<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>And the web sites that we host, and the computers that host them,
are regularly scanned by the university for vulnerabilities. And
even though we are an academic lab, since the university has a
medical school with HIPPA information, it seems like we are
subjected to an extra level of paranoia. But maybe that is the
new normal.</p>
<p> -- Greg<br>
</p>
<div class="moz-cite-prefix">On 10/25/2022 10:26 AM, Tom Goddard via
Chimera-dev wrote:<br>
</div>
<blockquote type="cite"
cite="mid:4230E01C-C4C1-4DE6-8AB5-6554D4ABF9F3@sonic.net">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Hi Mike,
<div class=""><br class="">
</div>
<div class=""> We encourage all labs to use ChimeraX which is the
successor to the Chimera program. Chimera is only receiving
critical maintenance while ChimeraX 1.0 came out 2 years ago,
now at version 1.4, and is actively developed.</div>
<div class=""><br class="">
</div>
<div class=""> We are the academic lab at UCSF that develops
Chimera and ChimeraX. We don't have formal development security
reviews. Our source code is under version control and only
modified by the core developers at UCSF. The software does not
listen on ports and uses only web services that we host at UCSF.
This is research software that can be used to run Python
analysis scripts. Since Python is a general purpose language it
can do anything on the computer that user privileges allow. The
researcher writes those scripts or obtains them from other
researchers and is responsible for assuring they do nothing
malicious. Here is the Chimera developer web site</div>
<div class=""><br class="">
</div>
<div class=""><span class="Apple-tab-span" style="white-space:pre"> </span><a
href="https://www.rbvi.ucsf.edu/trac/chimera/wiki"
class="moz-txt-link-freetext" moz-do-not-send="true">https://www.rbvi.ucsf.edu/trac/chimera/wiki</a></div>
<div class=""><br class="">
</div>
<div class="">Here is the ChimeraX github repository and developer
site</div>
<div class=""><br class="">
</div>
<div class=""><span class="Apple-tab-span" style="white-space:pre"> </span><a
href="https://github.com/RBVI/ChimeraX"
class="moz-txt-link-freetext" moz-do-not-send="true">https://github.com/RBVI/ChimeraX</a></div>
<div class=""><br class="">
</div>
<div class=""><span class="Apple-tab-span" style="white-space:pre"> </span><a
href="https://www.rbvi.ucsf.edu/trac/ChimeraX/wiki"
class="moz-txt-link-freetext" moz-do-not-send="true">https://www.rbvi.ucsf.edu/trac/ChimeraX/wiki</a></div>
<div class=""><br class="">
<div><br class="">
</div>
<div> Tom Goddard</div>
<div> ChimeraX and Chimera developer</div>
<div><br class="">
</div>
<div>
<blockquote type="cite" class="">
<div class="">On Oct 25, 2022, at 7:02 AM, Hart, Michael via
Chimera-dev <<a href="mailto:chimera-dev@cgl.ucsf.edu"
class="moz-txt-link-freetext" moz-do-not-send="true">chimera-dev@cgl.ucsf.edu</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<meta charset="UTF-8" class="">
<div class="WordSection1" style="page: WordSection1;
caret-color: rgb(0, 0, 0); font-family: Helvetica;
font-size: 12px; font-style: normal; font-variant-caps:
normal; font-weight: 400; letter-spacing: normal;
text-align: start; text-indent: 0px; text-transform:
none; white-space: normal; word-spacing: 0px;
-webkit-text-stroke-width: 0px; text-decoration: none;">
<div style="margin: 0in; font-size: 11pt; font-family:
Calibri, sans-serif;" class="">I’ve been asked to
approve installation of Chimera in one of our labs,
and I was hoping that you might have documentation on
your development processes and policies such that I
can feel comfortable installing your app in our
environment. I have searched but not found
documentation related to OWASP or other dev standards,
or any assessments that may have been run. Would you
have information available? <o:p class=""></o:p></div>
<div style="margin: 0in; font-size: 11pt; font-family:
Calibri, sans-serif;" class=""><o:p class=""> </o:p></div>
<div style="margin: 0in; font-size: 11pt; font-family:
Calibri, sans-serif;" class="">Thank you in advance,<o:p
class=""></o:p></div>
<div style="margin: 0in; font-size: 11pt; font-family:
Calibri, sans-serif;" class=""><o:p class=""> </o:p></div>
<div style="margin: 0in; font-size: 11pt; font-family:
Calibri, sans-serif; line-height: 16.8pt;
background-color: white;" class=""><b class=""><span
style="font-size: 10.5pt; font-family: Helvetica,
sans-serif; color: rgb(51, 51, 51); border: 1pt
none windowtext; padding: 0in;" class="">Mike
Hart | Chief Information Security Officer (CISO)</span></b><span
style="font-size: 10.5pt; font-family: Helvetica,
sans-serif; color: rgb(51, 51, 51); border: 1pt none
windowtext; padding: 0in;" class=""><br class="">
<b class="">Metropolitan State University of Denver<br
class="">
Information Technology Services</b><br class="">
Campus Box 96, P.O. Box 173362, Denver, CO
80217-3362<br class="">
Admin Building - 1201 5<sup class="">th</sup> Street
480M Denver, CO 80204 <br class="">
303-615-0541 (Office)<br class="">
303-352-7548 (Help Desk)<br class="">
</span><span style="" class=""><a
href="mailto:mhart20@msudenver.edu"
target="_blank" class="" moz-do-not-send="true"><span
style="font-size: 10.5pt; font-family:
Helvetica, sans-serif; color: blue; border: 1pt
none windowtext; padding: 0in;" class="">mhart20@msudenver.edu</span></a></span><span
style="font-size: 10.5pt; font-family: Helvetica,
sans-serif; color: rgb(51, 51, 51); border: 1pt none
windowtext; padding: 0in;" class=""> | </span><span
style="" class=""><a
href="http://www.msudenver.edu/technology"
target="_blank" class="" moz-do-not-send="true"><span
style="font-size: 10.5pt; font-family:
Helvetica, sans-serif; color: blue; border: 1pt
none windowtext; padding: 0in;" class="">www.msudenver.edu/technology</span></a></span><o:p
class=""></o:p></div>
<div style="margin: 0in; font-size: 11pt; font-family:
Calibri, sans-serif; line-height: 16.8pt;
background-color: white;" class=""><span style="color:
rgb(33, 33, 33);" class=""><span
id="cid:image001.jpg@01D8E848.158CADA0"><image001.jpg></span></span><span
style="color: rgb(33, 33, 33);" class=""><o:p
class=""></o:p></span></div>
<div style="margin: 0in; font-size: 11pt; font-family:
Calibri, sans-serif; line-height: 16.8pt;
background-color: white;" class=""><span style="color:
rgb(33, 33, 33);" class=""><o:p class=""> </o:p></span></div>
<div style="margin: 0in; font-size: 11pt; font-family:
Calibri, sans-serif;" class=""><o:p class=""> </o:p></div>
</div>
<span style="caret-color: rgb(0, 0, 0); font-family:
Helvetica; font-size: 12px; font-style: normal;
font-variant-caps: normal; font-weight: 400;
letter-spacing: normal; text-align: start; text-indent:
0px; text-transform: none; white-space: normal;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
text-decoration: none; float: none; display: inline
!important;" class="">_______________________________________________</span><br
style="caret-color: rgb(0, 0, 0); font-family:
Helvetica; font-size: 12px; font-style: normal;
font-variant-caps: normal; font-weight: 400;
letter-spacing: normal; text-align: start; text-indent:
0px; text-transform: none; white-space: normal;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
text-decoration: none;" class="">
<span style="caret-color: rgb(0, 0, 0); font-family:
Helvetica; font-size: 12px; font-style: normal;
font-variant-caps: normal; font-weight: 400;
letter-spacing: normal; text-align: start; text-indent:
0px; text-transform: none; white-space: normal;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
text-decoration: none; float: none; display: inline
!important;" class="">Chimera-dev mailing list</span><br
style="caret-color: rgb(0, 0, 0); font-family:
Helvetica; font-size: 12px; font-style: normal;
font-variant-caps: normal; font-weight: 400;
letter-spacing: normal; text-align: start; text-indent:
0px; text-transform: none; white-space: normal;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
text-decoration: none;" class="">
<a href="mailto:Chimera-dev@cgl.ucsf.edu"
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: 400; letter-spacing: normal; orphans: auto;
text-align: start; text-indent: 0px; text-transform:
none; white-space: normal; widows: auto; word-spacing:
0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px;"
class="moz-txt-link-freetext" moz-do-not-send="true">Chimera-dev@cgl.ucsf.edu</a><br
style="caret-color: rgb(0, 0, 0); font-family:
Helvetica; font-size: 12px; font-style: normal;
font-variant-caps: normal; font-weight: 400;
letter-spacing: normal; text-align: start; text-indent:
0px; text-transform: none; white-space: normal;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
text-decoration: none;" class="">
<a
href="https://www.rbvi.ucsf.edu/mailman/listinfo/chimera-dev"
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: 400; letter-spacing: normal; orphans: auto;
text-align: start; text-indent: 0px; text-transform:
none; white-space: normal; widows: auto; word-spacing:
0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px;"
class="moz-txt-link-freetext" moz-do-not-send="true">https://www.rbvi.ucsf.edu/mailman/listinfo/chimera-dev</a></div>
</blockquote>
</div>
<br class="">
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Chimera-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Chimera-dev@cgl.ucsf.edu">Chimera-dev@cgl.ucsf.edu</a>
<a class="moz-txt-link-freetext" href="https://www.rbvi.ucsf.edu/mailman/listinfo/chimera-dev">https://www.rbvi.ucsf.edu/mailman/listinfo/chimera-dev</a>
</pre>
</blockquote>
</body>
</html>