• Whitfield Diffie and Susan Landau: Internet Eavesdropping: A Brave New World of Wiretapping,
• Katherine Albrecht: How RFID Tags Could Be Used to Track Unsuspecting People,
• Simson L. Garfinkel: Data Fusion: The Ups and Downs of All-Encompassing Digital Profiles,
• Daniel J. Solove: Do Social Networks Bring the End of Privacy?, and
• Esther Dyson: How Loss of Privacy May Mean Loss of Security.

J.D. Abolins

The Chronicle of Higher Education has an interesting article about Colleges and Universities who have “bent over backward to help the Recording Industry Association of America curb illegal file sharing on his campus” before by passing on “prelitigation settlement letters” and gave over other information in the past. These colleges have found that the RIAA is just asking for more and more information that is overburdening already stretched thin staff. Now that they have realized the amount of effort and staff time they have been spending on this, and have concerns that doing some of these things may actually violate Family Educational Rights and Privacy Act (FERPA), they are finding that past compliance is causing them problems. It is hard to convince a judge that responding to these requests now are an “undo burden” if you have followed through in the past. I guess what surprises me a little about this is how the Universities in the article didn’t consider this early on, before responding to the first request. It is not really surprising that your past actions will be held against you in these types of cases. Once you start bowing down to the RIAA, or any other organization doing this witch hunts, it is hard to break away. Maybe these colleges should have been a little bit more concerned about violating FERPA and having the wrong students accused in the first place. I guess that is the lesson here. If you are ever put in to the situation these colleges were put into first, you need to make sure you think through all of the consequences of how you respond the first time as once you make a decision to comply, it will be very hard to undo that choice.

• Dan Kaminsky has some information about the DNS vulnerability, his Defcon presentation, etc. at http://www.doxpara.com/ (IP address:157.22.245.20). The site also has a DNS Checker to see if you Internet connection is particularly vulnerable to DNS mischief. Take a look at his post with "Summaries".
  
• Steve Friedl has "An Illustrated Guide to the Kaminsky DNS Vulnerability". Nice!
• It can be prudent to catalogue the IP addresses of crucial site you use. One way is to use nslookup to find the IP addresses.
• BUT connecting to a server using its IP address is not a 100% guarantee of protection from DNS mischief. If, for example, the server pulls information from other servers using DNS information, the DNS vulnerability could affect this. Mashups could be particularly susceptible to this.
• If you're using Firefox and accessing a site using its IP address instead of the usual URL, you may run into a Secure Connection Failed warning saying something about an "invalid security certificate". This doesn't necessarily mean you've reached a bogus site. See FireFox's support for more information on this.

J.D. Abolins

Bethel Motor Speedway is a 1/4 mile paved oval track in White Lake, NY built in 1959. The track was previously known as White Lake Speedway, White Lake Raceway, Catskill Mountain Speedway, Kauneonga Speedway, and Sullivan County Speedway. In the past 10 or so years, the track has been closed and opened a number of times. After the 2006 season, the track closed and was eventually sold to new owners. The new ownership team plans to race every Saturday night n august and September with the first race being thi cming Saturday, August 2. I already have plans for the next few Saturdays, but I hope the track does well enough to run regularly again and I do plan on attending at least once this year.

32 bit

64 bit

Difference

Initial Boot

154.1

237.6

83.5

With Apps Open

262.7

395.7

133

7.10

8.04.1

Difference

64 bit

32 bit

• Quick overview of concepts such as copyrights, fair use, and patents.
• Overview of F/OSS licensing approaches such as GPL ones.
  
• Can F/OSS licensing provisions be enforced by law?
  
• Hardware tinkering issues such as "Tivoization" where a system incorprates F/OSS but the hardware is designed to prevent modification of the code.
• Examination of the issues raised by things such as the DMCA anti-circumvention provisions.
• Issues that can arise when publicising info about our tinkering.
• Suggestions for dealing with these issues.
  

J.D. Abolins

J.D. Abolins

Over the past few days, I’ve been listening to Tech Therapy. Tech Therapy is a series of podcasts in which “Scott Carlson, a Chronicle reporter, and Warren Arbogast, a technology consultant who works with colleges, talk about the headaches, anxieties, and general problems you might be having with technology on your college campus.” In through the archives, I listened to an interview with William Shell, director of academic technology and computing services at Eastern Michigan University, who asks: “How can a university make faculty members aware of copyright law?” Obvious, copyright is a big issue for libraries, and I really like that the conversation brought in the idea that the IT department partner with librarians who are familiar with, and interested in, copyright and fair use issues. They also brought in some other ideas about how to educate faculty about the issues involved without being seen as “the copyright police.” All of the Tech Therapy podcasts I listened to are interesting, but this one stood out for the librarian in me since they said things like “your best friends [on this issue] are in the library.” Probably not a lot of new information with people who deal with this, but still it was nice to see these non-librarian techies advocating for the librarians on this issue.

I read with interest the call for papers for the 3rd IEEE/ACM International Conference on Information and Communication Technologies and Development (ICTD2009). What caught my eye was the sentence of the conference focus which reads “Well-presented negative results from which generalizable conclusions can be drawn are also sought.” I’d like to see more reporting of well presented negative results at library-related conferences. Sometimes we here about negative results on e-mail lists when some asks the question “Has any tried this?” but very rarely do we have sessions that report on things that didn’t work out at conferences or read them in articles. This leads to different people try their same thing and also failing whereas if the negative results were public they could either decide to go in a different direction, or the can look at what didn’t work in the previous project and figure out a way to modify the approach so it will work.

In a number of different settings, both at work and while talking to librarians from other institutions, the subject of library statistics have come up. While all types of library statistics are always an item for discussion, in particular statistics about the size of various library collections have come up recently. While counts of traditional print materials are troublesome enough, counts of electronic resources are even more of an issue. There are just so many variables that make comparing these counts from library to library very difficult. One library may count a collection of databases as one database, while another may count each individual database separately. This is not to mention that the amount and quality of items in different databases can vary greatly.

One thing that I’ve been thinking about recently with respect to library statistics lately is what do we count that is available electronically? Specifically, should we count things that we provide access to that are freely available on the Web. For instance, if we provide a record for the Code4Lib Journal, or the dLIST (Digital Library of Information Science of Technology) should we count them as a serial or database holding respectively. How about if we add MARC records for freely available government documents from a vendor such as MARCIVE to our catalog? Does each record count as a government document although we didn’t purchase or physically possess the document. I’m not sure how many libraries count these items, but I know from talking to librarians many libraries only count items they directly pay for. I don’t think this is the correct approach. I think, especially with the high quality of many Open Access journals and other documents, the should be counted. If a librarian has taken the time and effort to evaluate a resource or collection of resources and to add it to the collection, I think it should count. Academic libraries no longer are just about physical collections of information, they are about providing access to quality information. Thus, if the library takes even minimal actions to provide access to a resource, it should be included in these counts (flawed as the are).

Cheers,
J.D. Abolins

UPDATE (23 July 2008): The streaming radio feed from Last HOPE's Radio Statler is no longer on the air.

Andrew Pace had an interesting post about library Sacred Cow #1: patron privacy. His solution is to provide different levels of privacy to patrons. Basically his approach is having a privacy setting scale similar to what you be familiar in a web browser and let the patrons choose. Personally, I think this would be a great approach. Patrons are wise enough to make there own decisions on this. If a library choose to implement something like this, I think it would be prudent for the library to describe the pros and cons of choosing different settings (and should make the default very protective of privacy).

Many patrons would love to have this choice. On a number of occasions at the reference desk or over the phone a student or faculty member wanted to know what book they checked out a few weeks ago and I couldn’t help them because we didn’t have that information readily available. I have heard from people who work in interlibrary loan at different colleges about patrons wanting similar information about articles they requested in the past. These are just very basic examples. I think it is obvious that if we collected circulation and other information we could provide better service to our patrons, be it recommender systems, customized new book alerts, etc.

The question is, why don’t libraries do this? One reason is that no one has really built tools that can handle this type of system (although with the advent of VuFind, the eXtensible Catalog, and other projects, this is beginning to change). There are, of course, librarians who are, rightly so, worried about privacy. However, if adult patrons are giving an educated choice, this argument is almost a non sequitur to me. In fact, but not providing this choice, it is conceivable that we are opening patrons up for more risks to their privacy as they use other tools and services outside the library that will not be protected by state library privacy laws.

I am concerned about privacy as much as most librarians, but at some point we have to make a decision. If we are going to make information and services available to patrons there is always an offset between privacy and access. The only way we could avoid all possible privacy implications about patrons using our resources is to not make any resources available to them. So, we are already making a sliding scale between access/service and privacy — only we aren’t letting the patron make their own decision. We are making it for them. One thing I believe libraries need to be concerned with is the amount of information available outside of libraries. If we don’t make our quality information easily available, people will go elsewhere. If this happens in large enough numbers, we won’t have to worry about patron privacy, because we won’t have any patrons.

In one of the comments to this post, Roy Tennant mentioned that he is that he is baffled by the reflectance to adopt a solution such as Pace proposes. Roy writes “I think a lot of folks have forgotten the days when there were cards in the book that listed everyone who had checked the book out. Where was privacy then?” This is a good question. Some librarians like to dwell on all of today’s privacy risks while at the same time ignoring what libraries have done long before the turn of the century and the advent of Library 2.0.

Whenever a discussion about Library 2.0 applications come up in a conference session or an an e-mail list, almost invariably someone brings up privacy as a reason not to do this. Recently, I remember reading a blog post, e-mail, or article (sorry, I couldn’t find it anywhere) where someone questioned if the real reason some librarians bring up privacy in because they are afraid or against change. I wouldn’t go that far, but I do think that it may be part of it. I do believe most librarians are legitimately concerned about privacy - however we shouldn’t let this concern be the end-all of our being. We need to find ways to provide these enhanced services while still working to protect privacy of our patrons. I think Pace’s concept could be one tool in our arsenal for doing this.

I sometimes slip in "deniable plausibility"; it's hard to believe,
J.D. Abolins

I haven’t been able to find a copy of the complaint yet, but Apple has finally sued Psystar Corp over the Mac clones they have been marketing. The articles seem to claim that the lawsuit is based on copyright infringement. I assume they are also saying they are violating the EULA. The copyright issue would, as far as I can tell, apply if Psystar is modifying any non-Open Source code (remember, some of OS X is licensed with a BSD license). It will be interesting to see how far Psystar takes this. In past interviews they claimed that the EULA Apple has is violating U.S. monopoly laws. It would also be interesting to see how far this suit tests the idea of the EULA and if Psystar can somehow test to see if the first sale doctrine when it comes to shrink-wrap software will held up in courts.My guess is that Apple probably has a good chance of winning, or otherwise having this case settled in their favor, this based on the merits (and it doesn’t help Psystar that they have many more resources to fight this case in court). However, I would like to see some of the terms of these more thorughly EULA tested in court. Hopefully I’ll find a copy of the complaint sometime soon so I can actually see what Apple alleges in the complaint instead of some tech-writers interpretation.

HOPEfully,
J.D. Abolins