‘puters

RFID best practices

The American Library Association was one of many companies and public interest groups that helped create a set of best practices for RFID. They include these three general principles about RFID, as it relates to privacy:

Technology Neutrality: RFID technology in and of itself does not impose threats to privacy. Rather privacy breaches occur when RFID, like any technology, is deployed in a way that is not consistent with responsible information management practices that foster sound privacy protection.

Privacy and Security as Primary Design Requirements: Users of RFID technology should address the privacy and security issues as part of its initial design. Rather than retrofitting RFID systems to respond to privacy and security issues, it is much preferable that privacy and security should be designed in from the beginning.

Consumer Transparency: There should be no secret RFID tags or readers. Use of RFID technology should be as transparent as possible, and consumers should know about the implementation and use of any RFID technology (including tags, readers and storage of PII) as they engage in any transaction that utilizes an RFID system. At the same time, it is important to recognize that notice alone does not mitigate all concerns about privacy. Notice alone does not, for example, justify any inappropriate data collection or sharing, and/or the failure to deploy appropriate security measures. Notice must be supplemented by thoughtful, robust implementation of responsible information practices.

Are USB drives a security risk?

Posted on 02May06 by jessamyn

Michael Sauers has posted a summary of some of the interesting discussion happening on web4lib. The upshot? Michael’s opinion “[T]here’s no security risk from USB drives that can’t be solved in ways that won’t also hurt the other 99% of your patrons.” He offers two pieces of advice to make risks lower still: 1) alter the BIOS of the computer to disallow booting from USB drives and password protect it and 2) use Deep Freeze or some other software that will return your computer to it’s default settings on reboot (good for many other reasons). See? Problem solved. How about letting patrons use their USB drives now?

Engaged Patrons

Posted on 29Apr06 by jessamyn

There is no reason not to try this. EngagedPatrons.org “provide website services connecting public libraries and their patrons. We handle the programming; you reap the benefits of being able to offer your users a more engaging and interactive web presence.” The head honcho, Glenn Peterson, has been working on the Hennepin County Library website for a decade. A decade! Free to qualifying public libraries. Do you have a single thing to lose? No, you do not. [thanks rick]

cautionary OPAC tale

Posted on 20Apr0625Apr06 by jessamyn

You know how gamers like to sometimes memorize button sequences that will enable them to get out of tricky situations or basically cheat? Well, let’s try to figure out how to recreate the code that caused this Sirsi ILS to automatedly order one copy of everything. Anyone from PSU in the house?

On the day of the time change to daylight savings time earlier this month, an unknown someone at my library went to change the time in our Workflows system. Somehow this action triggered a sequence of events in the program that led from point A to point B, the latter point being that the system emailed out to the vendors an order for every item that had ever been ordered by any branch of our library since May of 2001. We are talking about millions and millions of items ordered overnight. Some orders to large vendors, like Yankee, consisted of tens of thousands of items.

IM me. IM me?

Posted on 18Apr0618Apr06 by jessamyn

I tried to go swimming at the pool this weekend and went through a long comedy of errors trying to figure out when the pool and/or the school that I swim at was open on Easter Sunday. The Vermont Technical College’s library, which I love incidentally, has a script running on their home page telling you when the library is open that day. This is great except when it’s innacurate. The library didn’t open at 3 on Easter. I don’t think it opened at all. The phone message at the pool said that they would open at 1, but they were closed (even though the schedule on the door said they would be open) and the phone message read the hours but then said “except for official holidays” which it suggested you call the registrar’s office for. I wound up swimming later in the day, this wasn’t such a big deal. I did get an email back from the pool coordinator (good!) which told me that the schedule on the door was correct. I had seen the schedule, and related to her that it wasn’t correct (bad!). I thought, as I often do in these situations, that this is how some people view their libraries.

However, this is a post about IM. One of the channels I tried to figure out what was up with the pool was to IM my friend Stan who goes to school at VTC to see if he knew. Through a mysterious set of circumstances, I had two Stans on my IM list (probably some aggressive renaming on my part) and I had an interesting IM conversation with a person who wasn’t Stan but who was clearly an IM reference whiz. Even though she lived hours away she gave me the best information of any of the sources I tried. Turns out she’s a librarian I knew but didn’t recognize the IM. Once I Googled her IM handle and read her blog it also turns out that we had been listening to the same Buzzcocks song earlier in the day.

This is all just a lead up to tell you to go look at Michael Stephen’s IM Reference post where he answers some questions posted by another librarian and shares some stats and links to more stats. My library, which I am crazy about, just started being available via IM and I’ll be interested to know how this works out for them.