When something unexpected happens Noodle will ask you what you were doing and email a stack trace to Vialect. Bug reports may also be sent to firstname.lastname@example.org. Please use email@example.com for any other inquiries.
Please provide the following:
- Steps to reproduce the issue, possible details:
- The URL
- The version of Noodle
- The version of Web Browser
- A username and password
- An ordered list of buttons/links clicked
- Sample file/data
- Expected behavior, possible details:
- 720p mockup of desired appearance with min and max sample data.
- Actual behavior, possible details:
- A full resolution screen shot including address and scroll bars
- Web Browser console output
- The source of any warning pages (wrong format, missing parameter)
- The source of any email
- A zip of the Noodle/log folder
- Observe email educate
- A short descriptive email subject
- Reply to the email thread only for the the same issue
- Don't make new threads for the same issue.
- Avoid requesting thread history review.
- Do not place legal or print notes in signatures or other bloat them.
- Use test in favor of images
- Use attachments not image overlays/embeds
- Be concise.
Leaving out information leads to Vialect spending less time creating solutions and more time repeating themselves and linking to this page.
Answers to Frequently asked questions:
- The support included in your Noodle subscription includes phone, email, and remote assistance for system administration, application usage, and troubleshooting.
- Customization can normally be accomplished through the user interface which we help with by providing example scripts. Feature requests beyond customization cost extra valued on a per requirement basis.
Ask us more.
Information about our hosted security:
- Rackspace standards, and certifications.
- Amazon standards, and certifications.
- Backups are taken daily for one day, and monthly for 3 years, encrypted, and stored in multiple cities. Optimal space conservation is used in favor of optimal recovery time.
- Only the strong password protected ssh key of our security manager has full assess to hosted environments.
- Stable Linux branches are used and security updates are evaluated or applied daily.
- Data sovereignty; People who want to avoid government oversight should encrypt a local install and host the data with a less intrusive government.
- Application Security
- regulation compliance
Please contact us if you have specific questions about regulation compliance.
Information about Vialect Administrative security:
- Staff workstations use annual fresh installs of OS X to avoid most malware.
- Payment information is transmitted and stored offline.
- Only Senior staff have access to sensitive information.
Public network application security options:
- SSL (prevent passwords collection from public wifi)
- White list (prevent passwords guessing from known hostile networks)
- "Session Security Level" to 4 (prevent session hijacking)
- "Minimum password length" to 8 (make password guessing harder)
- Auto blacklisting block IPs that use the wrong password to often (defaults to 20 per minute)
- 2 factor authentication
- Authentication keys for RSS, and Calendar subscriptions.
- Injection detection
- Active Directory Authentication
Security at Vialect is addressed in the following categories:
LAN security options for the server
- Whole disk encription (prevents bypassing security by reading the disk with another computer)
- Dedicated server (reduces exploitable surface area)
- Linux OS (protects from windows malware)
- Firewall blocking all but ssh and the noodle http[s] ports. (reduces exploitable surface area)
- ssh keys (prevents password guessing on ssh)
- On a network not (even indirectly) connected to the internet. (most secure)
- On a network only indirectly connected to the internet with no Microsoft windows devices on the network.
- Encrypted VPN or better yet a ssh tunnel (use with keys will prevent MITMA from a spoofed wifi or an untrusted ISP or government)
- Anonymity networks like tor can be used (optionally with ssl or ssh) (in practice will prevent anyone, including governments, from knowing what server a user is talking to)
- On a network only indirectly connected to the internet.
- On a public network with a firewall or NAT port forwarding blocking all but one port
- On a public network (least secure)