Something to think about… if a patron checks out a CD from your library and it has harmful DRM on it, are you liable for any damages that might cause?
The Ann Arbor, Michigan, library system doesn’t seem to think so.
You are currently browsing the archive for the Internet Security category.
From the article:
Exploit code for a critical flaw in fully patched versions of Microsoft Corp.’s Internet Explorer browser has been released on the Internet, putting millions of Web surfers at risk of computer hijack attacks.
The zero-day exploit, posted by a U.K.-based group called “Computer Terrorism,” could allow a remote hacker to take complete control of a Windows system if the victim simply browses to a malicious Web site.
Yikes! Good thing we’ve got AVG and Deepfreeze.
This is also a good time to remind you all to not open unexpected attachments to your e-mail. Bad things can happen.
If you’ve been following the Sony DRM rootkit debacle (like I have) the news has been so fast and furious that it’s hard to keep up. Here’s a concise timeline and quick summary of what’s happened so far.
The basich gist is: Revelations relating to Sony’s DRM systems, which show jaw-dropping contempt for their customers, for copyright law, for fair trading and for the public interest.
Sound like a juicy read? It is.
Boing Boing: Sony anti-customer technology roundup and time-line
Here’s a great tip from Jenny Levine, The Shifted Librarian. For those of you pondering the issue of providing IM on your public computers, here’s a workable compromise! –Mickey
*****************************
IM on the Desktop
By Jenny
Just a reminder that if you want to offer instant messaging on your public workstations but you don’t want to install software or your IT department is worried about the security of IM apps, you can always put desktop shortcuts and quick links in the browser to the web-based versions of these IM clients and/or Meebo.
Your patrons will lose some of the great functionality of the full clients, but it’s a start, and it might be a stepping stone to offering more down the road if you’re meeting resistance. In addition, it looks to me like you circumvent some privacy issues, too, because no transcripts of conversations are saved on the hard drive. Granted, information may still be in the browser’s cache, but hopefully you’re already addressing this issue with software that clears it out after each user.
Posted on: Mon, Nov 7 2005 11:09 PM
We’ve been receiving lots of comment spam in the last day or 2. I guess that’s good because it means someone (or something) is reading our blog. In order to separate the wheat from the chaff, however, I’ve enabled a most useful Wordpress plugin called SpamKarma 2. So far it’s been immensely helpful in helping to control the numbers of spam (and you probably didn’t notice that it was there, all the spams got moderated and so had to go through SuperLiz and got filtered by me) that come to the blog.
If your comment should happen to not appear, don’t fret. I’ll get a notify that you posted and that it was held back and rest assured that I’ll get it up as soon as I see it.
Questions? Comments?
Ah spam. Meat in a can. Unsolicited commercial email. Do you get it? Do you want to know how not to? Read this article!
TechSoup - Articles: Using the Internet - Top 20 Ways to Prevent Spam
The September 2005 issue of Consumer Reports contains the long-awaited Online Survival Guide. The article discusses security, internet service providers, home networks, and computers–both laptop and desktop. Of particular interest to wireless users is the box on page 23, which describes what you can do to keep your wireless connection secure. Among the tips:
-
Activate encryption
Change your router’s default password
Disguise your network
Create a computer “guest list.”
From the article:
“One person “lost everything.” For someone else, everything “just shut down.”
These people were not reciting the impact of a hurricane or tornado. Rather, they were telling what happened when their computers became infected by programs known as spyware.”
This article is a piece about the experiences of non-techies who became infected with spyware, adware, and viruses. Comiserate with your fellow computer user!
According to Sophos (British anti-virus vendor) an unpatched, unfirewalled Windows machine will be compromised with a virus or network exploit 50% of the time within 12 minutes after connection to the Internet.
What does this mean? Do your Windows updates, keep your Anti-virus software up to date, and always make sure your Windows firewall is turned on.
The 12-minute Windows heist: ZDNet Australia: News: Security
This came in through the MPLA IFACTION (Intellectual Freedom Action) e-mail list. I thought it was interesting enough to share. As a former university employee who was present when such a system went into place, I can definitely vouch for the reduction in access for users and intense user education on how to use the system that occured with the introduction of an authentication system.
To Use that Library Computer, Identify Yourself
By SCOTT CARLSON
A few years ago, just about anyone could turn up at a college library, sit down at a bank of public-access computers, and cruise the Internet with no password, little trouble, and only the slimmest chance of being identified.
But academic librarians, wary of increasing instances of Internet-related crime and hacking, are now having second thoughts about that unfettered, unsupervised access. At some college libraries, students must now log in to use computers, and visitors must show an ID to get computer access.
Lots of Windows Updates this week, make sure that you do them.
Want to know more? See this article:
10 vulns - three critical - in MS patch batch | The Register
Library Journal has an interesting blog about Phishing, Pharming, and Spim today.
Phishing - Sending fake emails to get people to click fake urls to get real account numbers and passwords.
Pharming - Changing the DNS to redirect from a real URL to a fake URL to get account information.
Spim - Spam/Phishing/spyware via instant messaging.
Phishing, Pharming and Spim - LJ Tech Blog - Blog on LibraryJournal.com - 670000067
You’ve gotten those messages, purporting to be from your Bank, saying “your account security has been breached! Enter all this personally identifying information and bank account numbers to verify your identity.” These emails come from people called Phishers, and they want to steal your identity. Know your enemy! Read this article about Phishers and Phishing.
Ooh! Now this is interesting. A web browser based method of connecting to IM services such as MSN, Yahoo!, or AOL IM.
Now there is no excuse to not allow patrons access to IM in the library, as we don’t even have to install the software!
Get a lot of spam? Want to educate your patrons about the hazards, danger, and annoyance of spam? This might be for you!
TechSoup - News and Views - Free Anti-Spam Software for Libraries
NEKLS has been receiving many of these messages. Please see this web page for more technical information re: this worm.
Remember the cardinal rules of email safety: if you don’t know the sender, and you weren’t expecting an attachment, DON’T OPEN IT!