--- Will Hill <[EMAIL PROTECTED]> wrote: > Sure, John, I'm serious. Let's weigh the gains and > the risks. Let's also > look at some countermeasures for the risks. > > What can be lost? In a world full of cable modem > zombies, show me the harm of > someone taking over another computer that happens to > be in a library.
Among the myriad reasons, the most important would be that the library would be legally responsible if it knew its boxen were hacked, did nothing, and then further damage were caused to machines outside the library's network, or a user's private data compromised. > Specifically, what new risk would you expose the > patron to? Privacy of data for one. A compromised system could easily have a keylogger installed. Any passwords typed into even an SSL browser window would be compromised. The library is liable for services they offer. > Because of poor > current security, I imagine that most libraries > already have compromised > systems. Your imagination would be wrong. From my experience, most library's public PC networks are not compromised, and if they are, they usually get more than a little concerned about it and do something pretty quick to rectify the situation. We have a couple of sysadmins for public library computer networks on this list; I'm sure they would agree. > People like John Ashcroft already think > they own the information. I'm no fan of Ashcroft or the PATRIOT Act, but facts usually work better than invective hyperbole. You have any facts to backup your assertion? > Patrons worried about their privacy are welcome to > use the guest account. So, they would have to limit themselves to anonymous surfing or app usage. However, if the hax0r is physically in the library, they could visually identify the user and could tie surfing habits (captured via tools on compromised system) or generated app data to a person's identity. In a public setting, using compromised systems, guest usage is no guarantee of security. > If > you are worried about gaining the ire of publishers, > you are too late because > they already hate libraries. They do? That's news to me and any library system. Again, do you have actual facts to back up this questionable assertion? My wife is a librarian and she receives plenty of catalogs in the mail from publishers, asking that she buy their wares for her library. > What I propose is much less difficult than posting > to the world at large. I'm > talking about a system limited to people who have > actually walked into the > building and proved their residence nearby. I see your point that it would be cool to offer a Linux distro for public library computer with user data persistance and access to lots of neat apps. But doing it securely is damned hard. > What is to be gained? Lots. The services I > mentioned would be a real benefit > to library patrons. More would be lost, in time maintaining the system in a secure fashion. Your point of not maintaining security at all would simply lead to that library appearing in a lawsuit as a defendant, therefore lots of $$$ would be lost by the library. > This is the kind of computing > that people are coming to > expect. It is going to be delivered. I think you have a better future as a marketer than a sysadmin. Most of the application services you are talking about are already being delivered. Yahoo! offers a number of PIM type services, which I use. Here are some others: http://dmoz.org/Computers/Internet/On_the_Web/Web_Applications/Personal_Information_Managers/ My point is that it is more cost-effective for the library to offer access to services, not services themselves. Asking a library to maintain computer accounts is more effort than it is worth; considering the issues of privacy and security, and the legal liabilities associated with those services. In a better world, libraries would have lots of funding to build solid and secure computer networks and pay a staff of IT admins what they are really worth to provide what you are proposing. In the real world, public library funding is very limited and the IT staff for an entire parish's public library system usually consists of 1 person. > One way to protect patron privacy is to not remember > who has what account. Interesting idea, see http://www.oreillynet.com/pub/a/network/2002/08/02/simson.html. > This can be accomplished by remembering that a > patron has an account but not > it's name or creation date. The patron could be > given a temporary name and > password that they can change with reasonable > instruction. Anyone breaking > into the system would need additional information, > such as cell phone > location or email contacts, to know what accounts > belong to what user. > Anyone who has that much already can break through > anything I can imagine. It is a decent idea but still not totally secure if the system is already compromised. Again, the hax0r could be physically in the same location and link the identity of the person with the person's data. Look at the other thread LSU's poor state of network security. A publically, or even semi-publically available network is usually a nightmare for sysadmins, especially if it uses Windoze for the user OS. When I was at USL (a long time ago), we had Sun boxen for user terminals (guess they still do), and those boxes worked great. You could run apps and store data, though the data was kept on a central server, not the local machine. Expensive, but SunOS was a heck of a lot more secure than Windows 3.1 (at that time). The Sun optical mouse in 1990 was like science fiction to me! > I don't need to put a box outside my firewall. I'm > sure that the pros can > already break through anything I put up. I'll bet > that even yahoos like you > and Dustin can break through my poor little 486 > without much effort. Then why can't you see that what you are proposing is a bad idea? A compromised machine means that the user's data and privacy is also compromised, and since it is a public environment, their identity is compromised as well. I think that a person could be more secure if their home machine was compromised, because at least their identity would be harder to determine visually. > Help me out, what am I missing? I understand that > giving people shell > accounts increases vulnerability. I know that > sophisticated users can use > local exploits to gain root. What I don't see is > the harm in it that merits > the loss of all that can be had. It seems that a > system can be designed that > assumes it will be broken anyway and protect the > things that will be lost > before it happens. Agreed, a system can be and should be designed in this manner, which was the original point of the discussion. But my point is that there is not a lot to be gained by offering lots of applications to public library users. Most people use these computers for web browsing, web based email, some word processing and for younger users; educational software and games. Allowing users to keep their private data and/or identity on a public library's computer is more trouble than it is worth, as there are plenty of web applications (via SSL) that do a much better job of this. Public libraries simply do not have the funding to do it, given the current state of local computer security on most operating systems (especially Windoze, but including Linux as well). My wife was the sysadmin for the Ascension Parish Public Library for a couple of years. The setup there was to restore a default disk image to the public machines every morning. This took care of a range of problems: no viruses, no legal liabilities concerning privacy, software configurations would be returned to default, etc. And if a machine got screwed up during the day (being M$ boxen, they did), she could simply reinstall the image in about 10 minutes. In summary: Offering a service to the public means that offering entity accepts responsibility for that service. What you are proposing is too expensive for public libraries to offer at this time to do properly and not get sued. Blame the poor state of computer security for this. John Hebert > On Thursday 06 May 2004 07:43 pm, John Hebert wrote: > > The term "hax0r heaven" comes to mind here. > > > > C'mon Will, are you serious? Libraries are very > > concerned with the legal issues concerning > information > > technology and privacy. Linux is not as secure as > you > > might think, especially if someone has local > access to > > your machine. > > > > Let me put it this way: why don't you put one of > your > > Linux boxes outside of your firewall and then post > a > > message to alt.warez.never.enough.drive.space that > you > > are offering free accounts? I'm sure you will > learn a > > lot. > > > > > > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net __________________________________ Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover
