| Header 1 | Header 2 | Header 3 |
|---|---|---|
| Row 1, Col 1 | Row 1, Col 2 | Row 1, Col 3 |
| Row 2, Col 1 | Row 2, Col 2 | Row 2, Col 3 |
| Row 3, Col 1 | Row 3, Col 2 | Row 3, Col 3 |
| Merged row in footer | ||
Writing content in the new editor using Obama ipsum
Politicians routinely exploited fears of crime for their own electoral ends. As President, I will tap our natural gas reserves, invest in clean coal technology, and find ways to safely harness nuclear power. That we can participate in the political process without fear of retribution, and that our votes will be counted at least, most of the time. But I’m hopeful because I think there’s an awakening taking place in America. It is not enough to give health care to the sick, or jobs to the jobless, or education to our children. So now it’s edited?
This is a problem that’s brought together churches and synagogues and mosques and people of all faiths as part of a grassroots movement. These are some of the challenges that test our conscience – as Americans and people of faith. These are the policies I will pursue.
And nothing will change. That’s the promise of America – the idea that we are responsible for ourselves, but that we also rise or fall as one nation; the fundamental belief that I am my brother’s keeper; I am my sister’s keeper. It is easy to point fingers – for Palestinians to point to the displacement brought by Israel’s founding, and for Israelis to point to the constant hostility and attacks throughout its history from within its borders as well as beyond. But we have a responsibility to join together on behalf of the world we seek – a world where extremists no longer threaten our people, and American troops have come home; a world where Israelis and Palestinians are each secure in a state of their own, and nuclear energy is used for peaceful purposes; a world where governments serve their citizens, and the rights of all God’s children are respected.
I am the son of a black man from Kenya and a white woman from Kansas. It requires all Americans to realize that your dreams do not have to come at the expense of my dreams; that investing in the health, welfare, and education of black and brown and white children will ultimately help all of America prosper. Or, at this moment, in this election, we can come together and say, “Not this time.” This time we want to talk about the crumbling schools that are stealing the future of black children and white children and Asian children and Hispanic children and Native American children.
- I stand here today, grateful for the diversity of my heritage, aware that my parents’ dreams live on in my two precious daughters.
- Tonight, I say to the American people, to Democrats and Republicans and Independents across this great land – enough!
- This moment – this election – is our chance to keep, in the 21st century, the American promise alive.
In that time, I’ve had the chance to talk with Americans all across this country. That’s not simply a matter of policy or ideology – it’s a moral commitment. It’s the wisdom Moses imparted to those who would succeed him. I have already condemned, in unequivocal terms, the statements of Reverend Wright that have caused such controversy. Theirs are the stories that shaped me. I know there has been controversy about the promotion of democracy in recent years, and much of this controversy is connected to the war in Iraq.
That has been my experience at Trinity. This has bred more fear and mistrust. Today, America has a dual responsibility: to help Iraq forge a better future – and to leave Iraq to Iraqis. I understand those who protest that some countries have weapons that others do not.
I thought of the families I’ve met who were struggling to get by without a loved one’s full income, or whose loved ones had returned with a limb missing or nerves shattered, but who still lacked long-term health benefits because they were Reservists. My mother, whose parents were non-practicing Baptists and Methodists, was one of the most spiritual souls I ever knew. But the failure to respond is a direct result of a broken politics in Washington and the failed policies of George W. Bush. I love this country, and so do you, and so does John McCain. But I am convinced that in order to move forward, we must say openly the things we hold in our hearts, and that too often are said only behind closed doors. Finally, the Arab States must recognize that the Arab Peace Initiative was an important beginning, but not the end of their responsibilities.
I’m not talking about blind optimism here – the almost willful ignorance that thinks unemployment will go away if we just don’t think about it, or the health care crisis will solve itself if we just ignore it. They’re ready to turn the page on the old politics and the old policies – whether it’s the war in Iraq or the health care crisis we’re in, or a school system that’s leaving too many kids behind despite the slogans.
Content Visibility
We’ve recently added the Content Visibility plugin and add-ons to UBC Blogs. This suite of plugins allows you to add rules to each content block on your site which dictate who can see that block and when. You may, for example, want much of your site to be open to the public, but certain pieces of content – a h5p quiz, a form, or an image or video, to be available only to the students in your course.
The plugins are currently being tested on UBC Blogs, so if you would like to trial this suite of WordPress plugins, then get in touch and we can add them to your site.
Continue reading “Content Visibility”What does a University Degree get you?
This post has no answers. It only has questions. Questions which are, no doubt, hard to answer. But I believe they are questions which need thinking about and – eventually – answering if universities are to continue to be the education driving force they strive to be.
Many students are coming to university with the sole purpose of making themselves more employable. With Barack Obama, Christy Clark and other high profile politicians espousing that if, by the end of a degree program a student isn’t employable, then the University has failed, then the expectation is set and the pressure is on to deliver programs which achieve that goal.
This means that simply having a degree certificate from an institution isn’t as powerful as it once was. No longer is being accepted into the University of Tokyo (for example) a precursor for success. You’re not set for life any more, simply by being accepted. The onus is on the University to respond to the changing business world to deliver courses appropriate to making their students employable.
What happens if companies or whole business sectors start highly valuing self-taught, online courses more than a university degree?
Let’s say, for example, an entrepreneurial, private-sector company provides a wealth of useful, modern, well-taught courses available on a multitude of mediums. These courses are affordable, self-paced and are delivered by a company whose name is becoming synonymous with quality. After you complete these courses you get a ‘badge’ of some sort.
Now let’s say as an employer, I see that one prospective employee has a degree in a relevant field but another prospect has a set of badges from this online provider. I can find out precisely what these badges are, what this person had to do to achieve them and I already know that they did this in their own time.
Which person am I more likely to call for interview? Does it matter which university the first person’s degree was from? If so, is there a certain group of Universities from which obtaining a degree will always be held in high regard?
It will be no surprise to say that this sort of thing is happening already. In the IT sector there are websites such as CodeAcademy or Treehouse which allow people to train themselves in an ever-growing number of programming languages. More and more companies are starting to interview people based on their online accreditation (normally in combination with a github profile and/or stackexchange score). More job advertisements are saying ‘University degree or relevant experience‘ and, importantly, that relevant experience clause is starting to include provable online training and community experience. Some adverts are simply leaving off the requirement for a university degree completely.
Are there sectors by which this sort of movement couldn’t be affected? Probably. (I, for one, wouldn’t want to be operated on by someone who learned their trade from WebMD and Wikipedia, for example.) Are there more sectors which could start valuing a University degree less and less?
What happens if University accreditation becomes worthless?
Surely institutions like Harvard and MIT (not chosen at random) will always have their name and reputation to fall back on? i.e. Get a degree from one of those universities and you’re going to be in with a damn fine shot of being employable simply because you attended one of them. Is this hypothesis supported by the fact that the University of Oxford simply hasn’t embraced MOOCs? What can universities offer students beyond just accreditation? And are those offerings enough to warrant the financial costs (to the student and/or the government) if the value of accreditation depreciates?
Many of these questions are completely hypothetical. Many of them may not even have answers right now. And there are many more questions on a more macro- and micro-scale that I haven’t asked. Food for thought.
Botnet attack on UBC WordPress websites
For the past 24 hours (since about 10PM on 21st July 2014), UBC IT has detected a large botnet attack specifically targeting WordPress websites. If your site is hosted on UBC CMS or UBC Blogs, you should have no reason for concern. This sort of attack happens regularly and we have systems in place to mitigate against issues of this sort.
As UBC Blogs and UBC Wiki are behind the CWL, attacks don’t reach the servers hosting these services.
For other WordPress websites, outside of CMS and Blogs, you may have noticed a slow-down as their servers may be publicly accessible. If you are the administrator of small-to-medium WordPress websites on campus, I recommend installing and activating the WordFence plugin. This plugin adds several layers of security to your site and should work ‘out of the box’. If you wish to specifically ban the IP addresses being used at the moment, here’s a list of the IP Addresses that we have detected;
- 83.166.232.57
- 83.166.232.20
- 83.166.232.14
- 83.166.232.56
- 83.166.232.50
- 83.166.232.19
- 83.166.232.15
- 36.250.243.25
- 115.211.224.21
- 180.158.32.58
- 94.244.25.97
- 46.35.255.250
- 37.115.86.78
- 178.92.211.97
- 109.196.178.179
- 173.79.120.88
- 94.230.93.70
- 86.170.32.166
- 77.93.60.68
This list is not exhaustive, but should be a good start. Note, however, that at the moment I don’t recommend WordFence for large WP installs or very high traffic sites. There is a noticeable performance issue. I recommend in that case that you speak to your faculty’s IT department.
TimThumb Vulnerability June 2014
tl;dr: UBC Blogs, UBC CMS and the new CTLT Events websites are not and were not vulnerable. Your blog or cms site is and was safe.
A serious vulnerability was disclosed earlier this week in a popular third-party image manipulation script called TimThumb. The vulnerability allowed an unauthorized visitor to create, remove and modify many files on the server on which it was used.
Specifically, the 0-day issue is with a part of TimThumb called ‘webshot’ which, when enabled, creates a screenshot of a specified URL. Webshot is disabled by default in TimThumb meaning most websites that use it are safe from this particular attack.
Simply disabling webshot, by setting WEBSHOT_ENABLED to be false is enough to prevent this attack.
What about my UBC Blog or UBC CMS Site?
Your blog or site is – and was – completely safe. The vast majority of sites on Blogs or CMS do not use a theme which includes TimThumb. Of those themes that do use it, all have the webshot functionality disabled (the default).
Across our platforms we have 3 themes which use TimThumb. 2 of these are deprecated (CLF-Base and Thesis) and will be phased out this summer. The other 1 (Koi) isn’t widely used. As mentioned, all 3 were using a non-vulnerable version of this script.
How can I test for the vulnerability?
The easiest way – on a linux-based server – is to use a combination of the find and grep commands. You can search for the string ‘WEBSHOT_ENABLED’ in a simple one-liner:
find /var/www/location/of/wordpress/wp-content -type f -print0 | xargs -0 grep -l "WEBSHOT_ENABLED"
This will give you back the location of any files (recursively, within the wp-content directory – including plugins and themes) which contain the string ‘WEBSHOT_ENABLED’. If you receive results, you should open those files and ensure that it is set to false, i.e.
define( 'WEBSHOT_ENABLED', false );
A small rant from a WordPress developer
TimThumb, directly, has nothing to do with WordPress. It is a separate, stand-alone, can-be-used-anywhere PHP script written several years ago by someone for their own use on their own (WordPress) site. That person chose, in the spirit of open-source, to release what-was-to-be-named TimThumb so others could benefit from and improve upon his code. It solved a problem that many developers were having and gained a large audience very quickly. WordPress was already the most popular open-source CMS (as it remains to be) and as such had a huge following within the WordPress community.
The original developer – for whatever reason – could no longer support TimThumb and it was picked up and forked by several others.
Whilst the team behind the WordPress project have provided assistance in fixing vulnerabilities in the past and helped spread warnings to folks who were using outdated, vulnerable code, they really have nothing to do with it. As such, WordPress itself, has nothing to do with it. (As it happens, TimThumb is now practically obsolete within a WordPress environment as WP provides its own internal, native ways of doing what TimThumb can do).
Poorly researched articles by journalists who should know better have proclaimed that ‘yet again WordPress is vulnerable’. Not only is this nonsensical (WordPress, as a code base, hasn’t been hacked for an awfully long time now) and wholly inaccurate (as explained above), it’s nothing more than link bait which belittles and patronises the reader.
Comments like this;
So, there I was yesterday thinking about this one website I’ve been planning for months now on building and again toying with the idea of using WordPress but going back and forth in my mind about it because every so often I see yet another article about WordPress and some kind of security vulnerability and here today is a brand new one! So much for WordPress!
are made by people who have read such poorly researched and written articles. It is not the commenter’s fault that they have this impression, it’s the alarmist headline-writers who are to blame.
If you fit Pirelli tyres on your BMW and Pirelli discover there’s a flaw in their tyre, do you think headlines would be “BMW Cars now deadly to drivers”? Same idea.