When something unexpected happens Noodle will ask you what you were doing and email a stack trace to Vialect. Bug reports may also be sent to firstname.lastname@example.org. Please use email@example.com for any other inquiries.
Please provide the following to help us reproduce and correct issues faster:
- Minimal steps to reproduce the issue from scratch. Possibly relevant details:
- The URL
- The version of Noodle
- The version of Web Browser
- The version of Operating System
- A username and password
- An ordered list of buttons/links clicked
- Sample file/data
- Expected behavior, possible details:
- 720p mockup of desired appearance with min and max sample data.
- Actual behavior, possible details:
- A full resolution screen shot including address and scroll bars
- Web Browser console output
- The source of any warning pages (wrong format, missing parameter)
- The source of any email
- A zip of the Noodle/log folder
- Observe email educate
- A short descriptive email subject
- Reply to the email thread only for the the same issue
- Don't make new threads for the same issue.
- Avoid requesting thread history review.
- Do not place legal or print notes in signatures or otherwise bloat them.
- Use test in favor of images
- Use attachments not overlays/embeds of images or text
- Be concise.
Leaving out information leads to Vialect spending less time creating solutions and more time attempting to reproduce issues and linking to this page.
Answers to Frequently asked questions:
- The support included in your Noodle subscription includes phone, email, and remote assistance for system administration, application usage, and troubleshooting.
- Customization can normally be accomplished through the user interface which we help with by providing example scripts. Feature requests beyond customization cost extra valued on a per requirement basis.
Ask us more.
Information about our hosted security:
- Rackspace standards, and certifications.
- Amazon standards, and certifications.
- Backups are taken daily for one day, and monthly for 3 years, encrypted, and stored in multiple cities. Optimal space conservation is used in favor of optimal recovery time.
- Only the strong password protected ssh key of our security manager has full assess to hosted environments.
- Stable Linux branches are used and security updates are evaluated or applied daily.
- Data sovereignty; People who want to avoid government oversight should encrypt a local install and host the data with a less intrusive government.
- Application Security
- regulation compliance
Please read this overview for a summary of applicable regulations.
Please contact us if you have specific questions about regulation compliance.
Information about Vialect Administrative security:
- Staff workstations use annual fresh installs of OS X to avoid most malware.
- Payment information is transmitted and stored offline.
- Only Senior staff have access to sensitive information.
Public network application security options:
- SSL (prevent passwords collection from public wifi)
- White list (prevent application inspection from known hostile networks)
- "Session Security Level" to 4 (prevent session hijacking)
- "Minimum password length" to 8 (make password guessing harder)
- Auto blacklisting block IPs that use the wrong password to often (defaults to 20 per minute)
- 2 factor authentication
- Authentication keys for RSS, and Calendar subscriptions.
- Injection detection
- Active Directory Authentication
Security at Vialect is addressed in the following categories:
LAN security options for the server:
- Whole disk encription (prevents bypassing security by reading the disk with another computer).
- Dedicated server (reduces exploitable surface area).
- Linux OS (protects from Windows malware).
- Firewall blocking all but ssh and the Noodle http[s] ports (reduces exploitable surface area).
- ssh keys (prevents password guessing on ssh).
LAN security options on a network, listed from most to least secure:
- Network not (even indirectly) connected to the internet.
- Network with no Microsoft Windows devices only indirectly connected to the internet:
- Encrypted VPN or better yet a ssh tunnel (use with keys will prevent MITMA from a spoofed wifi or an untrusted ISP or government).
- Anonymity networks like tor can be used, optionally with ssl or ssh (in practice will prevent anyone, including governments, from knowing what server a user is talking to).
- Network only indirectly connected to the internet.
- Public network with a firewall or NAT port forwarding blocking all but one port.
- Public network.