~~1ie l~~frldia Iij Ann Arbor, Michigan Thursday, April 10, 2014 michigandaily.com TECHNOLOGY Internet security flaw affects 'U' Virginia Lozaofl/DAILY Public Policy sophomore Nina Peluso performs with the A capella group Amazin' Blue during the Diversity Monologues at Literati Bookstore Wednesday. Performances look at campus climate ITS staff scrambles to protect Wolverine Access, CTools after high-stakes breach By SAM GRINGLAS Daily News Editor The University's Information and Technology Services staff are working to combat a securi- ty flaw that left sensitive infor- mation on some of the Internet's most visited sites - as well as key University portals - vulner- able to prying eyes. The flaw was first discovered last week by Finnish research- ers and engineers at Google and made public Monday. But unlike the December Target security breach in which thousands of credit card numbers were sto- len from the retailer's servers, this particular finding - now nicknamed "Heartbleed" - stemmed from a coding error in a standard Internet security platform. Though it's uncertain wheth- er any passwords or data were compromised by the flaw, major websites such as Facebook, Google, Yahoo and Amazon quickly patched the defective code, The New York Times reported. Many others are scramblingto prevent data theft and secure their affected serv- ers. In an interview Wednesday evening, Paul Howell, the Uni- versity's chief security officer, said Information and Technolo- gy Services staff had fixed most of the affected University's sites Monday, including Wolverine Access and CTools. "The severity of the issue was apparent and teams here and at many universities have been working around the clock to get servers patched and to get fixes in place," Howell said. OpenSSL, the affected soft- ware, is a toolkit included in many webserver programs, such as Apache, that is designed to encrypt communication between web browsers and servers. Michael Bailey, an associate research professor of electrical engineering and computer sci- ence, said OpenSSL is a tool that is supposed to keep Internet users secure. For example, OpenSSL prevents others from eaves- dropping on communication between a professor entering grades in CTools from his or her browser and the Universi- ty's server that runs CTools.It ensures no one else can modify the grades between the profes- sor's input and their registry in CTools and lets the professor know it's really CTools, and not an imposter site, into which the sensitive information is being entered. The same principles apply to a student using Facebook. OpenS- SL ensures information dissem- inated between one's Internet browser and Facebook server is done so securely. But websites using the March 2012 version of OpenSSL have not been protected due to the coding error that - unknown until last week - has existed since the version's release and has left scores of websites vul- nerable for more than two years. While there are different security programs and versions available, The New York Times estimated the flaw in OpenSSL 2012 versions affects two-thirds of Internet sites. According toa study conduct- ed Tuesday by Bailey and Alex See INTERNET, Page 3A Event series ends range of identities on campus that are perceived as being with exploration ignored or misrepresented. The title of Wednesday's of misrepresented Diversity Monologues, which was the concluding event in the identities program's series, was "Words from 'Victors.'" By AMIA DAVIS LSA junior Harleen Kaur, Daily StaffReporter LSA senior Alexa Wright and LSA senior Brianna Kovan On Wednesday, the LSA organized the event, which Honors Program hosted an was held at the Literati Book- event aimed to explore a broad store at 124 E. Washington St. Wright said the event helped improve relationships between students and staff by provid- ing a safe space for students to speak and learn more about different identities at the Uni- versity. "We thought this would be a great, creative way for students to express their thoughts, and we really wanted to tie it in to what it means to be here at the University," Wright said. See DIVERSITY, Page 3A BUSINESS Students build app to keep track of friends Student-launched app 'Merge' shows others' free time By ARIANA ASSAFF Daily StaffReporter Early on in their freshman year, Business sophomores Dan- iel Steinmetz and Brandon Alster discovered how hard it could be to connect with friends on short notice. Oftentimes, they'd find themselves spending time between classes reaching out to friends who were already busy, and they needed something that could instantly tell them which friends were available. In January 2013, Steinmetz and Alster began brainstorming ideas for a project they would come to call Merge - a social networking app that allows col- lege students to instantly com- pare schedules - designed to make meeting up with friends quick and easy. Steinmetz and Alster enlisted University alum Josh Sklar and LSA junior Nathan Pilcowitz, an iOS designer, in April 2013 to bring the app to life. Now, stu- dents can use Merge to meet friends for coffee, plan group projects and find out what friends are up to. The current version of Merge includes a buddy list that shows users which of their friends are available at any given time. Stu- dents can message available friends through the app, and cre- ate "events" to designate a time and place to meet. The app also has a comprehen- sive list of courses that students can add to their unique profiles. Steinmetz and Alster used pub- lic databases to load most course information into their app, while classes in the Business school and the School of Information had to be manually loaded. "Merge is for the busy, driven college student who wants to stay social, but wants to save a lot of time doing sotoo," Alster said. As of the Fall 2014 semester, Merge had accumulated 1,500 users. They released a video on Monday to explain and promote the app. For now, Merge is a nonprofit endeavor. Steinmetz and Alster said their priority is creating a good product and increasing their user base. Until recently, they were paying out-of-pocket to get their idea off the ground. "We believed in the idea, but didn't have all this money to spend on an app," Alster said. "We figured if we could get an investor, it'd be worth it." See APP, Page 3A RESEARCH 'U tolead new nuclear monitoring coalition Grant program aims to modernize Non-Proliferation Treaty enforcement By TOM MCBRIEN Daily StaffReporter Few scenarios are more ter- rifying than the possibility of a nuclear war or terror attack. But thanks to a federal grant, the University is leading a consortium that will develop cutting-edge technology and methods for nonproliferation efforts in the U.S. and world- wide. The University received a $25 million grant from the Department of Energy to lead the 13-university consortium in improving technologies for monitoring nuclear materi- als, developing new methods to detect secret nuclear tests, analyzing current nonprolif- eration efforts and training the next generation of experts in the field. Engineering Associate Prof. Sara Pozzi has been selected as the director of the program, which is called the Center for Verification Technologies. "There are threats from See NUCLEAR, Page 3A Terra Molengraff/DAILY Johan Mackenbach, professor and chair for the Department of Public Health at the Erasmus University Medical Center, speaks about health policy in European countries at the School of Public Health Wednesday. International professors discuss healthcare concerns Et )eakers outline School of Public Health, drawing around 40 graduate students and challenges of faculty. Johan Mackenbach, professor aropean health of public health at Erasmus Uni- versity Medical Center in Rot- disparitves terdam, the Netherlands, spoke of the recent divergence of life By JULIA LISS expectancy in Europe and possi- Daily StaffReporter ble explanations for such a trend. Mackenbach said the trends, o speakers gave a joint lec- which show health disparity ednesday on international based on national income gaps, policies at the University's are the result of a variety of cultural factors. Using charts, graphs and other data to help illustrate his point, Mackenbach showed that periods of democ- racy had historically higher life expectancies, while periods of more chaotic political climates showed dips in the life expectan- cies. Mackenbach outlined 11 spe- cific areas of focus for health policies, including tobacco con- trol, alcohol control, child health See HEALTHCARE, Page 3A Tw ture M health 6-s *6 : ndph oka th 0.Iituetrn WEATHER HI 59 TOMORROW L0:34 GOT A NEWS TIP? NEW ON MICHIGANDAILY.COM Call 734-418-4115 or e-mail Game of Thrones' RECAP: 'Two Swords' news@michigandaily.com and let us know. MICHIGANDAILY.COM/BLOGS INDEX Vol. CXXIV, No. 99 02014 The MichiganDaily michigondoilycom NEWS.........................2A SPORTS .. . ..........7A SUDOKU.. . .2 A CLASSIFIEDS...............6A OPIN IO N .....................4A B-SID E....................1B t