.cern/news/news/computing/disaster-your-crown-jewels">devastating consequences</a> for our operations and reputation. Ransomware attacks, like many other forms of attack, usually take the route of you clicking on a malicious link, opening a malicious attachment or browsing a dodgy webpage, and subsequently <a href="https://home.cern/news/news/computing/computer-security-truth-lies-url">infecting your computer</a>. While the consequences for your laptop are local (and <a href="https://home.cern/news/news/computing/computer-security-risk-losing-it-all">can be very nasty</a>), the next hop from that compromised device most likely requires your password. A password that can now be easily intercepted by an attacker who has a foothold in your device. Other successful ransomware attacks are more direct. By asking. By you providing your password directly to an attacker, via a fake login page. Every year, between 10% and 20% of us fall for the Computer Security team’s <a href="https://home.cern/news/news/computing/computer-security-log-click-be-secure">clicking campaign</a>. Between 10% and 20% of all CERN passwords are exposed. Lost.</p> <p>Lots of juice for an attacker if those campaigns were real. Just think what they could access with your password. What power they could inherit from you. What the attacker could do if they could observe you working on different IT services, controls systems and financial applications. And what could happen if the attacker started acting on their own. Stopping accelerators? Manipulating experiments? Disabling safety systems? Stealing money? Deleting files? Exposing personal data? Impacting CERN’s reputation?</p> <p>In order to protect CERN against those types of attack, we are adding another – immense – hurdle for a potential attacker by deploying 2FA on your account. Not only would the attacker need your password, they would also need your second-factor hardware token – i.e. either your YubiKey or your smartphone. And you always know where your smartphone is, don’t you? This is why we consider 2FA to be a silver bullet for account protection. Yes, we do acknowledge that it adds another layer of inconvenience. So we’ve tried, and continue to try, to make 2FA as easy as possible for you:</p> <ul><li>We deployed it at one single point, the new CERN Single Sign-On (plus a few dedicated services at the gates, such as AIADM and the Remote Operations Gateways).</li> <li>We made adjustments so that the authentication lasts around 12 hours per browser, meaning that you will need to use your token about twice a day, which is likely much less often than some people go for a coffee or a smoke.</li> <li>You can choose which token – YubiKey or smartphone – will be the default (just go to <a href="https://users-portal.web.cern.ch">https://users-portal.web.cern.ch</a>/, click on “configure multifactor” and pick your “default login method”).</li> <li>You can choose between the two tokens every time you log in. If you forget one, the other is at hand. If you lose one, the other can be used to reset it. And we will add more options once they are compatible with our set-up.</li> <li>Procedures are in place to help if your token gets lost and you are locked out: the Service Desk and the Computer Security team have put all the necessary means in place for quick recovery.</li> <li>Finally, a more comprehensive list of answers can be found in our <a href="https://auth.docs.cern.ch/trouble-shooting/2fa-tips/">FAQ</a>.</li> </ul><p>So, doesn’t your CERN computing account deserve the same level of protection as your bank account? If you agree, <a href="https://cern.service-now.com/service-portal?id=kb_article&amp;n=KB0006587">give it a try</a> and let us know if you’re happy with it, so that we can set it up for you permanently.</p> <p>_____</p> <p><em>Do you want to learn more about computer security incidents and issues at CERN? Follow our <a href="https://cern.ch/security/reports/en/monthly_reports.shtml">Monthly Report</a>. For further information, questions or help, check <a href="https://cern.ch/Computer.Security">our website</a> or contact us at Computer.Security@cern.ch.</em></p> </div> <span><span lang="" about="/user/151" typeof="schema:Person" property="schema:name" datatype="">anschaef</span></span> <span>Sun, 07/31/2022 - 23:49</span> <div class="field field--name-field-p-news-display-byline field--type-entity-reference field--label-above"> <div class="field--label"><b>Byline</b></div> <div class="field--items"> <div class="field--item"><a href="/authors/computer-security-team" hreflang="en">Computer Security team</a></div> </div> </div> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-07-31T21:29:00Z">Sun, 07/31/2022 - 23:29</time> </div> </div> Sun, 31 Jul 2022 21:49:51 +0000 anschaef 184470 at https://home.cern CERN welcomes INFN and IIT as new members of its IBM Quantum Network hub https://home.cern/news/news/computing/cern-welcomes-infn-and-iit-new-members-its-ibm-quantum-network-hub <span>CERN welcomes INFN and IIT as new members of its IBM Quantum Network hub </span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>Two European research institutes – INFN (<em>Istituto Nazionale di Fisica Nucleare</em>) and IIT (<em>Italian Institute of Technology</em>) – have recently signed an agreement to become the latest members of CERN’s hub in the <a href="https://www.ibm.com/quantum/network">IBM Quantum Network</a>. The move will see both institutes working closely with CERN to help investigate the full potential of the nascent quantum computing technology, sharing access to IBM’s fleet of more than 20 quantum computers accessible on the cloud.</p> <p>The next generation of computing technology holds great promise for supporting scientific research. Quantum computers may offer the necessary tools to perform more complicated computing tasks than ever and search for more deeply hidden patterns, thus helping to produce technical breakthroughs and advance scientific understanding of the universe. Having members like INFN and IIT joining the hub will help CERN – through its Quantum Technology Initiative (QTI) – to drive investigations into how quantum technologies can support the LHC research community, as well as other scientific fields.</p> <p>“The mission of the CERN hub is to explore promising applications of quantum computing for high-energy physics and beyond, together with academia and research institutes in the CERN Member States,” says Alberto Di Meglio, coordinator of the CERN Quantum Technology Initiative. “We are pleased to have INFN and IIT joining us now in the effort to foster quantum developments, exchange knowledge and innovation, and deploy R&amp;D projects for the benefit of all.”</p> <p>“The signing of this agreement with CERN is another important step for INFN in the framework of its activities on quantum information science (QIS) and quantum technologies (QT),” says Valter Bonvicini, coordinator of the INFN quantum initiatives and member of the Advisory Board of the CERN QTI. “The agreement will provide the INFN community, both theoretical and experimental, with fast access to high-quality machines within the IBM Quantum Network. INFN considers teaming up with other key players sharing scientific interests or technology options in the field of QIS/QT as a very important aspect”.</p> <p>Uniting endeavours and establishing joint activities will help members of the hub to explore the complex nature of quantum computing technology, with a view to unlocking the full potential it could offer to speed up computationally expensive tasks.</p> <p>“Quantum computing represents one of the concrete applications of quantum mechanical laws. It is fascinating to witness how quantum information evolves, along with the many quantum computational experiments that may have a real advantage for specific applications,” says Andrea Cavalli, Associate Director for Computational Sciences and Vice-Scientific Director, <em>Istituto Italiano di Tecnologia</em>. “Building quantum computers large enough to supersede the current high-performance-computing (HPC) infrastructures is a goal of quantum computing technologists. Very likely, we will go through a hybrid era where classical computing and quantum computing will work together, where certain algorithms will be more suited for quantum machines and classical HW architectures will solve others more efficiently. Certainly, an institute like IIT, which has always been at the edge of new technologies, will try to play a key role in the quantum revolution we are witnessing.”</p> <p>Following the agreement, the members of the hub are now planning a joint technical kick-off event later this year, hosted at CERN with the support of the CERN Quantum Technology Initiative.</p> <p><strong>_______________</strong></p> <p><strong>About CERN QTI</strong></p> <p>The CERN Quantum Technology Initiative (CERN QTI) is a comprehensive R&amp;D and knowledge-sharing initiative to investigate applications of quantum technologies for high-energy physics and beyond. Given CERN’s increasing information and communications technology and computing demands, as well as the significant national and international interest in quantum-technology activities, CERN QTI aims to provide dedicated mechanisms for the exchange of both knowledge and innovation.</p> <p>Find out more at <a href="https://quantum.cern/">quantum.cern</a> and on <a href="https://twitter.com/CERNquantum">Twitter</a> and <a href="https://www.linkedin.com/showcase/cern-quantum-technology-initiative-cern-qti/?viewAsMember=true">LinkedIn</a>.</p> <p>Link to the roadmap: <a href="https://doi.org/10.5281/zenodo.5553774">https://doi.org/10.5281/zenodo.5553774</a></p> <p> </p> </div> <span><span lang="" about="/user/21331" typeof="schema:Person" property="schema:name" datatype="">thortala</span></span> <span>Fri, 07/15/2022 - 10:57</span> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-07-15T08:54:36Z">Fri, 07/15/2022 - 10:54</time> </div> </div> Fri, 15 Jul 2022 08:57:25 +0000 thortala 184099 at https://home.cern Computer Security: Thank you, folks! https://home.cern/news/news/computing/computer-security-thank-you-folks <span>Computer Security: Thank you, folks!</span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p>“Computer security” might be perceived as a technological endeavour – technology intended to solve technological problems. Firewall hardware. Anti-malware appliances. Multi-factor tokens. Encryption. Anti-virus software. EDR. BC/DR. SBOM. SOC. You name it. But, actually, computer security is far removed from technology. It is a people’s problem of sociological nature. The solutions are in front of the screen, not in the bits and bytes in the hardware. So: “Thank you, folks!” for reading on and helping us keep the Organization secure.</p> <p>As we have shown in many past issues of the <em>Bulletin</em>, we live <a href="http://cds.cern.ch/journal/CERNBulletin/2014/43/News%20Articles/1955880?ln=en">in symbiosis with information technologies</a>. Computer security is as important as <a href="https://home.cern/news/news/computing/computer-security-what-do-apartments-and-computers-have-common">protecting your apartment</a>, <a href="https://home.cern/news/news/computing/computer-security-what-do-accelerators-and-pipelines-have-common">industrial pipelines</a> or <a href="https://home.cern/news/news/computing/computer-security-fancy-dinner-or-burned-pie">your cooking skills</a>. Computer security is a game of <a href="https://home.cern/news/news/computing/computer-security-permanent-chess">permanent chess</a>. You are the main player on the board of “prevention”, “protection”, “detection” and “response”.</p> <p>Prevention-wise, computer security requires you to be vigilant and careful when browsing the web and its dark corners, when faced with weird links, when opening (or not!) attachments on unsolicited emails or when logging into a computing service through dodgy sign-on pages. Making sure that you stay alert is one of the main reasons why we run our annual “<a href="http://home.cern/news/news/computing/computer-security-truth-lies-url">clicking campaigns</a>”. Getting you to identify malicious emails, attachments and links is the very first line of computer security at CERN. Having you report them to us is the last line of defence – detection – because such emails, attachments and links were able to slip through our detection mechanisms and be delivered to your mailboxes. Hence, while we are inundated by the reports, questions and tickets we receive in this regard, we deeply appreciate them! Since your message – you having identified and reported our (and other) emails as malicious – is our last line of defence. Every report is a human sign of detection. Social detection at its best. “Thank you, folks!” for obeying the mantra “STOP – THINK – DON’T CLICK”! and for reporting to us.</p> <p>Prevention implies avoiding the introduction of vulnerabilities and bugs. Prevention by secure coding. Following best coding practices, making sure that secrets, passwords and other credentials are not exposed in any source code hosted on public software repositories or exposed directly by distributing the software. Preventing web applications from being exploited by <a href="https://home.cern/news/news/computing/computer-security-time-spring-clean">properly filtering and sanitising any third-party input</a>. And preventing the import of potentially malicious software by better <a href="https://home.cern/news/news/computing/computer-security-supply-chain-time-bombs">controlling the supply chain</a>. “Thank you, folks!” for programming safely and securely!</p> <p>Finally, prevention also means keeping our software stack secure, up-to-date, patched and based on the skills and professionalism of the people running the many IT services at CERN – throughout the IT department, in FAP-BC, in EP-SFT and in the Controls group of the Beams department. Use their centrally managed provisioning, and you won’t need to worry about computer security yourself. They’ll do it for you. “Thank you, folks!” Computer security depends heavily on protection. It depends on the IT Network Engineering section, who have deployed a next-generation, highly <a href="https://home.cern/news/news/computing/computer-security-cerns-new-first-line-defence">sophisticated firewall</a>. It depends on the IT Windows and Mac experts, who are readying a new – and free-for-you – anti-virus software solution (stay tuned here!). And it depends on the IT Identity and Access Management section, who are rolling out multi-factor authentication, requiring a hardware token like your smartphone or a USB dongle in addition to your password in order to <a href="https://home.cern/news/news/computing/computer-security-log-click-be-secure">better protect your account</a>. “Thank you, folks!” for your tireless work for computer security. And a special “Thank you, folks!” to all the many volunteers who have already signed up for our two-factor pilot!</p> <p>Response is what we want to avoid. Luckily, CERN is prepared with a qualified team of knowledgeable experts, the “Guys and Girls on Duty” (“Gods”) and the “Security Escalators”, who, day in and day out, run the computer security operations centre, react to its alerts, dig into details to understand the cause of a potential breach and try to answer all your questions related to computer security and beyond. “Thank you, folks!”</p> <p>And, last but not least, these awareness articles in the <em>CERN Bulletin</em> would not be possible without the help of many more people: IT communications, the Translation service, the <em>Bulletin</em> editors. “Thank you, too, folks!”</p> <p>As you can see, computer security is so much more than just cold IT – hardware and software. It’s in the commitment, vigilance, skills and professionalism of all of us. It’s sociological. Hence, once more, a hearty and sincere “Thank you, folks!” to all of you for helping us keep the Organization secure. This. Is. Really. Appreciated!</p> <p>______</p> <p><em>Do you want to learn more about computer security incidents and issues at CERN? Follow our <a href="https://cern.ch/security/reports/en/monthly_reports.shtml">Monthly Report</a>. For further information, questions or help, check <a href="https://cern.ch/Computer.Security">our website</a> or contact us at Computer.Security@cern.ch.</em></p> </div> <span><span lang="" about="/user/151" typeof="schema:Person" property="schema:name" datatype="">anschaef</span></span> <span>Wed, 07/27/2022 - 22:45</span> <div class="field field--name-field-p-news-display-byline field--type-entity-reference field--label-above"> <div class="field--label"><b>Byline</b></div> <div class="field--items"> <div class="field--item"><a href="/authors/computer-security-team" hreflang="en">Computer Security team</a></div> </div> </div> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-07-14T20:19:51Z">Thu, 07/14/2022 - 22:19</time> </div> </div> Wed, 27 Jul 2022 20:45:13 +0000 anschaef 184458 at https://home.cern The on-site CERN openlab summer-student lecture programme is back https://home.cern/news/news/computing/site-cern-openlab-summer-student-lecture-programme-back <span>The on-site CERN openlab summer-student lecture programme is back</span> <div class="field field--name-field-p-news-display-body field--type-text-long field--label-hidden field--item"><p style="margin-bottom:15px">Would you like to learn about the innovative computing technologies that underpin CERN’s groundbreaking physics research? Join us for the <a href="https://openlab.cern/">CERN openlab</a> summer-student lecture programme. It is free and open to all, wherever you are in the world. Lectures will be given by CERN experts on topics ranging from quantum computing to machine learning, and from distributed computing to open data. The lectures will be livestreamed via the <a href="https://webcast.web.cern.ch/">CERN Webcast website</a> and the <a href="https://www.youtube.com/c/CERNLectures/featured">CERN Lectures YouTube channel</a>. A full list of lectures can be found <a href="https://indico.cern.ch/category/15588">here</a>.</p> <p>The lectures are organised as part of CERN openlab’s annual summer-student programme. For the first time since 2019, summer students are back on the CERN site. The CERN openlab summer students will each spend nine weeks working with some of the latest hardware and software technologies, as well as learning how advanced computing solutions are used in high-energy physics. This year, 1770 students applied to the programme. From these, 32 students, of 18 different nationalities, were selected.</p> <p>At the end of their period working with CERN, the summer students will each give five-minute presentations about what they have achieved during their projects. These “lightning talks” will take place in September (exact date to be communicated) and are open to all. Join us to hear all about the exciting work the students have been doing – the talks are always jam-packed with inspiring ideas and innovative solutions.</p> <p>“It is a great pleasure to be welcoming summer students back to CERN; they bring fresh ideas and perspectives to the Laboratory,” says Maria Girone, CERN openlab CTO. “We are pleased to be sharing our lecture programme online, so that anyone from anywhere in the world can find out all about the important role that cutting-edge computing technologies play in supporting particle-physics research.”</p> <p>Finally, if you would like to get even more involved in computing at CERN, be sure to check out the <a href="https://webfest.cern/">CERN Webfest</a>. The Webfest is CERN’s annual hackathon based on open web technologies. This year, a special environment-themed “challenge” edition of the event will run throughout July and August. It is open to all and will be once again held online this year, meaning that people from anywhere in the world can take part. Find out more <a href="https://home.cern/news/announcement/computing/take-part-climate-action-through-cerns-online-webfest-challenge-2022">here</a>.</p> </div> <span><span lang="" about="/user/159" typeof="schema:Person" property="schema:name" datatype="">abelchio</span></span> <span>Fri, 07/01/2022 - 09:58</span> <div class="field field--name-field-p-news-display-byline field--type-entity-reference field--label-above"> <div class="field--label"><b>Byline</b></div> <div class="field--items"> <div class="field--item"><a href="/authors/andrew-purcell" hreflang="en">Andrew Purcell</a></div> </div> </div> <div class="field field--name-field-p-news-display-pub-date field--type-datetime field--label-above"> <div class="field--label"><b>Publication Date</b></div> <div class="field--item"><time datetime="2022-07-01T08:50:28Z">Fri, 07/01/2022 - 10:50</time> </div> </div> Fri, 01 Jul 2022 07:58:28 +0000 abelchio 183571 at https://home.cern