Re: [CODE4LIB] Formalizing Code4Lib? [diy]

2016-06-08 Thread Eric Hellman
Since we're brainstorming...

In addition to regional meetings, how about having some smaller, national or 
even international thematic Code4Lib meetings. For example, I see an aching 
need for a "Code4Lib:Privacy".


Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
https://go-to-hellman.blogspot.com/
twitter: @gluejar

> On Jun 8, 2016, at 6:40 AM, Eric Lease Morgan <emor...@nd.edu> wrote:
> 
> On Jun 8, 2016, at 1:55 AM, Kyle Banerjee <kyle.baner...@gmail.com> wrote:
> 
>> My recollection is that in the bad 'ol days, c4l was much more about sharing 
>> ideas to solve practical problems… Nowadays, the conference (which has 
>> become like other library conferences) has become an end in itself…
> 
> 
> In the spirit of open source software and open access publishing, I suggest 
> we earnestly try to practice DIY — do it yourself -- before other types of 
> formalization be put into place.
> 
> I was struck by Kyle’s statement, “the conference has become an end in 
> itself”, and the more I think about it, the more I think this has become 
> true. The problem to solve is not identifying a fiduciary for the annual 
> conference. The problems to solve surround communication and sharing. A 
> (large) annual conference is not the answer to these problems, but rather it 
> is one possible answer.
> 
> Unless somebody steps up to the plate, then I suggest we forego the annual 
> meeting and try a more DIY approach for a limited period of time, say two or 
> three years. More specifically, I suggest more time & earnest effort be spent 
> on local or regional meetings. Hosting a local/regional meeting is not 
> difficult and relatively inexpensive. Here’s how:
> 
>  1) Identify one or two regional leaders - These are people who will 
> initialize and coordinate events. They find & recruit other people to 
> participate. Sure, they require “spare cycles", but they do not have to keep 
> this responsibility past a single event.
> 
>  2) Create/maintain a Web presence - This is a Web page and/or a mailing 
> list. These tools will be communication conduits. Keep the Web page 
> up-to-date on the status of the event. Refer to it in almost every email 
> message. Use it to record what will happen as well as what did happen. The 
> mailing list can start out as someone’s address book, but it can grow to an 
> mail alias on a Linux machine or even a Google Group. The Web page can live 
> in the Code4Lib wiki.
> 
>  3) Communicate - Kind of like voting in Chicago, “Talk early. Talk often.” 
> This is essential, and can hardly be done too much. People delete email. 
> People don’t plan ahead. People think they are not available, then at the 
> last minute they are. The reverse happens too. Send communications about your 
> event often, very often. Use email to build a local/regional community. Share 
> with them your intention as early as Step #1. Keep people informed.
> 
>  4) Identify a venue — Find a place to have the event. Colleges, 
> universities, and municipal libraries are good choices. Ideally they should 
> be associated with the output of Step #1. The meeting space has to 
> accommodate fifty people (more or less), but bigger is not necessarily 
> better. The space can be an auditorium, a meeting room, many meeting rooms, 
> or any combination. The space requires excellent network connectivity. A 
> meeting space sans strong wi-fi is detrimental.
> 
>  5) Identify a time - The meeting itself needs to be at least one afternoon 
> long. A day is good. More than two full days becomes a bit difficult. 
> Starting at times like noon allows people to have traveling time, or for 
> folks who arrived the night before time to get oriented. Starting at nine and 
> ending at 5 makes for a nice full day. Ending the meeting around noon makes 
> it easy for people to travel back home. Host the event on a weekday and maybe 
> ending on a Saturday. This is professional work, and it may be fun & 
> interesting, but it should not require vacation leave.†
> 
>  6) Outline an agenda - The agenda embodies "la raison d’être”. The agenda is 
> a tool for facilitating the communication and sharing. Put it on the Web 
> page. Allow others to fill it in. Outline show & tell sessions of various 
> lengths. Recruit people who you know are doing interesting things. Be 
> prepared to show one or two things from the local institution. Do show & tell 
> on things other than computers in libraries. Give tours of local cool stuff, 
> like an archive, special collection, museum, maker space, or even churches. 
> These tours are less about the showing of the stuff as they are about 
> enabling communication of the attendees. Do you reall

Re: [CODE4LIB] "Illegal Aliens" subject heading

2016-04-18 Thread Eric Hellman
Yes, thank you. The "we" has to include cataloguing experts and the catloguing 
community of course. A fair amount of those people are already part of the 
Cod4Lib community.

> On Apr 18, 2016, at 10:59 AM, Galen Charlton <g...@esilibrary.com> wrote:
> 
> Hi,
> 
> On Mon, Apr 18, 2016 at 10:28 AM, Eric Hellman <e...@hellman.net> wrote:
>> I also think that Code4Lib is potentially more powerful than congress
>> in this situation. LC says that "all of the revisions will appear on a
>> Tentative List and be approved no earlier than May 2016; the
>> revision of existing bibliographic records will commence shortly
>> thereafter." It seems unlikely that Congress can act before this
>> happens. We could then implement systems that effect this
>> subject heading deprecation without regard to Rep. Diane Black
>> and Congress. We can scrub the MARC records. We can alter the
>> cataloguing interfaces. We could tweak the cataloguing standard.
> 
> Or to put it another way, "we" could make a (hopefully friendly) fork
> of LCSH if it gets compromised via an act of law.
> 
> Such a fork could provide benefits going far beyond protesting
> Congressional interference in LCSH:
> 
> * If appropriate tools for collaboration are built, it could allow
> updates to be made faster than what the current SACO process permits,
> while still benefiting from the careful work of LC subject experts.
> * It could provide infrastructure for easily creating additional forks
> of the vocabulary, for cases where LCSH is a decent starting point but
> needs refinement for a particular collection of things to be
> described.
> 
> However, I put "we" in quotes because such an undertaking could not
> succeed simply by throwing code at the problem. There are many
> Code4Lib folks who could munge authority records, build tools for
> collaborative thesaurus maintenance, stand up SPARQL endpoints and
> feeds of headings changes and so forth — but unless that fork provides
> infrastructure that catalogers and metadataists /want/ to use and has
> some guarantee of sticking around, the end result would be nothing
> more than fodder for a C4L Journal article or two.
> 
>> What else would we need?
> 
> Involvement of folks who might use and contribute to such a fork from
> the get-go, and early thought to how such a fork can be sustained. I
> think we already have the technology, for the most part; the question
> is whether we have the people.
> 
> Regards,
> 
> Galen
> --
> Galen Charlton
> Infrastructure and Added Services Manager
> Equinox Software, Inc. / Open Your Library
> email:  g...@esilibrary.com
> direct: +1 770-709-5581
> cell:   +1 404-984-4366
> skype:  gmcharlt
> web:http://www.esilibrary.com/
> Supporting Koha and Evergreen: http://koha-community.org &
> http://evergreen-ils.org



signature.asc
Description: Message signed with OpenPGP using GPGMail


[CODE4LIB] "Illegal Aliens" subject heading

2016-04-18 Thread Eric Hellman
As you've probably heard, LC has decided to deprecate "Illegal Aliens" as a 
subject heading. https://www.loc.gov/catdir/cpso/illegal-aliens-decision.pdf 
<https://www.loc.gov/catdir/cpso/illegal-aliens-decision.pdf>

In a troubling development, Rep. Diane Black has introduced legislation to 
prevent this from occurring.
There's a nice article in DailyKos. describing the situation: 
http://www.dailykos.com/stories/2016/4/13/1514702/-Now-they-re-coming-after-the-librarians
 
<http://www.dailykos.com/stories/2016/4/13/1514702/-Now-they-re-coming-after-the-librarians>

Based on conversations with some library folks in Washington, I think this 
legislation has a chance of becoming law. At the very least, it could 
politicize the nomination of Dr. Carla Hayden.

I also think that Code4Lib is potentially more powerful than congress in this 
situation. LC says that "all of the revisions will appear on a Tentative List 
and be approved no earlier than May 2016; the revision of existing 
bibliographic records will commence shortly thereafter." It seems unlikely that 
Congress can act before this happens. We could then implement systems that 
effect this subject heading deprecation without regard to Rep. Diane Black and 
Congress. We can scrub the MARC records. We can alter the cataloguing 
interfaces. We could tweak the cataloguing standard.

Or at least I think we can. Code4Lib knows better than I do. What else would we 
need? What might be hard for us to do if LC is forbidden to help us, officially?

"Illegal Aliens" appears a total of 91 times on 15 pages of the most recently 
published edition of the LC headings (8,179 pages total 
https://unglue.it/work/140214/ <https://unglue.it/work/140214/> )

Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
https://go-to-hellman.blogspot.com/
twitter: @gluejar



signature.asc
Description: Message signed with OpenPGP using GPGMail


Re: [CODE4LIB] [code4libcon] Proposed Duty Officer

2016-02-24 Thread Eric Hellman
Here's an eaxample.

suppose Alice is worried about harrassment by Bob. Eve has on the list of 
proposed duty officers. Unfortunately Eve and Alice were once a couple, so 
Alice would feel comfortable going to Eve to address a possible situation with 
Bob. There's no accusation against Eve, but it would be best for everyone if 
Eve was not put in a difficult situation. And Alice really doesn't want to 
explain her relationship with Eve. (No one should be forced to explain a 
relationship!)

It's best to attract many volunteers and pick a few, maye out of a hat, without 
prejudice to those who aren't picked.

> On Feb 24, 2016, at 8:18 PM, Kyle Banerjee  wrote:
> 
> Fully agreed that anonymity is sometimes necessary to protect individuals.
> 
> My interpretation of the email I responded to was that the anonymous form
> was for feedback for the idea of the proposed duty officers rather than the
> suitability of particular individuals to fill this role.
> 
> My apologies to everyone if I have misunderstood.
> 
> If the idea is to collect feedback pertaining to specific individuals, I
> believe it would have been more appropriate to collect anonymous feedback
> that potentially included everyone (rather than a select few) so that
> suitability concerns could be resolved before people put their name on a
> volunteer list. As things are now, anyone on the duty officer list who
> doesn't wind up serving for any reason might be wrongly assumed to have
> been barred for being a harasser regardless of any public explanation.
> 
> I hope that the process for resolving accusations would be a matter of
> public discussion.
> 
> kyle
> 
> On Wed, Feb 24, 2016 at 4:36 PM, Becky Yoose  wrote:
> 
>> Apologies for the short reply with my manager's hat firmly in place -
>> transparency is good, but there are times when a particular process or
>> discussion should not be public. Given the sensitive nature of some of the
>> feedback that might be presented about particular individuals, transparency
>> would not be a good fit for the feedback process.
>> 
>> Thanks,
>> Becky
>> 
>> On Wed, Feb 24, 2016 at 4:28 PM, Eric Phetteplace 
>> wrote:
>> 
>>> I think we're all perfectly fine with discussing this issue in the open,
>> by
>>> all means let's do that. The Code of Conduct on GitHub is a shining
>> example
>>> of this; the whole discussion is in the open and you can see the
>>> conversations around particular passages unfold in the issues queue. The
>>> problem is discussing specific concerns one has with *individuals.* That
>>> does not feel appropriate for a public listserv, whether we're talking
>>> about a victim, harasser, or potential duty officer.
>>> 
>>> Perhaps I'm misunderstanding, but I do not see how the inability to voice
>>> concerns about individuals stops us from having a general conversation on
>>> how to be an inclusive and safe community. Much as we can "improve
>>> everyone's skills", as preconferences of the past have done, while *also*
>>> having designated duty officers with a specific responsibility. These are
>>> not mutually exclusive and indeed are complimentary.
>>> 
>>> Best,
>>> Eric
>>> 
>>> On Wed, Feb 24, 2016 at 3:25 PM, Esmé Cowles 
>>> wrote:
>>> 
 We live in a world where the are repercussions of calling out people
>> for
 sexual harassment.  Not to put too fine a point on it, we live in a
>> world
 where people were recently sued for doing just that.  So I think it's
 completely necessary to have an anonymous method of raising concerns,
>> if
 you really want people to raise concerns with the conference
>> organizers.
 
 -Esmé
 
> On Feb 24, 2016, at 6:12 PM, Kyle Banerjee 
 wrote:
> 
>> Feedback about proposed duty officers can be emailed to directly to
>>> me,
>> chadbnel...@gmail.com, or submitted via this anonymous form
>> .
>> 
> 
> 
> It's unfortunate people feel a need to move discussions offline -- I
> interpret this as meaning some people are afraid of repercussions for
> respectfully sharing thoughts on an issue that affects everyone.
> 
> I believe we agree as a community we cannot be our best if the ideas
>>> and
> talents of any group are excluded. I believe we agree specific
>> measures
 are
> needed to overcome structural barriers and provide opportunities to
>>> broad
> groups of people who still can't participate in the technology
>>> community
 on
> an equal basis.
> 
> To be direct, I have concerns about the duty officer idea.  I support
>>> the
> motivation behind the concept 100%. I have great respect for the
>> people
 who
> have stepped up on this issue, both as technologists and as people in
> general.
> 
> Being a self selected group, c4l has problems found in society at
>>> 

Re: [CODE4LIB] VIAF https certs

2016-02-03 Thread Eric Hellman
https://www.ssllabs.com/ssltest/analyze.html?d=dx.doi.org 


Someone seem to be on the job there.

> On Feb 2, 2016, at 2:32 PM, Stuart A. Yeates  wrote:
> 
> There are a relatively small number of infrastructure domains to which a
> huge number of our users are exposed:
> 
> doi.org
> handle.net
> ...
> 
> In my view pretty much anything which can be used as a lever to get them to
> become more secure has to be a good idea, since these are websites which we
> have basically no choice about exposing our users to.
> 
> cheers
> stuart
> 



signature.asc
Description: Message signed with OpenPGP using GPGMail


Re: [CODE4LIB] VIAF https certs

2016-02-02 Thread Eric Hellman
The folks at 18F offered to set up a dashboard for the library world like 
https://pulse.cio.gov/https/domains/
 

 
b ut we thought it might be too 
depressing just now.

 

 
> On Feb 1, 2016, at 2:21 PM, Stuart A. Yeates  wrote:
> 
> Does anyone know of an alerting service for HTTPS certs? Ideally one that
> covers both soon-to-expire certs and
> now-below-recommended-security-settings certs?
> 
> cheers
> stuart
> 
> --
> ...let us be heard from red core to black sky
> 



signature.asc
Description: Message signed with OpenPGP using GPGMail


Re: [CODE4LIB] Let's Encrypt and EZProxy

2016-01-14 Thread Eric Hellman
I would also go with the $120 3 year wildcard cert for ezproxy. What vendor are 
you using?
> On Jan 14, 2016, at 7:23 PM, Cary Gordon <listu...@chillco.com> wrote:
> 
> I love the idea of Let’s Encrypt, but I recently bought a three year wildcard 
> cert subscription for about $120. I would need to fall firmly into the true 
> believer category to go the route you suggest.
> 
> Cary
> 
>> On Jan 14, 2016, at 11:20 AM, Eric Hellman <e...@hellman.net> wrote:
>> 
>> A while back, the issue of needing a wildcard certificate (not supported by 
>> Lets Encrypt) for EZProxy was discussed.
>> 
>> In my discussions with publishers about switching to HTTPS, EZProxy 
>> compatibility has been the most frequently mentioned stumbling block 
>> preventing a complete switch to HTTPS for some HTTPS-ready  publishers. In 
>> two cases that I know of, a publisher which has been HTTPS-only was asked by 
>> a library customer to provide insecure service (oh the horror!) for this 
>> reason.
>> 
>> It's been pointed out to me that while Lets Encrypt is not supporting 
>> wildcard certificates, up to 100 hostnames can be supported on a single LE 
>> certificate. A further limit on certificates issued per week per domain 
>> would mean that up to 500 hostnames can be registered with LE in a week.
>> 
>> Are there EZProxy instances out there that need more than 500 hostnames, 
>> assuming that all services are switched to HTTPS?
>> 
>> Also, I blogged my experience talking to people about privacy at #ALAMW16.
>> http://go-to-hellman.blogspot.com/2016/01/not-using-https-on-your-website-is-like.html
>>  
>> <http://go-to-hellman.blogspot.com/2016/01/not-using-https-on-your-website-is-like.html>
>> 
>> Eric
>> 
>> 
>> Eric Hellman
>> President, Free Ebook Foundation
>> Founder, Unglue.it https://unglue.it/
>> https://go-to-hellman.blogspot.com/
>> twitter: @gluejar
>> 



signature.asc
Description: Message signed with OpenPGP using GPGMail


[CODE4LIB] Let's Encrypt and EZProxy

2016-01-14 Thread Eric Hellman
A while back, the issue of needing a wildcard certificate (not supported by 
Lets Encrypt) for EZProxy was discussed.

In my discussions with publishers about switching to HTTPS, EZProxy 
compatibility has been the most frequently mentioned stumbling block preventing 
a complete switch to HTTPS for some HTTPS-ready  publishers. In two cases that 
I know of, a publisher which has been HTTPS-only was asked by a library 
customer to provide insecure service (oh the horror!) for this reason.

It's been pointed out to me that while Lets Encrypt is not supporting wildcard 
certificates, up to 100 hostnames can be supported on a single LE certificate. 
A further limit on certificates issued per week per domain would mean that up 
to 500 hostnames can be registered with LE in a week.

Are there EZProxy instances out there that need more than 500 hostnames, 
assuming that all services are switched to HTTPS?

Also, I blogged my experience talking to people about privacy at #ALAMW16.
http://go-to-hellman.blogspot.com/2016/01/not-using-https-on-your-website-is-like.html
 
<http://go-to-hellman.blogspot.com/2016/01/not-using-https-on-your-website-is-like.html>

Eric


Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
https://go-to-hellman.blogspot.com/
twitter: @gluejar



signature.asc
Description: Message signed with OpenPGP using GPGMail


[CODE4LIB] The HTTPS pledge list goes up next week.

2015-12-23 Thread Eric Hellman
Help us make 2016 the year that the library world switches to using HTTPS to 
make all our digital library services secure and private.

The Library Freedom Project will be publishing the initial list of pledges next 
week to encourage everyone to include reader privacy and digital security in 
their New Year's resolutions. The "Library Digital Privacy Pledge" is at 
https://libraryfreedomproject.org/ourwork/digitalprivacypledge/

Over the past few months, I've talked to all sorts of people about switching to 
HTTPS. Librarians, publishers, technologists. Library directors, CEOs, 
executive editors, engineering managers. Everyone wants to do it, but there are 
difficulties and complications, many of them small and some of them sticky. 
It's clear that we all have to work together to make this transition happen.

In addition to our list of pledges, we want to help publicise what you've done 
and what you're doing to make the switch. If you have a web page or blog post 
describing your use of HTTPS or your implementation plans, let us know and 
we'll add it to our list.

Email us at ple...@libraryfreedomproject.org.


Eric Hellman
President, Free Ebook Foundation (and volunteer for the Library Freedom Project)
Founder, Unglue.it https://unglue.it/
https://go-to-hellman.blogspot.com/
twitter: @gluejar


Re: [CODE4LIB] OCLC shutting down xISBN and xID (was Re: [CODE4LIB] Matching print and electronic editions of the same book)

2015-12-11 Thread Eric Hellman
Users of xID services would be wise to check the termination clauses of their 
usage agreements to see whether they are permitted to keep and reuse the data 
they have cached.

Think about it. The world outside of 43017 has invented all sorts of new 
techniques to update and maintain metadata cooperatively.

Eric



Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
https://go-to-hellman.blogspot.com/
twitter: @gluejar


[CODE4LIB] Let's Encrypt public beta

2015-12-03 Thread Eric Hellman
https://letsencrypt.org/2015/12/03/entering-public-beta.html 
<https://letsencrypt.org/2015/12/03/entering-public-beta.html>

Remember, LE is designed for automation, so your big value-add will be figuring 
out how to automate cert renewal on your platform.


Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
https://go-to-hellman.blogspot.com/
twitter: @gluejar


[CODE4LIB] my experience with Let's Encrypt

2015-11-12 Thread Eric Hellman
The past few days, I've been configuring a website to use HTTPS with Let's 
Encrypt. (on a beta invite.) I blogged my experience.
http://go-to-hellman.blogspot.com/2015/11/using-lets-encrypt-to-secure-elastic.html
 
<http://go-to-hellman.blogspot.com/2015/11/using-lets-encrypt-to-secure-elastic.html>

I don't think we (as a community) have understood how LE is going to affect us. 
I was thinking of it as delivering free certificates, but in fact their main 
emphasis is delivering automated certificates.

What this means is that to take full advantage of Let's Encrypt, LE client 
software will need to be integrated into the web platforms we use. And that 
won't happen unless the priority of doing so is made clear, via mechanisms such 
as the Library Digital Privacy Pledge.

I imagine that most libraries will NOT want to use Let's Encrypt until that 
integration occurs. However, once it occurs, certificate maintenance and 
renewal will cease to be an issue.


Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
https://go-to-hellman.blogspot.com/
twitter: @gluejar


Re: [CODE4LIB] Alexander Street Press and Google Analytics

2015-09-30 Thread Eric Hellman
Ahhh that's making more sense! Thanks for tracking that down.

Speaking of tracking, let's hear it for tracking those pesky users across 
domains!


> On Sep 30, 2015, at 3:09 PM, Jason Bengtson <j.bengtson...@gmail.com> wrote:
> 
> For cross domain tracking I believe you have to set the functions for
> appending cookie data to the url yourself, so they should be in your GA
> javascript someplace. There's a special method they have to make it easier.
> There's more information here:
> https://developers.google.com/analytics/devguides/collection/analyticsjs/cross-domain
> 
> Best regards,
> *Jason Bengtson, MLIS, MA*
> Innovation Architect
> 
> 
> *Houston Academy of MedicineThe Texas Medical Center Library*
> 1133 John Freeman Blvd
> Houston, TX   77030
> http://library.tmc.edu/
> www.jasonbengtson.com
> 
> On Wed, Sep 30, 2015 at 1:57 PM, Ranti Junus <ranti.ju...@gmail.com> wrote:
> 
>> I'm intrigued by this cross-browsing thing. Is the additional string of
>> characters added because the outgoing link becomes something like
>> http://search.alexanderstreet.com.ezproxy.yourlibrary.edu/ which looks
>> like
>> the same domain as your library?
>> 
>> (sorry I have no answer on your original query)
>> 
>> 
>> ranti.
>> 
>> On Wed, Sep 30, 2015 at 2:46 PM, Laura Krier <laura.kr...@gmail.com>
>> wrote:
>> 
>>> So, I've determined that this is related to cross-browser tracking, but I
>>> still can't figure out why it continues to append the linker parameter to
>>> external sites. Anyone else using cross-browser tracking? The mystery
>>> deepens...
>>> 
>>> Laura
>>> 
>>> On Wed, Sep 30, 2015 at 11:42 AM Eric Hellman <e...@hellman.net> wrote:
>>> 
>>>> GA doesn't do that AFAIK. might be your proxy server.
>>>> 
>>>> 
>>>> Eric Hellman
>>>> President, Free Ebook Foundation
>>>> Founder, Unglue.it https://unglue.it/
>>>> http://go-to-hellman.blogspot.com/
>>>> twitter: @gluejar
>>>> 
>>>>> On Sep 30, 2015, at 1:47 PM, Laura Krier <laura.kr...@gmail.com>
>>> wrote:
>>>>> 
>>>>> Hey folks,
>>>>> I'm hoping someone else on this list has experienced this and might
>>> have
>>>>> some ideas for me. We use Google Analytics on our website, catalog,
>> and
>>>> our
>>>>> discovery system. GA appends a string of characters to the end of
>> URLs
>>>> when
>>>>> you leave a site, and while this plays fine with most of our
>>> e-resources,
>>>>> it breaks Alexander Street Press's link resolver system.
>>>>> 
>>>>> Has anyone else noticed this? Any ideas how to resolve this? I'm
>>> talking
>>>>> with the folks at ASP but they have never heard of this.
>>>>> 
>>>>> Laura
>>>> 
>>> 
>> 
>> 
>> 
>> --
>> Bulk mail.  Postage paid.
>> 


Re: [CODE4LIB] code4lib services and https

2015-09-01 Thread Eric Hellman
Yes, here's the discussion.

https://listserv.nd.edu/cgi-bin/wa?A1=ind1311=CODE4LIB#157 
<https://listserv.nd.edu/cgi-bin/wa?A1=ind1311=CODE4LIB#157>

The environment has chaged quite a bit since then.

Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar

> On Sep 1, 2015, at 12:35 PM, Lisa Rabey <academichu...@gmail.com> wrote:
> 
> Wasn't this a discussion about two years ago where myself and several
> others offered to step up and use a service like https://www.startssl.com/,
> which is free, but it kind of fell by the wayside?
> 
> _lisa
> 
> On Tue, Sep 1, 2015 at 9:45 AM, Eric Hellman <e...@hellman.net> wrote:
> 
>> The "Library Privacy Pledge" has been finalized. See my blog post at
>> http://go-to-hellman.blogspot.com/2015/08/update-on-library-privacy-pledge.html
>> <
>> http://go-to-hellman.blogspot.com/2015/08/update-on-library-privacy-pledge.html
>>> 
>> 
>> and note that I've set the "description" attribute on the blog to "Move
>> Blogspot to HTTPS NOW."
>> 
>> Anyhoo...
>> Here's the status of Code4lib services:
>> 
>> www.code4lib.org <http://www.code4lib.org/> HTTPS NOT SUPPORTED. Insecure
>> login!
>> planet.code4lib.org <http://planet.code4lib.org/>  HTTPS NOT SUPPORTED
>> jobs.code4lib.org <http://planet.code4lib.org/>  HTTPS NOT SUPPORTED
>> listserv.nd.edu/cgi-bin/wa?A0=CODE4LIB <
>> http://listserv.nd.edu/cgi-bin/wa?A0=CODE4LIB> HTTPS ONLY. Yay.
>> http://journal.code4lib.org/ <http://journal.code4lib.org/>  HTTPS NOT
>> SUPPORTED
>> code4lib.spreadshirt.com <http://code4lib.spreadshirt.com/> HTTPS
>> SUPPORTED, but serving insecure resoures.
>> wiki.code4lib.org <http://planet.code4lib.org/>  HTTPS NOT SUPPORTED.
>> Insecure login!
>> 
>> So can we start setting an example, now? If cost of certificates is an
>> issue, I am willing to step up.
>> 
>> 
>> Eric Hellman
>> President, Free Ebook Foundation
>> Founder, Unglue.it https://unglue.it/
>> http://go-to-hellman.blogspot.com/
>> twitter: @gluejar
>> 
> 
> 
> 
> -- 
> 
> @byshieldmaiden | http://lisa.wtf
> 
> “There are moments, Jeeves, when one asks oneself, 'Do trousers matter?'"
> "The mood will pass, sir.”  - P.G. Wodehouse


Re: [CODE4LIB] "coders for libraries"

2015-09-01 Thread Eric Hellman
Code4Lib | You can't spell 'Library' without 'x4C'
> On Sep 1, 2015, at 10:58 AM, Mark A. Matienzo  wrote:
> How about if we turn this topic around and focus on thinking about coming
> up with a tagline that emphasizes our goals for inclusivity rather than
> identity?
> 
> Mark
> 
> --
> Mark A. Matienzo  | http://anarchivi.st/


[CODE4LIB] code4lib services and https

2015-09-01 Thread Eric Hellman
The "Library Privacy Pledge" has been finalized. See my blog post at 
http://go-to-hellman.blogspot.com/2015/08/update-on-library-privacy-pledge.html 
<http://go-to-hellman.blogspot.com/2015/08/update-on-library-privacy-pledge.html>

and note that I've set the "description" attribute on the blog to "Move 
Blogspot to HTTPS NOW."

Anyhoo...
Here's the status of Code4lib services:

www.code4lib.org <http://www.code4lib.org/> HTTPS NOT SUPPORTED. Insecure login!
planet.code4lib.org <http://planet.code4lib.org/>  HTTPS NOT SUPPORTED
jobs.code4lib.org <http://planet.code4lib.org/>  HTTPS NOT SUPPORTED
listserv.nd.edu/cgi-bin/wa?A0=CODE4LIB 
<http://listserv.nd.edu/cgi-bin/wa?A0=CODE4LIB> HTTPS ONLY. Yay.
http://journal.code4lib.org/ <http://journal.code4lib.org/>  HTTPS NOT SUPPORTED
code4lib.spreadshirt.com <http://code4lib.spreadshirt.com/> HTTPS SUPPORTED, 
but serving insecure resoures.
wiki.code4lib.org <http://planet.code4lib.org/>  HTTPS NOT SUPPORTED.  Insecure 
login!

So can we start setting an example, now? If cost of certificates is an issue, I 
am willing to step up.


Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


[CODE4LIB] "coders for libraries"

2015-09-01 Thread Eric Hellman
Between September and November of 2008, the title attribute of the Code4lib 
homepage was changed from "code4lib | Code for Libraries" to "code4lib | coders 
for libraries, libraries for coders".

Dave Winer, who could be considered the inventor of the blog, recently tweeted 
about us:

"code4lib: coders for libraries, libraries for coders. (I really hate the word 
"coders.") code4lib.org <http://code4lib.org/>"

As someone who feels that Code4Lib should welcome people who don't particularly 
identify as "coders", I would welcome a return to the previous title attribute.

Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


Re: [CODE4LIB] Protocol-relative URLs in MARC

2015-08-19 Thread Eric Hellman
Thank you Christian Pietsch and Kevin Ford for saving me the trouble, and for 
doing so with more correctness than I would have mustered.

IMHO, where an https url is available, adding a insecure link as an alternative 
is 100% disadvantageous to users.

Eric Hellman
President, Free Ebook Foundation
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar

 On Aug 18, 2015, at 5:50 AM, Christian Pietsch 
 chr.pietsch+web4...@googlemail.com wrote:
 
 On Tue, Aug 18, 2015 at 09:29:17PM +1200, Stuart A. Yeates wrote:
 While these may appear to be OAI-PMH providers, they're non-conformant:
 
 http://www.openarchives.org/OAI/openarchivesprotocol.html#ProtocolFeatures
 
 OAI-PMH requests *must* be submitted using either the HTTP GET or POST
 methods.
 
 Everything that holds for HTTP also holds for HTTPS because HTTPS is
 simply HTTP over TLS, as the HTTPS standard is aptly titled:
 https://tools.ietf.org/html/rfc2818
 
 A discussion on the OAI implementers mailing list seemed to converge
 on the position to accept HTTPS wherever possible but not to require
 it. That was in 2005 when the IETF had not started to consider
 declaring HTTP without TLS obsolete altogether.
 https://www.openarchives.org/pipermail/oai-implementers/2005-February/001419.html
 
 Maybe because forcing people to upgrade their tech leaves behind those with
 the least resources. Maybe because switching to a protocol whose minimum
 message cost (in cpu cycles) is many thousands of times higher is a dubious
 cost/benefit trade-off in some situations.
 
 The burden of TLS encryption on CPUs is negligible these days:
 https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html
 
 C:
 
 -- 
  Christian Pietsch · http://purl.org/net/pietsch
  LibTec (Library Technology and Knowledge Management) department
  of Bielefeld University Library, Bielefeld, Germany

 On Aug 18, 2015, at 11:21 AM, Kevin Ford k...@3windmills.com wrote:
 
 I think it is technically permissible, but unwise for a host of reasons, a 
 number of which have been noted in this thread.
 
 It boils down to this:  at the end of the day - and putting aside the whole 
 SSL/non-SSL tangent - it is a relative reference according to the RFC and 
 that begs the question, Relative to what?  Is it relative to your specific 
 system?  Relative to the value found in the $2?  And how is this crucial 
 component - the base-uri/scheme with which to make the reference absolute - 
 captured?
 
 And that’s the crux of the issue.  You are looking to address the binary 
 choice between http/https, but those are only two possible schemes out of 
 many.  Other valid schemes could be:  ftp, sftp, ldap, rtmp, rsync, udp, 
 file, etc.
 
 And, without anyway of knowing which scheme is valid, if you dropped the 
 'scheme' from the URI and those records made it into the wild, the utility of 
 those $u subfields will be substantially diminished, minimally.
 
 Finally, I also suspect that it is uncommon (at best) to find relative 
 references in $u (for the reasons above). The RFC recognizes as much, noting 
 a relative reference that begins with two slash characters...are rarely 
 used.
 
 Why not just repeat the $u?  This is one of the reasons it is repeatable.
 
 Rgds,
 Kevin
 
 


[CODE4LIB] Draft for The Library Digital Privacy Pledge

2015-06-24 Thread Eric Hellman
edit or comment on the draft at 
https://docs.google.com/document/d/1LpV52oSefKhaKSGFcTPONKvXzZUxHbKaW8e6CHHREXk

The Library Digital Privacy Pledge of 2015

We are inviting the library community- libraries, vendors that serve libraries, 
and organizations to sign a Library Digital Privacy Pledge.

For this first pledge, we're focusing on the use of HTTPS (SSL) to deliver 
library services and the information resources offered by libraries. Building a 
culture of Library Digital Privacy will not end with this pledge, but 
committing to this first modest step together will begin a process that won't 
turn back.

We focus on HTTPS as a first step because of its timeliness. At the end of July 
the Let's Encrypt initiative of the Electronic Frontier Foundation will launch 
a new certificate infrastructure that will remove much of the cost and 
difficulty involved in implementation of HTTPS, with general availability 
scheduled for September. Due to a heightened concern about digital 
surveillance, many prominent internet companies, such as Google, Twitter, and 
Facebook, have moved their services to HTTPS. The White House has issued a 
directive that all government websites must move their services to HTTPS by the 
end of 2016. We believe that libraries must also make this change, lest they be 
viewed as technology and privacy laggards, and dishonor their proud history of 
protecting reader privacy.

The 3rd article of the American Library Association Code of Ethics sets a broad 
objective:
We protect each library user's right to privacy and confidentiality with 
respect to information sought or received and resources consulted, borrowed, 
acquired or transmitted.

It's not always clear how to interpret this broad mandate, especially when the 
everything is done on the internet. However, one principle of implementation 
should be clear and uncontroversial:

Library services and resources should be delivered, whenever practical, over 
channels that are immune to eavesdropping.

The current best practice: dictated by this principle is as following:

Libraries and vendors that serve libraries and library patrons, should require 
HTTPS (SSL) for all services and resources delivered via the web.

The Pledge for Libraries:
1. All web services and resources that we directly control will require SSL by 
the end of 2015.
2. Starting in 2016, We will not sign or renew any contracts for web services 
or information resources that do not commit to require SSL by the end of 2016.

The Pledge for Publishers and Vendors:
1. All web services that we control will enable SSL by the end of 2015.
2. All web services that we offer will require SSL by the end of 2016.

The Pledge for Organizations:
1. All web services that we directly control will enable SSL by the end of 2015.
2. We encourage our members to support and sign the appropriate version of the 
pledge.

Schedule:
This document will be open for discussion and modification until finalized by 
July 27, 2015. The finalized pledge will be published on the website of the 
Library Freedom Project. We expect a number of discussions to take place at the 
Annual Conference of the American Library Association and associated meetings.
The Library Freedom Project will broadly solicit signatures from libraries, 
vendors and publishers.
In September, in coordination with the Let's Encrypt project, the list of 
charter signatories will be made announced and broadly publicized to popular 
media.

FAQ

Q: Why the focus on HTTPS?
A: We think this issue should not be controversial and is relatively easy to  
explain

Q. How can my library/organization/company add our names to the list of 
signatories?
A. Email us at [pledge]@libraryfreedomproject.org Please give us contact info 
so we can verify your participation.

Q. Is this the same as HTTPS Everywhere?
A. No, that's a browser plug-in which enforces use of HTTPS.

Q. My Library won't be able to meet the implementation deadline. Can we add our 
name to the list once we've completed implementation? Y
A. Yes.

Q. A local school uses an internet filter that blocks https websites to meet 
legal requirements. Can we sign the pledge and continue to serve them?
A. Most of the filtering solutions include options that will whitelist 
important services. Work with the school in question to implement a work-around.

Q. What else can I read about libraries using HTTPS?
A. The Electronic Frontier Foundation has published What Every Librarian Needs 
to Know About HTTPS


Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


[CODE4LIB] a Library Digital Privacy Pledge ?

2015-06-13 Thread Eric Hellman
Jeremy's response made me think.

What do people think about formulating a Library Digital Privacy Pledge that 
libraries, publishers and vendors could sign onto?

Or perhaps a set of pledges. I'd start with moving services to SSL.

Principle:
Library Services and Resources should be delivered, whenever practical, over 
channels that are immune to eavesdropping.

Current Best Practice:
Require HTTPS (SSL) for all services and resources delvivered via the web.

Pledge (for Libraries):
1. All web services that we control will require SSL by the end of 2015.
2. All web services that we pay for will require SSL by the end of 2016.

Pledge (for Publishers and Vendors):
1. All web services that we control will enable SSL by the end of 2015.
2. All web services that we offer will require SSL by the end of 2016.

I pick HTTPS to focus on first because it's relatively easy to specify/ 
understand. You could do something similar with meta referrer, but it's a bit 
more arcane.

There's a NISO group (I'm on the steering committee) looking at developing 
principles for library privacy that might be an appropriate forum to support 
this.

Eric

 On Jun 11, 2015, at 11:55 PM, Frumkin, Jeremy A - (frumkinj) 
 frumk...@email.arizona.edu wrote:
 
 Eric - 
 
 Many thanks for raising awareness of this. It does feel like encouraging good 
 practice re: referrer meta tag would be a good thing, but I would not know 
 where to start to make something like this required practice. Did you have 
 some thoughts on that?
 
 — jaf
 
 ---
 Jeremy Frumkin
 Associate Dean / Chief Technology Strategist
 University of Arizona Libraries
 
 +1 520.626.7296
 j...@arizona.edu
 ——
 A person who never made a mistake never tried anything new. - Albert 
 Einstein
 
 


Re: [CODE4LIB] Let's implement the referrer meta tag

2015-06-13 Thread Eric Hellman
The referer-linked privacy leakage that I'm mostly concerned with is associated 
with embedded resources, not resources that a user clicks on to access. But I 
agree moving to SSL has many benefits.


 On Jun 12, 2015, at 11:38 PM, Andrew Anderson and...@lirn.net wrote:
 
 I was not suggesting mixing HTTP/HTTPS resources, but rather wholesale 
 converting to SSL and taking advantage of the fact that vendors don’t seem to 
 care about privacy issues and do not support SSL today.   Thus when leaving 
 the secure site, the referring header will not be sent, thanks to RFC 2616 
 behavior.
 
 Of course, SPDY^WHTTP/2.0 will make this moot, but perhaps someone can 
 convince the standards group that referring URLs are not a good idea to carry 
 forward in general.
 
 -- 
 Andrew Anderson, Director of Development, Library and Information Resources 
 Network, Inc.
 http://www.lirn.net/ | http://www.twitter.com/LIRNnotes | 
 http://www.facebook.com/LIRNnotes
 
 On Jun 12, 2015, at 18:23, Eric Hellman e...@hellman.net wrote:
 
 While going to SSL is a good thing to do, it's not a good idea to be loading 
 non-secure resources into a secure web page, because then your page is no 
 longer secure.
 
 So for example, if you load the google analytics script via http from an 
 https page, and MITM attacker could just insert evil code into the script. 
 Or verizon could insert x-uidh headers into non-SSL cover image requests.
 
 Eric
 
 On Jun 12, 2015, at 2:37 AM, Andrew Anderson and...@lirn.net wrote:
 
 Or just SSL enable your library web site.  Few vendors support SSL today, 
 so crossing the HTTP/HTTPS barrier is supposed to automatically disable 
 referring URL passing.
 
 http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html#sec15.1.3
 
 15.1.3 Encoding Sensitive Information in URI's
 
 Because the source of a link might be private information or might reveal 
 an otherwise private information source, it is strongly recommended that 
 the user be able to select whether or not the Referer field is sent. For 
 example, a browser client could have a toggle switch for browsing 
 openly/anonymously, which would respectively enable/disable the sending of 
 Referer and From information.
 
 Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP 
 request if the referring page was transferred with a secure protocol.
 
 Authors of services which use the HTTP protocol SHOULD NOT use GET based 
 forms for the submission of sensitive data, because this will cause this 
 data to be encoded in the Request-URI. Many existing servers, proxies, and 
 user agents will log the request URI in some place where it might be 
 visible to third parties. Servers can use POST-based form submission instead
 
 -- 
 Andrew Anderson, Director of Development, Library and Information Resources 
 Network, Inc.
 http://www.lirn.net/ | http://www.twitter.com/LIRNnotes | 
 http://www.facebook.com/LIRNnotes
 
 On Jun 12, 2015, at 0:24, Conal Tuohy conal.tu...@gmail.com wrote:
 
 Assuming your library web server has a front-end proxy (I guess this is
 pretty common) or at least runs inside Apache httpd or something, then
 rather than use the HTML meta tag, it might be easier to set the referer
 policy via the Content-Security-Policy HTTP header field.
 
 https://w3c.github.io/webappsec/specs/content-security-policy/#content-security-policy-header-field
 
 e.g. in Apache httpd with mod_headers:
 
 Header set Content-Security-Policy referrer 'no-referrer'
 
 
 
 On 12 June 2015 at 13:55, Frumkin, Jeremy A - (frumkinj) 
 frumk...@email.arizona.edu wrote:
 
 Eric -
 
 Many thanks for raising awareness of this. It does feel like encouraging
 good practice re: referrer meta tag would be a good thing, but I would not
 know where to start to make something like this required practice. Did you
 have some thoughts on that?
 
 — jaf
 
 ---
 Jeremy Frumkin
 Associate Dean / Chief Technology Strategist
 University of Arizona Libraries
 
 +1 520.626.7296
 j...@arizona.edu
 ——
 A person who never made a mistake never tried anything new. - Albert
 Einstein
 
 
 
 
 
 
 
 
 
 On 6/11/15, 8:25 AM, Eric Hellman e...@hellman.net wrote:
 
 
 http://go-to-hellman.blogspot.com/2015/06/protect-reader-privacy-with-referrer.html
 
 http://go-to-hellman.blogspot.com/2015/06/protect-reader-privacy-with-referrer.html
 
 
 I hope this is easy to deploy on library websites, because the privacy
 enhancement is significant.
 
 I'd be very interested to know of sites that are using it; I know Thomas
 Dowling implemented a referrer policy on http://oatd.org/ 
 http://oatd.org/
 
 Would it be a good idea to make it a required practice for libraries?
 
 
 Eric Hellman
 President, Gluejar.Inc.
 Founder, Unglue.it https://unglue.it/
 http://go-to-hellman.blogspot.com/
 twitter: @gluejar
 


Re: [CODE4LIB] Let's implement the referrer meta tag

2015-06-12 Thread Eric Hellman
While going to SSL is a good thing to do, it's not a good idea to be loading 
non-secure resources into a secure web page, because then your page is no 
longer secure.

So for example, if you load the google analytics script via http from an https 
page, and MITM attacker could just insert evil code into the script. Or verizon 
could insert x-uidh headers into non-SSL cover image requests.

Eric

 On Jun 12, 2015, at 2:37 AM, Andrew Anderson and...@lirn.net wrote:
 
 Or just SSL enable your library web site.  Few vendors support SSL today, so 
 crossing the HTTP/HTTPS barrier is supposed to automatically disable 
 referring URL passing.
 
 http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html#sec15.1.3
 
 15.1.3 Encoding Sensitive Information in URI's
 
 Because the source of a link might be private information or might reveal an 
 otherwise private information source, it is strongly recommended that the 
 user be able to select whether or not the Referer field is sent. For example, 
 a browser client could have a toggle switch for browsing openly/anonymously, 
 which would respectively enable/disable the sending of Referer and From 
 information.
 
 Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP 
 request if the referring page was transferred with a secure protocol.
 
 Authors of services which use the HTTP protocol SHOULD NOT use GET based 
 forms for the submission of sensitive data, because this will cause this data 
 to be encoded in the Request-URI. Many existing servers, proxies, and user 
 agents will log the request URI in some place where it might be visible to 
 third parties. Servers can use POST-based form submission instead
 
 -- 
 Andrew Anderson, Director of Development, Library and Information Resources 
 Network, Inc.
 http://www.lirn.net/ | http://www.twitter.com/LIRNnotes | 
 http://www.facebook.com/LIRNnotes
 
 On Jun 12, 2015, at 0:24, Conal Tuohy conal.tu...@gmail.com wrote:
 
 Assuming your library web server has a front-end proxy (I guess this is
 pretty common) or at least runs inside Apache httpd or something, then
 rather than use the HTML meta tag, it might be easier to set the referer
 policy via the Content-Security-Policy HTTP header field.
 
 https://w3c.github.io/webappsec/specs/content-security-policy/#content-security-policy-header-field
 
 e.g. in Apache httpd with mod_headers:
 
 Header set Content-Security-Policy referrer 'no-referrer'
 
 
 
 On 12 June 2015 at 13:55, Frumkin, Jeremy A - (frumkinj) 
 frumk...@email.arizona.edu wrote:
 
 Eric -
 
 Many thanks for raising awareness of this. It does feel like encouraging
 good practice re: referrer meta tag would be a good thing, but I would not
 know where to start to make something like this required practice. Did you
 have some thoughts on that?
 
 — jaf
 
 ---
 Jeremy Frumkin
 Associate Dean / Chief Technology Strategist
 University of Arizona Libraries
 
 +1 520.626.7296
 j...@arizona.edu
 ——
 A person who never made a mistake never tried anything new. - Albert
 Einstein
 
 
 
 
 
 
 
 
 
 On 6/11/15, 8:25 AM, Eric Hellman e...@hellman.net wrote:
 
 
 http://go-to-hellman.blogspot.com/2015/06/protect-reader-privacy-with-referrer.html
 
 http://go-to-hellman.blogspot.com/2015/06/protect-reader-privacy-with-referrer.html
 
 
 I hope this is easy to deploy on library websites, because the privacy
 enhancement is significant.
 
 I'd be very interested to know of sites that are using it; I know Thomas
 Dowling implemented a referrer policy on http://oatd.org/ 
 http://oatd.org/
 
 Would it be a good idea to make it a required practice for libraries?
 
 
 Eric Hellman
 President, Gluejar.Inc.
 Founder, Unglue.it https://unglue.it/
 http://go-to-hellman.blogspot.com/
 twitter: @gluejar
 


Re: [CODE4LIB] Let's implement the referrer meta tag

2015-06-12 Thread Eric Hellman
I'd not heard of this.

But on reading it closely, I don't think it regulates the referer header, 
rather it prevent restricts the origins of resources that a page can load.So it 
doesn't work with referrer policies. but I could be wrong

Eric

On Jun 12, 2015, at 12:24 AM, Conal Tuohy conal.tu...@gmail.com wrote:
 
 Assuming your library web server has a front-end proxy (I guess this is
 pretty common) or at least runs inside Apache httpd or something, then
 rather than use the HTML meta tag, it might be easier to set the referer
 policy via the Content-Security-Policy HTTP header field.
 
 https://w3c.github.io/webappsec/specs/content-security-policy/#content-security-policy-header-field
 
 e.g. in Apache httpd with mod_headers:
 
 Header set Content-Security-Policy referrer 'no-referrer'
 
 
 


[CODE4LIB] Let's implement the referrer meta tag

2015-06-11 Thread Eric Hellman
http://go-to-hellman.blogspot.com/2015/06/protect-reader-privacy-with-referrer.html
 
http://go-to-hellman.blogspot.com/2015/06/protect-reader-privacy-with-referrer.html

I hope this is easy to deploy on library websites, because the privacy 
enhancement is significant. 

I'd be very interested to know of sites that are using it; I know Thomas 
Dowling implemented a referrer policy on http://oatd.org/ http://oatd.org/

Would it be a good idea to make it a required practice for libraries?


Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


[CODE4LIB] CODEX Hackathon in SFO for ALA

2015-05-21 Thread Eric Hellman
*CODEX Hackathon*
codexhackathon.com

June 26-28, 2015. San Francisco


WHAT'S THE FUTURE OF READING?
We're throwing a literary/publishing/library/books hackathon during the 
American Library Association conference in San Francisco on June 26-28, 2015.
 
It's called CODEX.

It's going to be epic.

It's a gathering of folks who want to imagine the future of books and reading. 
Programmers, designers, writers, librarians, publishers, readers.  All are 
welcome.
 
Opening Reception
Github HQ  • 88 Colin P Kelly Jr. Street 
Friday, June 26, 2015

Hackathon
Parisoma • 169 11th Street.
Weekend of June 27-28, 2015

The theme/challenge will be connecting. So connecting around books,
connecting around reading, connecting readers and authors, connecting
libraries with books. So imagine dating app for readers, Groupon for books,
Tinder for book discovery, new APIs,

Partners and Sponsors: 
Harper Collins, 
Macmillan, 
New York Public Library http://nypl.org , 
the Knight Foundation http://knightfoundation.org ,
 Stanford d.school http://dschool.stanford.edu/ , 
Little Brown, 
Mailchimp http://mailchimp.com/ , 
Dropbox, 
Github http://github.com/ , 
the Digital Public Library of America http://dp.la/ , 
Publishers Weekly http://publishersweekly.com ,  
Project Gitenberg http://gitenberg.github.io , 
Recovering the Classics http://recoveringtheclassics.com/ , 
Harvard Book Store http://harvard.com/ ,


Re: [CODE4LIB] Protagonists

2015-05-05 Thread Eric Hellman
I'm working on metadata for GITenberg. Documentation in progress:
https://github.com/gitenberg-dev/documentation/tree/master/metadata 
https://github.com/gitenberg-dev/documentation/tree/master/metadata

At least the linking-works-to-Gutenberg aspects of this problem should be a lot 
easier by the end of June.

Eric


 On Apr 23, 2015, at 11:46 PM, davesgonechina davesgonech...@gmail.com wrote:
 
 Hey thanks everybody, I've been too busy to dig into any of your
 suggestions but hugely appreciated. This group is awesome.
 
 @Amanda, I actually remember signing up for Small Demons in beta and it
 died before I got a chance to really explore it.
 @Thomas, LibraryThing's charactername field looks very promising if the
 list consistently gives main characters first billing.
 @Shaun Trajectory is definitely interesting, though I've not thought of a
 use case yet.
 @Karen true about the authority problem - unless publishers wrap this sort
 of info in ebook metadata?
 @Joshua Like LibraryThing, its unclear if the character lists are actually
 prioritized by significance.
 @Joel Shame those resources look rather dusty. As for an IMDB for books, I
 think LibraryThing or Amazon are better positioned than anyone.
 @Brooke I'm absolutely certain its doable, but as @Amy points out its a
 pain in the ass. Even if I simply take @Alexander's suggestion of the Le
 Monde list, I have to scrape and scan and scrub for something that, in a
 world where we can have nice things, this already exists in a
 rough-and-ready incomplete but off-the-shelf dataset. It kinda blows my
 mind it doesn't.
 
 Not to mention there's the other step I mentioned, which is matching them
 up with Gutenberg.org pages.
 
 I'll keep you guys updated as I dig into all your ideas. Cheers!
 
 Dave
 
 
 
 On Wed, Apr 15, 2015 at 4:17 AM, Thomas Guignard thomas.guign...@gmail.com
 wrote:
 
 The LibraryThing API could also be used to retrieve what they call Common
 Knowledge tags, including character names but also place names etc.
 
 Example:
 
 https://www.librarything.com/services/rest/1.1/?method=librarything.ck.getworkid=2773690apikey=d231aa37c9b4f5d304a60a3d0ad1dad4
 (using the example API key)
 Look for the characternames field.
 
 As far as I can tell, however, there is no way to determine which of the
 characters are the lead male and lead female character short of
 assuming that the top listed characters are in effect the lead ones. Also,
 the API calls are limited to 1000 a day. But maybe an avenue to consider.
 
 t.
 
 On Tue, Apr 14, 2015 at 2:15 PM, Shaun Ellis sha...@princeton.edu wrote:
 
 Another interesting startup in this area is Trajectory.
 
 Here's a list of Classics/Fiction via their JSON API (doc=isbn):
 http://api.trajectory.com/api/v1/search/?q=c=Fiction%20%2F%
 20Classicslimit=568
 
 Here's a human readable view:
 http://www.trajectory.com/search/?q=facetsc=Fiction%
 20%2F%20Classicslimit=568
 
 -Shaun
 
 
 On 4/14/15 11:07 AM, Amanda French wrote:
 
 What you *did* need for this interesting project was Small Demons, which
 was a for-profit company that was creating linked data from books --
 here's
 an article about it: http://www.theverge.com/2013/
 3/1/4043298/building-an-atlas-for-books-with-small-demons
 
 But it shut down in 2013, and I have no idea what happened to the data.
 It might all have been commercial and proprietary, anyway. Article on
 its
 closure: http://www.latimes.com/books/jacketcopy/la-et-jc-small-
 demons-to-close-unless-buyer-appears-20131106-story.html
 
 Amanda
 
 
 On 4/13/15 10:12 PM, davesgonechina wrote:
 
 So I have this idea I'd like to do for a hobby project, but it requires
 finding a table that lists a classic novel, a Gutenberg.org link to an
 
 snip
 
 
 


Re: [CODE4LIB] Ebook reader app

2015-03-25 Thread Eric Hellman
Another approach- I think the Colorado consortium did this, is to whitelabel 
the Bluefire App, which works with any Adobe-DRM ebook.

With the Rakuten acquisition of Overdrive, I think it it might be wise to let 
the dust settle and see what happens with Kobo. And I know of at least 2, maybe 
3, maybe 4 companies poised to enter the US library market with apps of their 
own. Both in the Adobe ecosystem and outside of it.


 On Mar 25, 2015, at 9:34 AM, English, Eben eengl...@bpl.org wrote:
 
 Lauren,
 
 There actually is a group working toward exactly this type of goal. It's a 
 IMLS grant-funded initiative being organized by NYPL called Library 
 Simplified:
 
 http://www.librarysimplified.org/
 
 You can find out more at the above link, but the basic goal of the project is 
 to create an app for iOS and Android that allows libraries to integrate 
 content from different ebook vendors into a seamless discovery and reading 
 interface. I know that so far they've been working with 3M, Overdrive, and 
 Baker  Taylor to allow content from these vendors to work within the app.
 
 Currently the app is still in development, but I believe the target date for 
 the initial roll-out is late April or early May.
 
 Thanks,
 
 Eben English
 Web Services Developer
 Boston Public Library
 700 Boylston St.
 Boston, MA 02116
 617.859.2238
 eengl...@bpl.org
 
 On Tue, Mar 24, 2015 at 7:39 PM, Lauren Magnuson 
 lauren.lpmagnu...@gmail.com wrote:
 
 I'm curious to know if anyone has explored creating a mobile app for their
 library that would facilitate downloading /reading library ebooks from
 multiple library ebook vendors.  I'm envisioning an app that would allow
 the user to browse ebooks from multiple platforms (e.g., ebrary, EBSCO) and
 enable downloading and DRM management stuff right in the app.
 
 I can think of a million roadblocks to creating something like this
 (publishers, vendors, Adobe, etc.)  But I can also think of a lot of good
 reasons why this would be very useful (the process to download an ebook
 from an academic library is, for the most part, ludicrous).
 
 I know there's Overdrive - and ebrary has it's own app, or whatever, and
 there are apps like Bluefire that can be used with library ebooks - but
 something non-platform specific that could conceivably work for multiple
 library ebook platforms (and be customized by a library to allow the reader
 to browse collections) is what I have in mind.  I also really dig this
 Reader's First (http://readersfirst.org/) initiative, which it looks like
 is wrangling with a lot of the policy /vendor side of things.
 
 Feel free to contact me off list with any information / ideas / advice.
 This feels like a kind of enormous problem, and a lot of libraries could
 benefit from a group working toward a technical solution - but perhaps such
 a group / initiative already exists?
 
 Thanks in advance,
 
 Lauren Magnuson
 Systems  Emerging Technologies Librarian, CSU Northridge
 Development Coordinator, PALNI
 


Re: [CODE4LIB] Lending/circulating independent ebooks

2015-03-25 Thread Eric Hellman
Unglue.it http://unglue.it/ implemented something like that as part of buy 
to unglue, using per-loan embedded licenses and watermarking. We've not had a 
lot of success getting publishers to buy into it. Or libraries. If you have 
applications, several of the components are open source.

Eric

 On Mar 25, 2015, at 5:15 PM, David Malone david.mal...@wheaton.edu wrote:
 
 Has anyone figured out how to circulate one-off/independent e-books to your 
 library patrons? We have ebooks that are not from major vendors like EBL, etc 
 that we have permission to loan. However, I want to be sure that we have some 
 sort of controls on them so that we are not simply distributing free copies.
 
 I envision a system that would take a non-DRM ebook file (PDF?) and place 
 limits on it for a specific time-frame. This system would also track what is 
 out and what is available.
 
 I think think of various individual pieces that may work in my context, but 
 not the full system.
 
 There is great potential here. Any musings or thoughts would be welcome.
 
 David B. Malone, MLIS, CA
 Associate Professor
 Buswell Memorial Library
 Wheaton College
 501 College Ave.
 Wheaton IL 60187-5593
 630.752.5707  | 630.752.5987 FAX
 david.mal...@wheaton.edu  |  http://library.wheaton.edu


[CODE4LIB] security and privacy in RFPs

2015-03-04 Thread Eric Hellman
I recently wrote a blog post about password security in library subscribed 
databases based on an RFP by a state agencecy subject to public disclosure 
laws. The results were very revealing, but it covered only a small set of 
vendors.
http://go-to-hellman.blogspot.com/2015/02/passwords-are-stored-in-plain-text.html
 
http://go-to-hellman.blogspot.com/2015/02/passwords-are-stored-in-plain-text.html

I would be very interested to learn of RFPs for library automation software, 
ebook delivery platforms, etc. subject to similar public disclosure rules that 
asked questions relevant to privacy and security in libraries.

Contact me on or off list.

Eric


Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


Re: [CODE4LIB] Vote for Code4lib 2016 location

2015-02-23 Thread Eric Hellman
These are both great but the Philly folks seem to have forgotten the Weather 
section.

 On Feb 22, 2015, at 8:48 PM, Francis Kayiwa kay...@pobox.com wrote:
 
 Hey All,
 
 Just wanted to make everyone aware of the two fantastic proposals to host 
 Code4lib 2016 that have been submitted. The cities of of Los Angeles and 
 Philadelphia have submitted proposals which are now available at the official 
 Code4lib Website
 
 http://code4lib.org/content/code4lib-2016-conference-proposals
 
 Voting will open tomorrow (UTC so probably already open if you are reading 
 this) and will remain open until 2015-03-07 08:00:00 UTC
 
 You can vote here (registration required)
 
 http://vote.code4lib.org/election/37
 
 Thanks to the both cities for their submissions.
 
 best regards,
 Francis
 
 -- 
 FORTUNE PROVIDES QUESTIONS FOR THE GREAT ANSWERS: #13
 A:Doc, Happy, Bashful, Dopey, Sneezy, Sleepy,  Grumpy
 Q:Who were the Democratic presidential candidates?


Re: [CODE4LIB] Vote for Code4lib 2016 location

2015-02-23 Thread Eric Hellman
My reasons for preferring LA are purely personal and #theweatheristoodamncold, 
and I'm optimistic that I can make it to either location this year after 
several years away.

But the most valuable sessions for me at C4LConf for me have been the 
BOF/breakout sessions. This is very different from multitrack presentations. 
Breaking into small groups is often really valuable; breakout *presentations* 
rarely so. In a smaller group, people feel more comfortable asking stupid 
questions, which are usually the questions everyone else has. 

Eric


Re: [CODE4LIB] what good books did you read in 2014?

2014-12-09 Thread Eric Hellman
A job hazard of mine is reading free ebooks.

Biodigital, by John Sundman. Seemingly written expressly for me.
My review:
http://go-to-hellman.blogspot.com/2014/05/the-future-of-book-is-unfinished-john.html
Get it, and help make it free:
https://unglue.it/work/136615/

Zero Sum Game, by S L Huang. Her superpower is math.
My review:
http://blog.unglue.it/2014/08/29/zero-sum-game-is-an-exponential-transformation/
Get it, and thank the author for making it free.
https://unglue.it/work/139822/


On Dec 9, 2014, at 9:47 AM, Andromeda Yelton andromeda.yel...@gmail.com wrote:

 Hey, code4lib! I bet you consume fascinating media. What good books did you
 read in 2014 that you think your colleagues would like, too?  (And hey,
 we're all digital, so feel free to include movies and video games and so
 forth.)
 
 Mine:
 http://www.obeythetestinggoat.com/ (O'Reilly book, plus read free online) -
 a book on testing from a Django-centric, front end perspective. *Finally* I
 get how testing works. This book rewrote my brain.
 
 _The Warmth of Other Suns_ - finally got around to reading this magnum opus
 history of the Great Migration, am halfway through, it's amazing. If you're
 looking for some historical context on how we got to Ferguson, Isabel
 Wilkerson has you covered.
 
 _Her_ - Imma let you finish, Citzenfour and Big Hero 6 and LEGO movie and
 Guardians of the Galaxy - you were all good - but I walked out of the
 theater and literally couldn't speak after this one. Plus, funniest
 throwaway scene ever. Almost fell out of my chair.
 
 _Tim's Vermeer_ - wait, no, watch that one too. Weird tinkering genius who
 can't paint obsesses over recreating a Vermeer with startling,
 physics-driven results. Also, Penn Jillette.
 
 -- 
 Andromeda Yelton
 Board of Directors, Library  Information Technology Association:
 http://www.lita.org
 Advisor, Ada Initiative: http://adainitiative.org
 http://andromedayelton.com
 @ThatAndromeda http://twitter.com/ThatAndromeda


Re: [CODE4LIB] Privacy audits Re: [CODE4LIB] Library Privacy, RIP

2014-08-18 Thread Eric Hellman
Count me in.

On Aug 16, 2014, at 1:26 PM, Karen Coyle li...@kcoyle.net wrote:

 I think a Code4lib guide to library privacy or something of that nature 
 would be a valuable contribution. I'd be happy to work with folks on it.


Re: [CODE4LIB] metadata for free ebook repositories

2014-08-18 Thread Eric Hellman
Unglue.it is focusing on Creative Commons licensed works. We have a cataloguer 
who has just started working on bringing the records up to snuff.

Eric

On Aug 18, 2014, at 6:04 PM, Stuart Yeates stuart.yea...@vuw.ac.nz wrote:

 There are a stack of great free ebook repositories available on the web, 
 things like https://unglue.it/ http://www.gutenberg.org/ 
 https://en.wikibooks.org/wiki/Main_Page http://www.gutenberg.net.au/ 
 https://www.smashwords.com/books/category/1/newest/0/free/any etc, etc
 
 What there doesn't appear to be, is high-quality AACR2 / RDA records 
 available for these. There are things like 
 https://ebooks.adelaide.edu.au/meta/pg/ which are elaborate dublin core to 
 MARC converters, but these lack standardisation of names, authority control 
 (people, entities, places, etc), interlinking, etc.
 
 It seems to me that quality metadata would greatly increase the value / 
 findability / use of these projects and thus their visibility and available 
 sources.
 
 Are there any projects working in this space already? Are there suitable 
 tools available?
 
 cheers
 stuart


Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

2014-08-16 Thread Eric Hellman
So, 2 points worth discussing here.

1. I'll bet you most proxy servers are not proxying AddThis.com or 
Sharethis.com. So there wouldn't be any effect of proxying on the user tracking 
they do.

2. It really doesn't matter if you identify yourself to the catalog or not. 
You're being tracked across sites all over the internet. If you identify 
yourself to one of them, you can be identified. Note that the main concern here 
is if you use your own device to access the library's catalog.


On Aug 15, 2014, at 5:52 PM, Karen Coyle li...@kcoyle.net wrote:

 On 8/15/14, 12:07 PM, Eric Hellman wrote:
 AddThis and ShareThis, on the other hand have TOS that let them use tracking 
 for advertising, and that's what their business is. So, hypothetically, a 
 teen could look at library catalog records for books about childbirth, and 
 as a result, later be shown ads for pregnancy tests, and that would be 
 something the library has permitted.
 
 Eric, I'm wondering about the full scenario that you are envisioning. Many 
 libraries use proxy servers, so individual users are not identified. (Meaning 
 that an 80-yr-old man may get the ad for the pregnancy test, not the teen.) 
 In addition, in many cases the machine wipes itself clean daily, replacing 
 all potential user files. (Someone else can explain this MUCH better than I 
 just did.)
 
 In my public library, I do not identify myself to the use the catalog on site 
 -- not even to use journal article databases, because 1) authentication takes 
 place in the library system 2) the proxy server's IP is my identity for those 
 services. I have no idea what exits the library when I hook my laptop to the 
 open network. Shouldn't all of these factors be taken into account? Can 
 anyone articulate them from the point of view of a public library?
 
 Note: At the university here at Berkeley, no network use is allowed without 
 an account, so there is no anonymous use, at least on the human side of any 
 proxy server that they run. But at the public library there is no log-on. So 
 what is AddThis getting in those two situations?
 
 kc
 
 -- 
 Karen Coyle
 kco...@kcoyle.net http://kcoyle.net
 m: +1-510-435-8234
 skype: kcoylenet/+1-510-984-3600


Re: [CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

2014-08-16 Thread Eric Hellman
I think what we want is http://socialitejs.com/

On Aug 16, 2014, at 12:52 PM, Riley Childs rchi...@cucawarriors.com wrote:

 Another question for someone who utilizes these services: What analytics does 
 this provide and are the social analytics worth losing  your user's privacy? 
 (I think not)
 Can't we make our own non dynamic share links
 
 
 
 
 Sent from my Windows Phone
 
 From: Eric Hellmanmailto:e...@hellman.net
 Sent: ‎8/‎16/‎2014 12:25 PM
 To: CODE4LIB@LISTSERV.ND.EDUmailto:CODE4LIB@LISTSERV.ND.EDU
 Subject: Re: [CODE4LIB] Library Privacy, RIP  (Was: Canvas Fingerprinting by 
 AddThis)
 
 So, 2 points worth discussing here.
 
 1. I'll bet you most proxy servers are not proxying AddThis.com or 
 Sharethis.com. So there wouldn't be any effect of proxying on the user 
 tracking they do.
 
 2. It really doesn't matter if you identify yourself to the catalog or not. 
 You're being tracked across sites all over the internet. If you identify 
 yourself to one of them, you can be identified. Note that the main concern 
 here is if you use your own device to access the library's catalog.
 
 
 On Aug 15, 2014, at 5:52 PM, Karen Coyle li...@kcoyle.net wrote:
 
 On 8/15/14, 12:07 PM, Eric Hellman wrote:
 AddThis and ShareThis, on the other hand have TOS that let them use 
 tracking for advertising, and that's what their business is. So, 
 hypothetically, a teen could look at library catalog records for books 
 about childbirth, and as a result, later be shown ads for pregnancy tests, 
 and that would be something the library has permitted.
 
 Eric, I'm wondering about the full scenario that you are envisioning. Many 
 libraries use proxy servers, so individual users are not identified. 
 (Meaning that an 80-yr-old man may get the ad for the pregnancy test, not 
 the teen.) In addition, in many cases the machine wipes itself clean daily, 
 replacing all potential user files. (Someone else can explain this MUCH 
 better than I just did.)
 
 In my public library, I do not identify myself to the use the catalog on 
 site -- not even to use journal article databases, because 1) authentication 
 takes place in the library system 2) the proxy server's IP is my identity 
 for those services. I have no idea what exits the library when I hook my 
 laptop to the open network. Shouldn't all of these factors be taken into 
 account? Can anyone articulate them from the point of view of a public 
 library?
 
 Note: At the university here at Berkeley, no network use is allowed without 
 an account, so there is no anonymous use, at least on the human side of any 
 proxy server that they run. But at the public library there is no log-on. So 
 what is AddThis getting in those two situations?
 
 kc
 
 --
 Karen Coyle
 kco...@kcoyle.net http://kcoyle.net
 m: +1-510-435-8234
 skype: kcoylenet/+1-510-984-3600


[CODE4LIB] Library Privacy, RIP (Was: Canvas Fingerprinting by AddThis)

2014-08-15 Thread Eric Hellman
On Aug 14, 2014, at 4:32 PM, William Denton w...@pobox.com wrote:

 At the university where I work Google Analytics is the standard, and we use 
 it on the library's web site.  There's probably no way around that---but we 
 can tell people how to block the tracking, which will help them locally 
 (ironically) and everwhere else.  (I use Piwik at home, and like it, but 
 moving to that here would be a long-term project, only partly for technical 
 reasons.)

I think a reasonable place to draw a line in the sand is use for advertising. 
If you look at the Google Analytics site, it doesn't appear that they can use 
Analytics tracking for advertising, because they don't make the carve-outs for 
children that I believe would be required if they did. So if you trust google, 
and assume they know everything anyway, you can let them track users.

AddThis and ShareThis, on the other hand have TOS that let them use tracking 
for advertising, and that's what their business is. So, hypothetically, a teen 
could look at library catalog records for books about childbirth, and as a 
result, later be shown ads for pregnancy tests, and that would be something the 
library has permitted. 

A criminal prosecutor could subpoena either Google or AddThis/ShareThis to 
obtain tracking data for anyone in your library who had read books about Nazism 
or the Black Panthers or witchcraft,  completely without involving the library. 
Do you think Google would easily comply with that sort of request? would 
AddThis? Would EBSCO?

At Unglue.it, we use Google Analytics, but we have avoided Things like Facebook 
Like, and the third party shares because we didn't like the tradeoff.

But maybe the horse has left the barn forever.

Eric


Re: [CODE4LIB] Canvas Fingerprinting by AddThis

2014-08-14 Thread Eric Hellman
I must say I'm surprised that most of the response to libraries are letting 
advertisers track patrons as they browse their catalogs is discussion of 
privacy condomware. Perhaps I've missed something?


 On Aug 14, 2014, at 1:39 PM, Karen Coyle li...@kcoyle.net wrote:
 
 Bill (others), are you running PrivacyBadger alongside AdBlock? I'm 
 concerned about the confluence of decisions there, although tempted to try 
 anyway.
 
 Thanks,
 kc
 
 On 8/13/14, 2:08 PM, William Denton wrote:
 On 13 August 2014, Karen Coyle wrote:
 
 *ps - I had a great cookie manager for a while, but it's no longer around. 
 Cookie control in browsers actually was easier a decade ago - they've 
 obviously been discouraged from including that software. If anyone knows of 
 a good cookie program or plugin, I'd like to hear about it.
 
 I use Cookie Monster [0] and like it.
 
 Related:  on my work box I'm trying out the EFF's Privacy Badger [1], which 
 I hope will be a success.  At home I use Disconnect [2], which blocks entire 
 domains.  It's great for cutting out cookies and junk like AddThis, but 
 cripes, I hadn't realized how many people pull in Javascript libraries from 
 Google or Yahoo. That's a harder way of tracking to avoid.
 
 Bill
 
 [0] https://addons.mozilla.org/en-US/firefox/addon/cookie-monster/
 [1] https://www.eff.org/privacybadger
 [2] https://disconnect.me/disconnect
 
 -- 
 Karen Coyle
 kco...@kcoyle.net http://kcoyle.net
 m: +1-510-435-8234
 skype: kcoylenet/+1-510-984-3600


[CODE4LIB] Canvas Fingerprinting by AddThis

2014-08-13 Thread Eric Hellman
It seems that Code4Lib hasn't discussed this., though the news is 2 weeks old. 
It seems that there are libraries using social share tools from AddThis, a 
company that has been using a technology called Canvas Fingerprinting to 
track users. 

In other words, it looks like libraries are giving away the user-privacy store.

For example, AddThis is used by my public library's Polaris catalog (BCCLS).

I'd be interested to learn how widespread this is.

Here's the article from ProPublica.
http://www.propublica.org/article/meet-the-online-tracking-device-that-is-virtually-impossible-to-block

And a follow-on discussion from Princeton CITP
https://freedom-to-tinker.com/blog/englehardt/the-hidden-perils-of-cookie-syncing/

The research article:
https://securehomes.esat.kuleuven.be/~gacar/persistent/the_web_never_forgets.pdf

Techdirt:
https://www.techdirt.com/articles/20140721/14523127960/tons-sites-including-whitehousegov-experiment-with-tracking-technology-that-is-difficult-to-block.shtml


Eric


Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


Re: [CODE4LIB] Canvas Fingerprinting by AddThis

2014-08-13 Thread Eric Hellman
I blogged this.

http://go-to-hellman.blogspot.com/2014/08/libraries-are-giving-away-user-privacy.html

Do libraries even realize they're doing this?

Eric

On Aug 13, 2014, at 4:28 PM, Jimmy Ghaphery jghap...@vcu.edu wrote:

 Interesting thread,
 
 AddThis is certainly everywhere (5 percent of the top 100,000
 websites--ProPublica), often in contrast to an organization's stated
 privacy policies.
 
 Here's three examples of use within OCLC and their products:
 http://oclc.org/research/people/follow.html
 ContentDM: http://www.contentdm.org/help6/custom/configure9.asp
 WorldCat.org:
 http://www.worldcat.org/title/jazz/oclc/25048293referer=brief_results
 
 For kicks I just did a Google Advanced search for AddThis limited to the
 .edu domain, wow.
 
 What is the alternative for libraries looking to promote their services out
 into the polluted ocean of the internet where everyone else is swimming?
 
 --Jimmy
 
 
 
 
 
 On Wed, Aug 13, 2014 at 2:33 PM, Gary McGath develo...@mcgath.com wrote:
 
 On 8/13/14 1:22 PM, Eric Hellman wrote:
 It seems that Code4Lib hasn't discussed this., though the news is 2
 weeks old. It seems that there are libraries using social share tools from
 AddThis, a company that has been using a technology called Canvas
 Fingerprinting to track users.
 
 In other words, it looks like libraries are giving away the user-privacy
 store.
 
 For example, AddThis is used by my public library's Polaris catalog
 (BCCLS).
 
 I'd be interested to learn how widespread this is.
 
 It's pretty widespread in general, but I don't know how many libraries
 are using it, or why.
 
 It's a concern regardless of absolute numbers, because it targets people
 who are concerned about being tracked and have taken steps to make
 cookies less effective. (For example, I discard cookies at the end of
 each browser session, making long-term tracking ineffective.)
 
 It isn't virtually impossible to block; mapping addthis.com on the
 client computer to 127.0.0.1 (using /etc/hosts on Linux and Unix
 machines) does a nice job of it. But anyone who uses it really is
 betraying the user's trust.
 
 
 --
 Gary McGath, Professional Software Developer
 http://www.garymcgath.com
 
 
 
 
 -- 
 Jimmy Ghaphery
 Head, Digital Technologies
 VCU Libraries
 804-827-3551


Re: [CODE4LIB] Canvas Fingerprinting by AddThis

2014-08-13 Thread Eric Hellman
What you're saying on the Sonoma County Library website is accurate and 
correct. I hope other libraries follow your example, if they use AddThis.

Although it would be even better if services were used that didn't use cookies 
in order to provide advertisements about goods and services. For example, in 
the comment on my post, Piwik is mentioned by Dan Scott. Why aren't more 
libraries using Piwik? Are any libraries using Piwik?

Eric



On Aug 13, 2014, at 7:00 PM, Genny Engel gen...@sonoma.lib.ca.us wrote:

 We have had, for some time now, a section in our privacy policy explaining 
 what services we use and giving links to opt out.
 
 http://sonomalibrary.org/governance/library-policies/privacy-statement
 
 
 Genny Engel
 Sonoma County Library
 gen...@sonoma.lib.ca.us
 707 545-0831 x1581
 www.sonomalibrary.org
 
 -Original Message-
 From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Eric 
 Hellman
 Sent: Wednesday, August 13, 2014 3:37 PM
 To: CODE4LIB@LISTSERV.ND.EDU
 Subject: Re: [CODE4LIB] Canvas Fingerprinting by AddThis
 
 I blogged this.
 
 http://go-to-hellman.blogspot.com/2014/08/libraries-are-giving-away-user-privacy.html
 
 Do libraries even realize they're doing this?
 
 Eric
 
 On Aug 13, 2014, at 4:28 PM, Jimmy Ghaphery jghap...@vcu.edu wrote:
 
 Interesting thread,
 
 AddThis is certainly everywhere (5 percent of the top 100,000
 websites--ProPublica), often in contrast to an organization's stated
 privacy policies.
 
 Here's three examples of use within OCLC and their products:
 http://oclc.org/research/people/follow.html
 ContentDM: http://www.contentdm.org/help6/custom/configure9.asp
 WorldCat.org:
 http://www.worldcat.org/title/jazz/oclc/25048293referer=brief_results
 
 For kicks I just did a Google Advanced search for AddThis limited to the
 .edu domain, wow.
 
 What is the alternative for libraries looking to promote their services out
 into the polluted ocean of the internet where everyone else is swimming?
 
 --Jimmy
 
 
 
 
 
 On Wed, Aug 13, 2014 at 2:33 PM, Gary McGath develo...@mcgath.com wrote:
 
 On 8/13/14 1:22 PM, Eric Hellman wrote:
 It seems that Code4Lib hasn't discussed this., though the news is 2
 weeks old. It seems that there are libraries using social share tools from
 AddThis, a company that has been using a technology called Canvas
 Fingerprinting to track users.
 
 In other words, it looks like libraries are giving away the user-privacy
 store.
 
 For example, AddThis is used by my public library's Polaris catalog
 (BCCLS).
 
 I'd be interested to learn how widespread this is.
 
 It's pretty widespread in general, but I don't know how many libraries
 are using it, or why.
 
 It's a concern regardless of absolute numbers, because it targets people
 who are concerned about being tracked and have taken steps to make
 cookies less effective. (For example, I discard cookies at the end of
 each browser session, making long-term tracking ineffective.)
 
 It isn't virtually impossible to block; mapping addthis.com on the
 client computer to 127.0.0.1 (using /etc/hosts on Linux and Unix
 machines) does a nice job of it. But anyone who uses it really is
 betraying the user's trust.
 
 
 --
 Gary McGath, Professional Software Developer
 http://www.garymcgath.com
 
 
 
 
 -- 
 Jimmy Ghaphery
 Head, Digital Technologies
 VCU Libraries
 804-827-3551


Re: [CODE4LIB] Book Club software tools and approaches?

2014-07-07 Thread Eric Hellman
You may want to check out BookGobble.com

I wrote about the founder, Mira Wilczek, last year: 
http://go-to-hellman.blogspot.com/2013/09/booksmashs-lust-o-meter-shows-how.html

eric

On Jul 1, 2014, at 9:38 AM, Jon Gorman jonathan.gor...@gmail.com wrote:

 Hi all,
 
 I've been musing on software tools that might be useful for book clubs.
 
 I'm not necessarily looking for a turnkey solution explicitly geared
 towards book clubs, but more a thought experiment of what tools might be
 useful for an ongoing in the real world book club.
 
 Some needs that software tools might help keep track of:
 
 * A way to vote for what books to read next
 * Schedule of times
 * An estimator calculator (reading level of book + length of book,
 estimated sessions).
 * way to add notes or linked materials
 * online discussions to supplement in person meetings
 * glossary/dictionary functionality perhaps?
 
 In my own thoughts some of the online services like GoodReads, Shelfari and
 LibraryThing seems to at least offer some tools and information. A system
 that I haven't had a chance to explore enough, Loomis, might help with the
 decision making parts.
 
 
 Part of the impetus for this is I've recently joined a technical book club.
 At the moment we're using a wiki, which is working fine, but in particular
 the voting is clunky.  I could picture something where members can add/link
 to something like librarything in a list and the book with the most votes
 (w/ ties being broken randomly) is the next book in the queue.
 
 So anyone out there already doing something similar? Thoughts? Ideas?
 
 Jon Gorman
 University of Illinois


Re: [CODE4LIB] mailing list administratativia

2014-06-09 Thread Eric Hellman
I assume you've discovered the word is usually spelled administrivia.

It's fun making up words. My latest is bibliopotheosis

On May 29, 2014, at 10:23 AM, Eric Lease Morgan emor...@nd.edu wrote:

 * Apparently “administratativia” is a word of my own design because a search 
 of it in Google returns only postings I’ve written. No wonder my spell 
 checker doesn’t like it. 


Re: [CODE4LIB] COinS metadata format support

2014-02-11 Thread Eric Hellman
The COinS generator was an instance of the 1Cate/Worldcat Link Manager 
software, which has been retired. 

A replacement would be an hour or two of work in RoR or Django, very suitable 
for a hackathon. I’d be happy to consult if anyone wants it.

I continue to be surprised at the ratio of success/adoption for COinS to the 
amount of work invested in it, especially compared to other things I’ve been 
involved with. There’s a lesson there somewhere.

Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar

On Jan 17, 2014, at 12:54 PM, Jodi Schneider jschnei...@pobox.com wrote:
 In case it helps there's more info here:
 http://ocoins.info/
 (though it looks like the generator isn't up any longer, maybe due to OCLC
 New Jersey hosting?)


Re: [CODE4LIB] Digital Bookplates

2014-01-03 Thread Eric Hellman
This doesn't answer your question, but in  Unglue.it 2.0, we're putting digital 
bookplates into the ebook files themselves.

The (python) software we're using to do it is on github with an MIT license. 
Project started by an italian developer with significant improvements by me.
https://github.com/Gluejar/pyepub

Eric

Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar

On Jan 3, 2014, at 11:31 AM, Lauren Magnuson lau...@lpmagnuson.com wrote:

 I'm considering creating a Drupal module for creating, storing, and finding
 Digital Bookplates (e.g., this book donated by...), but want to make sure
 I'm not reinventing the wheel.  Anyone already done this or something like
 it?  I'm aware of Brown's excellent work in this area and have their
 modelhttp://library.brown.edu/its/software/bookplates/,
 but I'd like to adapt it for something that seamlessly works with a Drupal
 environment.
 
 Thanks in advance!
 
 Lauren Magnuson
 
 -- 
 Systems  Emerging Technologies Librarian, CSUN
 Systems Coordinator, PALNI
 @lpmagnuson http://www.twitter.com/lpmagnuson


Re: [CODE4LIB] Anyone working with iPython?

2013-12-21 Thread Eric Hellman
I use it all the time.

If anyone has played with mathematica notebooks, it's the same thing, with 
python, and other languages apparently on the way.

Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar

On Dec 19, 2013, at 12:48 PM, Roy Tennant roytenn...@gmail.com wrote:

 Our Wikipedian in Residence, Max Klein brought iPython [1] to my attention
 recently and even in just the little exploration I've done with it so far
 I'm quite impressed. Although you could call it interactive Python that
 doesn't begin to put across the full range of capabilities, as when I first
 heard that I thought Great, a Python shell where you enter a command, hit
 the return, and it executes. Great. Just what I need. NOT. But I was SO
 WRONG.
 
 It certainly can and does do that, but also so much more. You can enter
 blocks of code that then execute. Those blocks don't even have to be
 Python. They can be Ruby or Perl or bash. There are built-in functions of
 various kinds that it (oddly) calls magic. But perhaps the killer bit is
 the idea of Notebooks that can capture all of your work in a way that is
 also editable and completely web-ready. This last part is probably
 difficult to understand until you experience it.
 
 Anyway, i was curious if others have been working with it and if so, what
 they are using it for. I can think of all kinds of things I might want to
 do with it, but hearing from others can inspire me further, I'm sure.
 Thanks,
 Roy
 
 [1] http://ipython.org/


[CODE4LIB] githubs for poetry, legal docs

2013-02-27 Thread Eric Hellman
Given the discussion of how github is not really so accessible to non-coders, I 
thought I'd mention these attempts to put version control into the mainstream.

Github for writers: It sounds like that's what Blaine Cook is doing with 
Poetica.com

Github for legal agreements: We've started using Docracy.com to help us manage 
legal agreements. 

Eric


Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


[CODE4LIB] You are a *pedantic* coder. So what am I?

2013-02-21 Thread Eric Hellman
OK, pedant, tell us why you think methods that can be over-ridden are static.
Also, tell us why you think classes in Java are not instances of java.lang.Class


On Feb 18, 2013, at 1:39 PM, Justin Coyne jus...@curationexperts.com wrote:

 To be pedantic, Ruby and JavaScript are more Object Oriented than Java
 because they don't have primitives and (in Ruby's case) because classes are
 themselves objects.   Unlike Java, both Python and Ruby can properly
 override of static methods on sub-classes. The Java language made many
 compromises as it was designed as a bridge to Object Oriented programming
 for programmers who were used to writing C and C++.
 
 -Justin
 


[CODE4LIB] early history of isbn/issn linking

2012-12-16 Thread Eric Hellman
I'm working on a little project on the early history of bibliographic linking. 
I'm looking for examples where plain-text documents with ISBNs or ISSNs were 
auto-linked to library catalogs or Amazon or whatnot.

Any nominations for who did this first and documented it?

Eric

Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


[CODE4LIB] Code, Inclusiveness, and Fear

2012-12-06 Thread Eric Hellman
On Tuesday Night I went the the NYTech Meetup. They get 800+ people to come 
once a month to watch demos of the latest thing. One of the presentations was 
from Hackers Union. I was cringing because it was like a caricature of how to 
present an uninviting impression to anyone who wasn't white, male and 
20-something. Complete with jokes about how to pick up girls in bars. In front 
of an audience about 30% non-male, 40% non-white, and 50% non-20-something.

I thought to myself, if they did that at Code4Lib, it would NOT be received 
well, to say the least.

And this morning I happened to scan through many of the recent threads on the 
listserv.

And the thread on what is coding, including the existential digressions.

What makes Code4Lib different from any other group I know of in the library 
world is that it rejects fear of code. Much of the library world fears code, 
and most of that fear is unfounded. And the code we need to fear is not so 
scary once we know how to fear it.

The threads about having anti-harassment policies is a good thing because we 
want to remove fear that surrounds code. Talking about it is a big step towards 
addressing fear. Let's try to make sure that having a policy doesn't stop us 
from talking about the need to eliminate the fear.

As to who is a part of the Code4Lib community, I think you don't have to be a 
coder, you just have to reject fear of code. A big part of the conferences is 
creating space to help people make the transition from being oppressed by fear 
of code to being liberated by the possibilities of code.

OK, back to work for me- unfortunately not the code part.

Eric


Eric Hellman
President, Gluejar.Inc.
Founder, Unglue.it https://unglue.it/
http://go-to-hellman.blogspot.com/
twitter: @gluejar


Re: [CODE4LIB] Code, Inclusiveness, and Fear

2012-12-06 Thread Eric Hellman
We need to fear malicious code. To do that, we need to think about all the ways 
people can misuse, abuse and attack our systems. We need to cross our t's, dot 
our i's, and shine lots of light.

Eric

On Dec 6, 2012, at 1:17 PM, Gabriel Farrell gsf...@gmail.com wrote:

 one that rings true with me. I hope we can continue to live up to it. I
 want to make sure we're on the same page, though. To be clear, which code
 should we fear?
 
 


Re: [CODE4LIB] EPUB and ILS indexing

2012-11-01 Thread Eric Hellman
This is an area where the code4lib community can have a huge impact. 
Conversely, if the Code4lib community doesn't have a big impact, we're in 
trouble.

I urge everyone to have a look at the OS projects that SourceFabric is involved 
in. In particular, BookType is a django web app that lets people 
collaboratively produce EPUB ebooks. If you want to implement a community ebook 
publishing platform, this is what you want to hop onto.

I'm really glad to see Henru-Damien looking at this, I think he could use help!

Eric

On Oct 29, 2012, at 1:11 PM, Henri-Damien LAURENT henridamien.laur...@free.fr 
wrote:

 Le 29/10/2012 14:55, Jodi Schneider a écrit :
 Sounds great!
 
 Have you thought about starting from OPDS?
 http://opds-spec.org/about/
 Thanks for that hint Jodi.
 Nope, I hadnot tought about using OPDS.
 It looks really great.
 But from what I know of ILSes, ATOM feeds are not yet getting indexed 
 straight into the catalog.
 But that could be something great.
 
 
 Might be worth talking to some EPUB folks -- for instance Peter Brantley,
 or else folks from threepress.org?
 I am already in contacts with some people from the EPUB world (namely 
 SourceFabric, gluejar, and tea-ebook).
 But could be interesting to have more feedback.
 
 -Jodi
 
 
 On Mon, Oct 29, 2012 at 12:19 PM, Henri-Damien LAURENT 
 henridamien.laur...@free.fr wrote:
 
 Hi,
 I am about to write a tool which would help indexing EPUB into ILSes.
 My first guess is to produce ISO2709 or MARCXML record from EPUB files,
 but since MARCXML or ISO2709 is not really what I would call the more
 portable (UNIMARC and MARC21 may both be handled in the same file format),
 I am rather considering producing OAI-DC or html5 +schema.org 
 http://schema.org/+dublin corebut that would rely on EPUB3.
 
 Any comment anyone ?
 Has anyone considered such a tool ?
 Is there any hidden corpse lurking around I should be aware of ?
 
 Have a nice day
 
 --
 Henri-Damien LAURENT
 
 
 
 -- 
 Henri-Damien LAURENT


[CODE4LIB] Unglue.it has launched

2012-05-17 Thread Eric Hellman
There's even the beginnings of an API .

https://unglue.it/api/help

Lots of work left to do, though! Not much point unless the campaigns succeed.

Eric


Re: [CODE4LIB] too much Metadata

2012-02-16 Thread Eric Hellman
Related:

http://go-to-hellman.blogspot.com/2009/06/when-are-you-collecting-too-much-data.html



On Feb 10, 2012, at 3:57 PM, Patrick Berry wrote:

 So, one question I forgot to toss out at the Ask Anything session is:
 
 When do you know you have enough metadata?
 
 You'll know it when you have it, isn't the response I'm looking for.  So,
 I'm sure you're wondering what the context for this question is, and
 honestly there is none.  This is geared towards contentDM or DSpace or
 Omeka or Millennium.  I've seen groups not plan enough for collecting data
 and I've seen groups that are have been planning so long they forgot what
 they were supposed to be collecting in the first place.
 
 So, I'll just throw that vague question out there and see who wants to take
 a swing.
 
 Thanks,
 Pat/@pberry


Re: [CODE4LIB] site vulnerabilities

2011-12-19 Thread Eric Hellman
By the way, who ever decided it would be fun to reply by checking the gluejar 
website for XSS vulnerabilities, by all means, tell everyone about it!

Eric

On Dec 16, 2011, at 10:14 PM, Michael J. Giarlo wrote:

 On Fri, Dec 16, 2011 at 21:42, Eric Hellman e...@hellman.net wrote:
 
 You'll be happy to know that as bad as things are, they've improved 
 considerably! I showed several ILS vendors how I could insert arbitrary 
 javascripts into their products. Some of them fixed their products in the 
 next update cycle, some took a couple of years. One particularly nasty 
 vulnerability I am unable to talk about, it was so nasty and close to home. 
 But the general problem persists. Perhaps an outing process would be useful.
 
 
 Leaks4Lib?  +1
 
 -Mike


Re: [CODE4LIB] site vulnerabilities

2011-12-16 Thread Eric Hellman
I gave a lightning talk on XSS vulnerabilities in library software at the first 
Code4Lib conference.

You'll be happy to know that as bad as things are, they've improved 
considerably! I showed several ILS vendors how I could insert arbitrary 
javascripts into their products. Some of them fixed their products in the next 
update cycle, some took a couple of years. One particularly nasty vulnerability 
I am unable to talk about, it was so nasty and close to home. But the general 
problem persists. Perhaps an outing process would be useful.

Eric

On Dec 9, 2011, at 10:54 AM, Erin Germ wrote:

 Good morning group,
 
 I don't mean to be an alarmist but I follow some sites that list XSS and
 other vulnerabilities for web sites. Among the latest updates with site
 vulnerabilities were a few from libraries.
 
 Some of these are dated a couple months ago but they are now just being
 pushed out and still have a status of unfixed.
 
 If you would like to know if your site(s) are on the list, I would start by
 checking http://www.xssed.com/
 
 V/R
 
 Erin


Re: [CODE4LIB] What software for a digital library

2011-12-16 Thread Eric Hellman
At gluejar, we decided to use Django for our Unglue.it website, which will open 
in january.

As someone who built a web framework from scratch in Java, I've found that the 
django design aligned with mine where I got it right and didn't where I got it 
wrong. I'm still getting used to Python, but I'm quite happy with Django.


Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   
41 Watchung Plaza #132, Montclair NJ 07042
e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] Pandering for votes for code4lib sessions

2011-12-01 Thread Eric Hellman
I think that it's not out of bounds to ask people for c4l votes unless you're 
offering tangible rewards in exchange for said votes. Tangible rewards as 
used here shall in no circumstance be construed to apply to any offers of beer 
or its nonalcoholic equivalent. Non-alcoholic equivalent as used here, shall 
in no way be construed to imply that there is such a thing.


Re: [CODE4LIB] Pandering for votes for code4lib sessions

2011-12-01 Thread Eric Hellman
It's also worth noting that the voters (so far) have done a super job. If your 
talk is not making the cut, don't take it as a reflection or judgment on you or 
your work. It just means that voters want to save you for next year. And if 
your talk IS making the cut, it's probably because voters want the chance to 
make snide remarks about you on the backchannel.

(I'll only be able to attend virtually this year. Please don't ask to take away 
my vote!)


Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   
41 Watchung Plaza #132, Montclair NJ 07042
e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] Library News (à la ycombinator's hackernews)

2011-11-29 Thread Eric Hellman
And the discussion at hacker news is illuminating...

http://news.ycombinator.com/item?id=3272980

On Nov 29, 2011, at 1:30 PM, Mark A. Matienzo wrote:

 On Tue, Nov 29, 2011 at 1:25 PM, Jonathan Rochkind rochk...@jhu.edu wrote:
 Don't know if the link is in error, or what. Anyone know what software
 Hacker News and this Library News clone are based on, for real, and where to
 look at the source/documentation?  Trying to google for what open source
 software Hacker News runs on, I'm not having any luck.
 
 Hacker News, and presumably Library News, both run using news.arc,
 which is written the the Arc dialect of Lisp. The news program is
 packaged with the Arc distribution:
 
 https://github.com/nex3/arc/blob/master/news.arc
 
 Mark A. Matienzo
 Digital Archivist, Manuscripts and Archives, Yale University Library
 Technical Architect, ArchivesSpace


Re: [CODE4LIB] Examples of visual searching or browsing

2011-11-10 Thread Eric Hellman
I'm surprised that no one has mentioned the stars of the DPLA sprint- 
ShelfLife
http://librarylab.law.harvard.edu/dpla/demo/app/
and
BookWorm
http://bookworm.culturomics.org/

Eric

On Oct 27, 2011, at 4:27 PM, Julia Bauder wrote:

 Dear fans of cool Web-ness,
 
 I'm looking for examples of projects that use visual(=largely non-text and
 non-numeric) interfaces to let patrons browse/search collections. Things
 like the GeoSearch on North Carolina Maps[1], or projects that use Simile's
 Timeline or Exhibit widgets[2] to provide access to collections (e.g.,
 what's described here:
 https://letterpress.uchicago.edu/index.php/jdhcs/article/download/59/70), or
 in-the-wild uses of Recollection[3]. I'm less interested in knowing about
 tools (although I'm never *uninterested* in finding out about cool tools)
 than about production or close-to-production sites that are making good use
 of these or similar tools to provide visual, non-linear access to
 collections. Who's doing slick stuff in this area that deserves a look?
 
 Thanks!
 
 Julia
 


Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   
41 Watchung Plaza #132, Montclair NJ 07042
e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


[CODE4LIB] New thread: Why are you doing what you're doing?

2011-09-28 Thread Eric Hellman
I think it's a good question, worth asking about *every* dev position being 
hired for.  I would be interested to hear an answer from others on the list. In 
fact, I think the price of putting a position announcement on Code4lib should 
be a willingness to answer why?. And why not? is a pretty pathetic answer.

For me, I'm doing what I'm doing because I think it's important and because no 
one else is doing it. I hope there are many other with a similar answer.

Eric


[CODE4LIB] privacy enhanced implementation of Like button

2011-07-23 Thread Eric Hellman
Has anyone seen, used or written a wrapper script for Facebook Like buttons 
(http://developers.facebook.com/docs/opengraph/ ) that prevents the leakage of 
all user browsing behavior to Facebook? For example, the script might invoke 
the facebook script on an OnClick event.

Eric


Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   
41 Watchung Plaza #132, Montclair NJ 07042
e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


[CODE4LIB] JHU integration of PD works

2011-06-15 Thread Eric Hellman
Getting back to the subject of a previous thread, (and digesting some wonderful 
contributions by Karen, Alex, Jeremy and Ed C.) I dug around some links that 
Jonathan posted, and I think they're worth further discussion.

The way that JHU has integrated Public Domain works into its catalog results 
with umlaut is brilliant and pragmatic; the new catalog (catalyst) interface 
based on Blacklight is a great improvement on the older Horizon version:
https://catalyst.library.jhu.edu/catalog/bib_816990

Clearly, Jonathan has gone through the process of getting his library to think 
through the integration, and it seems to work.

Has there been any opposition? 

What are the reasons that this sort of integration not more widespread? Are 
they technical or institutional? What can be done by producers of open access 
content to make this work better and easier? Are unified approaches being 
touted by vendors delivering something really different?

Looking forward, I wonder whether the print-first, then enrich with digital 
strategy required by today's infrastructure and work flow will decline compared 
to a more Googlish web-first strategy.

Eric


Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   
41 Watchung Plaza #132, Montclair NJ 07042
e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] Adding VIAF links to Wikipedia

2011-06-10 Thread Eric Hellman
We talked a bit about this at LOD-LAM; Asaf Bartov of the Wikimedia foundation 
offered to help make this work better.

email me if you need a a contact.

On Jun 2, 2011, at 10:40 AM, Ralph LeVan wrote:

 Yes, the bot was approved, but in a much more limited application that was
 initially intended (make a link between Wikipedia records and corresponding
 OpenLibrary records.)  And the conversation was quite rancorous for granting
 permission to an organization philosophically much closer to Wikipedia than
 OCLC would seem to be.
 
 I don't think we'll be able to make this happen without a lot of help.
 
 Ralph
 
 On Fri, May 27, 2011 at 3:45 PM, Ed Summers e...@pobox.com wrote:
 
 On Thu, May 26, 2011 at 2:01 PM, Ralph LeVan ralphle...@gmail.com wrote:
 OCLC Research would desperately love to add VIAF links to Wikipedia
 articles, but it seems to be very difficult.  The OpenLibrary folks tried
 to
 do it a while back and ended up getting their plans severely curtailed.
 The
 discussion at Wikipedia is captured here:
 
 http://en.wikipedia.org/wiki/Wikipedia:Bots/Requests_for_approval/OpenlibraryBot
 
 Ralph if you read that entire discussion it sounds like the bot was
 approved. Am I missing something?
 
 //Ed
 


Re: [CODE4LIB] Seth Godin on The future of the library

2011-06-01 Thread Eric Hellman
Karen,

The others who have responded while I was off, you know, doing stuff, have done 
a much better job of answering your question than I would have. I would have 
said something glib like almost all ways, with respect to open-access digital 
materials.

There's a shift in library mindset that has to occur along with the transition 
from print to digital. The clearest example that I've seen is the typical 
presentation of pretend-its-print out-of-copyright material. A library will 
have purchased PIP access to an annotated edition of a Shakespeare play, or a 
new translation of Crime and Punishment. But the public domain versions of 
these works (which are perfectly good) don't exist in the catalog. A patron 
looking for ebook versions of these works will then frequently be denied access 
because another patron has already checked out the licensed version.

That can't be justified by any vision for libraries that I can think of. It 
can't be justified because it's hard or time consuming, or because there are a 
flood of PD Crime and Punishments clamoring for attention. It's just a result 
of unthinking and we-haven't-done-that-before.

It's my hope that there are a number of not-so-hard problems around this 
situation that people on this list have the tools to solve.

Eric


On May 19, 2011, at 1:30 AM, Karen Coyle wrote:

 Quoting Eric Hellman e...@hellman.net:
 
 Exactly. I apologize if my comment was perceived as coy, but I've chosen to 
 invest in the possibility that Creative Commons licensing is a viable way 
 forward for libraries, authors, readers, etc. Here's a link the last of a 5 
 part series on open-access ebooks. I hope it inspires work in the code4lib 
 community to make libraries more friendly to free stuff.
 
 Eric,
 
 In what ways do you think that libraries today are not friendly to free stuff?
 
 kc
 
 
 http://go-to-hellman.blogspot.com/2011/05/open-access-ebooks-part-5-changing.html
 
 On May 18, 2011, at 7:20 PM, David Friggens wrote:
 
 Some ebooks, in fact some of the greatest ever written, already cost less
 than razor blades.
 
 Do you mean ones not under copyright?
 
 Those, plus Creative Commons etc.
 
 
 
 
 -- 
 Karen Coyle
 kco...@kcoyle.net http://kcoyle.net
 ph: 1-510-540-7596
 m: 1-510-435-8234
 skype: kcoylenet


Re: [CODE4LIB] Seth Godin on The future of the library

2011-05-18 Thread Eric Hellman
Some ebooks, in fact some of the greatest ever written, already cost less than 
razor blades.

Eric
(who just finished writing a chapter on open-access e-books)

On May 16, 2011, at 7:52 PM, Luciano Ramalho wrote:

 1) Why quote the ebook price in 1962 dollars? The reality in 2011 is
 that Kindle books in general are too expensive, particularly when
 comparing their cost with the paper counterparts (think about variable
 costs in paperbacks, logistics etc; it is pretty obvious the cost
 reductions are not being fully reflected in consumer prices). Given
 the current situation, I see no evidence that ebooks will cost less
 than razor blades, ever.



Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] Seth Godin on The future of the library

2011-05-18 Thread Eric Hellman
Exactly. I apologize if my comment was perceived as coy, but I've chosen to 
invest in the possibility that Creative Commons licensing is a viable way 
forward for libraries, authors, readers, etc. Here's a link the last of a 5 
part series on open-access ebooks. I hope it inspires work in the code4lib 
community to make libraries more friendly to free stuff.

http://go-to-hellman.blogspot.com/2011/05/open-access-ebooks-part-5-changing.html
 

On May 18, 2011, at 7:20 PM, David Friggens wrote:

 Some ebooks, in fact some of the greatest ever written, already cost less
 than razor blades.
 
 Do you mean ones not under copyright?
 
 Those, plus Creative Commons etc.


Re: [CODE4LIB] What do you wish you had time to learn?

2011-04-27 Thread Eric Hellman
This thread got me thinking about what I learned during a time when I actually 
had time to learn whatever I wanted to:

Applied Epistemology (reading list supplied mostly by @edsu)
Copyright Law (reading list supplied mostly by @grimmelm)
Writing and Journalism



Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   Gluejar is hiring!

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] [dpla-discussion] Rethinking the library part of DPLA

2011-04-12 Thread Eric Hellman
The challenge I like to present to libraries is this: imagine that your entire 
collection is digital. Does it include Shakespeare? Does it include Moby Dick? 
Yes! Just because you don't have to pay for these works, doesn't mean that they 
don't belong in your library. And what if many modern works become available 
for free via Creative Commons licensing? Is it the library's role to promote 
these works, or should a library be promoting primarily the works it's paying 
for patrons to use?

That's why I thought Nate's suggestions were worthy of attention from people 
who could potentially do practical things.

The other hope is that if libraries can do compelling things with public domain 
content, there's no reason they couldn't do the same things with in-copyright 
material appropriately licensed. If the experience works, the rightsholders 
will see the value.


On Apr 10, 2011, at 10:05 AM, Karen Coyle wrote:

 I appreciate the spirit of this, but despair at the idea that libraries 
 organize their services around public domain works, thus becoming early 20th 
 century institutions. The gap between 1923 and 2011 is huge, and it makes no 
 sense to users that a library provide services based on publication date, 
 much less that enhanced services stop at 1923.
 
 kc
 
 Karen Coyle
 kco...@kcoyle.net http://kcoyle.net
 ph: 1-510-540-7596
 m: 1-510-435-8234
 skype: kcoylenet

Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   Gluejar is hiring!

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] [dpla-discussion] Rethinking the library part of DPLA

2011-04-07 Thread Eric Hellman
The DPLA listserv is probably too impractical for most of Code4Lib, but Nate 
Hill (who's on this list as well) made this contribution there, which I think 
deserves attention from library coders here.

On Apr 5, 2011, at 11:15 AM, Nate Hill wrote:

 It is awesome that the project Gutenberg stuff is out there, it is a great 
 start.  But libraries aren't using it right.  There's been talk on this list 
 about the changing role of the public library in people's lives, there's been 
 talk about the library brand, and some talk about what 'local' might mean in 
 this context.  I'd suggest that we should find ways to make reading library 
 ebooks feel local and connected to an immediate community.  Brick and mortar 
 library facilities are public spaces, and librarians are proud of that.  We 
 have collections of materials in there, and we host programs and events to 
 give those materials context within the community.  There's something special 
 about watching a child find a good book, and then show it to his  or her 
 friend and talk about how awesome it is.  There's also something special 
 about watching a senior citizens book group get together and discuss a new 
 novel every month.  For some reason, libraries really struggle with treating 
 their digital spaces the same way.
 
 I'd love to see libraries creating online conversations around ebooks in much 
 the same way.  Take a title from project Gutenberg: The Adventures of 
 Huckleberry Finn.  Why not host that book directly on my library website so 
 that it can be found at an intuitive URL, 
 www.sjpl.org/the-adventures-of-huckleberry-finn and then create a forum for 
 it?  The URL itself takes care of the 'local' piece; certainly my most likely 
 visitors will be San Jose residents- especially if other libraries do this 
 same thing.  The brand remains intact, when I launch this web page that holds 
 the book I can promote my library's identity.  The interface is no problem 
 because I can optimize the page to load well on any device and I can link to 
 different formats of the book.  Finally, and most importantly, I've created a 
 local digital space for this book so that people can converse about it via 
 comments, uploaded pictures, video, whatever.  I really think this community 
 conversation and context-creation around materials is a big part of what 
 makes public libraries special.

Eric Hellman
President, Gluejar, Inc.
http://www.gluejar.com/   Gluejar is hiring!

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


[CODE4LIB] Gluejar is hiring

2011-03-01 Thread Eric Hellman
Hi, Everyone!

http://go-to-hellman.blogspot.com/2011/03/gluejar-is-hiring.html

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] GPL incompatible interfaces

2011-02-18 Thread Eric Hellman
Since the Metalib API is not public, to my knowledge, I don't know whether it 
gets disclosed with an NDA. And you can't run or develop Xerxes without an 
ExLibris License, because it depends on a proprietary and unspecified data set. 

I'm sure that's legal, but it's not true to the spirit of copyleft. The main 
effect of using GPL for Xerxes is that it prevents ExLibris from distributing 
(but not using) proprietary versions of Xerces. If that is the intent of the 
developers, then perhaps AGPL would be a better tool for them to wield.

None of this should be taken as a criticism of the Xerxes developers.

On Feb 18, 2011, at 3:50 AM, graham wrote:

 That's very different from saying something with a GPL license can't use
 a proprietary interface. As if for example Xerxes couldn't use the
 Metalib API - without which it would be pointless. As I understand him
 Eric is saying that there are interfaces to library software which
 actually have a license or contract which blocks GPLed software from
 using them. It would be a kind of 'viral BSD' license, killing free
 software (in the FSF sense) but leaving proprietary or open source (in
 your Apache/MIT sense) untouched. I haven't seen any examples myself,
 and can't quite see how it would be done legally.

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


[CODE4LIB] AGPL for libraries (was: A to Z lists)

2011-02-17 Thread Eric Hellman
Hej Tony!

Great to hear of your effort; I hope you have chosen to implement the NISO 1.0 
standard.

I would urge you to carefully consider your choice of license, however. As I 
wrote last year when the issue came up in Koha, using AGPL in stead of the less 
restrictive GPL can have some unintended consequences. 
http://go-to-hellman.blogspot.com/2010/07/koha-community-considers-affero-license.html

It is still a reality today that many library resources release api's that are 
provided only to customers and often come with interface licenses incompatible 
with GPL. If you use AGPL, a library that modified the software to use it with 
one of these resources would be in violation of your license, even if they did 
not redistribute the software. If that's your intention, then fine, but please 
make sure you understand the implications.

Also, please don't confuse AGPL, which is a restrictive license rooted in 
copyright law, with public domain, which has no restrictions on use.

Eric

On Feb 17, 2011, at 4:34 AM, Tony Mattsson wrote:

 Hi,
 
 We are at the final stages of building an EBM system with AZ-list and OpenURL 
 resolver developed in LAMP (with Ajax) which we will release into the public 
 domain (AGPL). I'll put up a notice on this list when it's done, and you can 
 try it out to see if it measures up :=)
 
 Tony Mattsson
 IT-Librarian
 Landstinget Dalarna Bibliotek och informationscentral
 http://materio.fabicutv.com
 
 -Ursprungligt meddelande-
 Från: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] För Michele DeSilva
 Skickat: den 16 februari 2011 22:18
 Till: CODE4LIB@LISTSERV.ND.EDU
 Ämne: [CODE4LIB] A to Z lists
 
 Hi Code4Lib-ers,
 
 I want to chime in and say that I, too, enjoyed the streaming archive from 
 the conference.
 
 I also have a question: my library has a horribly antiquated A to Z list of 
 databases and online resources (it's based in Access). We'd like to do 
 something that looks more modern and is far more user friendly. I found a 
 great article in the Code4Lib journal (issue 12, by Danielle Rosenthal  
 Mario Bernado) about building a searchable A to Z list using Drupal. I'm also 
 wondering what other institutions have done as far as in-house solutions. I 
 know there're products we could buy, but, like everyone else, we don't have 
 much money at the moment.
 
 Thanks for any info or advice!
 
 Michele DeSilva
 Central Oregon Community College Library
 Emerging Technologies Librarian
 541-383-7565
 mdesi...@cocc.edu

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


[CODE4LIB] question about coding in libraries

2011-02-01 Thread Eric Hellman
For my talk at Code4Lib, I'm trying to find or gather statistics about the 
number of people doing any sort of code in libraries.

My initial attempts to quantify this have failed. I would appreciate info from 
list members.

If you'd like to help, send me two numbers
1. The number of people employed at or on contract to your library whose major 
responsibilities include software development or maintenance. Broadly defined. 
2. The total FTE staff at your library. 

(send to me, not the list, I will summarize)

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] c4l2011 location + reg. open time

2010-12-08 Thread Eric Hellman
I believe that would be Indiana Memorial Union on the campus of IU in 
Bloomington, Indiana

Sent from my iPad

On Dec 8, 2010, at 10:50 PM, Karen Coyle li...@kcoyle.net wrote:

 I can't find anything on the wiki that says WHERE c4l2011 will be. (I thought 
 IMU was a hint, but that comes out as International Medical University in 
 Malaysia as the top link.) That would be useful information. Also, if 
 registration opens at 9, what time zone is that?
 
 kc
 p.s. Just because I haven't been paying attention doesn't mean I don't CARE.
 
 -- 
 Karen Coyle
 kco...@kcoyle.net http://kcoyle.net
 ph: 1-510-540-7596
 m: 1-510-435-8234
 skype: kcoylenet


Re: [CODE4LIB] mailing list administratativia

2010-10-27 Thread Eric Hellman
I vote for changing the limit threshold to 

 PI * (eventual length of this meta-thread).

On Oct 27, 2010, at 3:37 PM, Alexander Johannesen wrote:

 On Thu, Oct 28, 2010 at 2:44 AM, Doran, Michael D do...@uta.edu wrote:
 Can that limit threshold be raised?  If so, are there reasons why it should 
 not be raised?
 
 Is it to throttle spam or something? 50 seems rather low, and it's
 rather depressing to have a lively discussion throttled like that. Not
 to mention I thought I was simply kicked out for living things up
 (especially given my reasonable follow-up was where the throttling
 began).
 
 Alex
 -- 
  Project Wrangler, SOA, Information Alchemist, UX, RESTafarian, Topic Maps
 --- http://shelter.nu/blog/ --
 -- http://www.google.com/profiles/alexander.johannesen ---

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] mailing list administratativia

2010-10-27 Thread Eric Hellman
I expect the length of the thread to be irrational; so perhaps that's not a 
problem.

On Oct 27, 2010, at 6:18 PM, Ray Denenberg, Library of Congress wrote:

 I think the constraint is that it has to be a rational number. 
 
 -Original Message-
 From: Code for Libraries [mailto:code4...@listserv.nd.edu] On Behalf Of Eric
 Hellman
 Sent: Wednesday, October 27, 2010 5:58 PM
 To: CODE4LIB@LISTSERV.ND.EDU
 Subject: Re: [CODE4LIB] mailing list administratativia
 
 I vote for changing the limit threshold to 
 
 PI * (eventual length of this meta-thread).
 
 On Oct 27, 2010, at 3:37 PM, Alexander Johannesen wrote:
 
 On Thu, Oct 28, 2010 at 2:44 AM, Doran, Michael D do...@uta.edu wrote:
 Can that limit threshold be raised?  If so, are there reasons why it
 should not be raised?
 
 Is it to throttle spam or something? 50 seems rather low, and it's 
 rather depressing to have a lively discussion throttled like that. Not 
 to mention I thought I was simply kicked out for living things up 
 (especially given my reasonable follow-up was where the throttling 
 began).
 
 Alex
 --
 Project Wrangler, SOA, Information Alchemist, UX, RESTafarian, Topic 
 Maps
 --- http://shelter.nu/blog/ 
 --
 -- http://www.google.com/profiles/alexander.johannesen 
 ---
 
 Eric Hellman
 President, Gluejar, Inc.
 41 Watchung Plaza, #132
 Montclair, NJ 07042
 USA
 
 e...@hellman.net
 http://go-to-hellman.blogspot.com/
 @gluejar


Re: [CODE4LIB] MARCXML - What is it for?

2010-10-25 Thread Eric Hellman
I think you'd have a very hard time demonstrating any speed advantage to MARC 
over MARCXML. XML parsers have been speed optimized out the wazoo; If there 
exists a MARC parser that has ever been speed-optimized without serious 
compromise, I'm sure someone on this list will have a good story about it.

On Oct 25, 2010, at 3:05 PM, Patrick Hochstenbach wrote:

 Dear Nate,
 
 There is a trade-off: do you want very fast processing of data - go for 
 binary data. do you want to share your data globally easily in many (not per 
 se library related) environments - go for XML/RDF. 
 Open your data and do both :-)
 
 Pat
 
 Sent from my iPhone
 
 On 25 Oct 2010, at 20:39, Nate Vack njv...@wisc.edu wrote:
 
 Hi all,
 
 I've just spent the last couple of weeks delving into and decoding a
 binary file format. This, in turn, got me thinking about MARCXML.
 
 In a nutshell, it looks like it's supposed to contain the exact same
 data as a normal MARC record, except in XML form. As in, it should be
 round-trippable.
 
 What's the advantage to this? I can see using a human-readable format
 for poorly-documented file formats -- they're relatively easy to read
 and understand. But MARC is well, well-documented, with more than one
 free implementation in cursory searching. And once you know a binary
 file's format, it's no harder to parse than XML, and the data's
 smaller and processing faster.
 
 So... why the XML?
 
 Curious,
 -Nate

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


[CODE4LIB] Safari extensions

2010-08-05 Thread Eric Hellman
Has anyone played with the new Safari extensions capability? I'm looking at 
you, Godmar. 


Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] DIY aggregate index

2010-07-01 Thread Eric Hellman
I got the synergy demo at ALA; III is not building an index. The odd thing is 
their insistence that what they're doing is much better than federated search.

My experience working with lots of vendors is that clout is not the issue 
with API access; rather it's trust.


On Jun 30, 2010, at 4:22 PM, Walker, David wrote:

 You might also need to factor in an extra server or three (in the cloud or 
 otherwise) into that equation, given that we're talking 100s of millions of 
 records that will need to be indexed.
 
 companies like iii and Ex Libris are the only ones with
 enough clout to negotiate access
 
 I don't think III is doing any kind of aggregated indexing, hence their 
 decision to try and leverage APIs.  I could be wrong.
 
 --Dave
 
 ==
 David Walker
 Library Web Services Manager
 California State University
 http://xerxes.calstate.edu

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/
@gluejar


Re: [CODE4LIB] it's cool to hate on OpenURL (was: Twitter annotations...)

2010-05-03 Thread Eric Hellman

I'll try to find out.

Sent from Eric Hellman's iPhone


On May 2, 2010, at 4:10 PM, stuart yeates stuart.yea...@vuw.ac.nz  
wrote:


But the interesting use case isn't OpenURL over HTTP, the  
interesting use case (for me) is OpenURL on a disconnected eBook  
reader resolving references from one ePub to other ePub content on  
the same device. Can OpenURL be used like that?


Re: [CODE4LIB] it's cool to hate on OpenURL (was: Twitter annotations...)

2010-04-30 Thread Eric Hellman
Eek. I was hoping for something much simpler. Do you realize that you're asking 
for service taxonomy?

On Apr 30, 2010, at 10:22 AM, Ross Singer wrote:

 I think the basis of a response could actually be another context
 object with the 'services' entity containing a list of
 services/targets that are formatted in some way that is appropriate
 for the context and the referent entity enhanced with whatever the
 resolver can add to the puzzle.


[CODE4LIB] it's cool to hate on OpenURL (was: Twitter annotations...)

2010-04-29 Thread Eric Hellman
Since this thread has turned into a discussion on OpenURL...

I have to say that during the OpenURL 1.0 standardization process, we 
definitely had moments of despair. Today, I'm willing to derive satisfaction 
from it works and overlook shortcomings. It might have been otherwise.

What I hope for is that OpenURL 1.0 eventually takes a place alongside SGML as 
a too-complex standard that directly paves the way for a universally adopted 
foundational technology like XML. What I fear is that it takes a place 
alongside MARC as an anachronistic standard that paralyzes an entire industry. 


Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


Re: [CODE4LIB] Twitter annotations and library software

2010-04-29 Thread Eric Hellman
OK, back to Tim's specific question.

I'm not sure why you want to put bib data in a tweet at all for your 
application. Why not just use a shortened URL pointing at your page of 
metadata? That page could offer metadata via BIBO, Open Graph and FOAF in RDFa, 
COinS, RIS, etc. using established methods to serve multiple applications at 
once. When Twitter annotations come along, the URL can be put in the annotation 
field.

Eric

On Apr 21, 2010, at 6:08 AM, Tim Spalding wrote:

 Have C4Lers looked at the new Twitter annotations feature?
 
 http://www.sitepoint.com/blogs/2010/04/19/twitter-introduces-annotations-hash-tags-become-obsolete/
 
 I'd love to get some people together to agree on a standard book
 annotation format, so two people can tweet about the same book or
 other library item, and they or someone else can pull that together.
 
 I'm inclined to start adding it to the I'm talking about and I'm
 adding links on LibraryThing. I imagine it could be easily added to
 many library applications too—anywhere there is or could be a share
 this on Twitter link, including OPACs, citation managers, library
 event feeds, etc.
 
 Also, wouldn't it be great to show the world another interesting,
 useful and cool use of library data that OCLC's rules would prohibit?
 
 So the question is the format. Only a maniac would suggest MARC. For
 size and other reasons, even MODS is too much. But perhaps we can
 borrow the barest of field names from MODS, COinS, or from the most
 commonly used bibliographic format, Amazon XML.
 
 Thoughts?
 
 Tim
 
 -- 
 Check out my library at http://www.librarything.com/profile/timspalding

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


Re: [CODE4LIB] it's cool to hate on OpenURL (was: Twitter annotations...)

2010-04-29 Thread Eric Hellman
Even the best standard in the world can only do so much!

On Apr 29, 2010, at 1:14 PM, Ed Summers wrote:

 On Thu, Apr 29, 2010 at 12:08 PM, Eric Hellman e...@hellman.net wrote:
 Since this thread has turned into a discussion on OpenURL...
 
 I have to say that during the OpenURL 1.0 standardization process, we 
 definitely had moments of despair. Today, I'm willing to derive satisfaction 
 from it works and overlook shortcomings. It might have been otherwise.
 
 Personally, I've followed enough OpenURL enabled hyperlink dead ends
 to contest it works.
 
 //Ed


Re: [CODE4LIB] it's cool to hate on OpenURL (was: Twitter annotations...)

2010-04-29 Thread Eric Hellman
May I just add here that of all the things we've talked about in these threads, 
perhaps the only thing that will still be in use a hundred years from now will 
be Unicode. إن شاء الله


On Apr 29, 2010, at 7:40 PM, Alexander Johannesen wrote:

 However, I'd like to add here that I happen to love XML, even from an
 integration perspective, but maybe that stems from understanding all
 those tedious bits no one really cares about about it, like id(s) and
 refid(s) (and all the indexing goodness that comes from it), canonical
 datasets, character sets and Unicode, all that schema craziness
 (including Schematron and RelaxNG), XPath and XQuery (and all the
 sub-standards), XSLT and so on. I love it all, and not because of the
 generic simplicity itself (simple in the default mode of operation, I
 might add), but because of a) modeling advantages, b)
 cross-environment language and schema support, and c) ease of
 creation. (I don't like how easy well-formedness breaks, though. That
 sucks)

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


Re: [CODE4LIB] it's cool to hate on OpenURL (was: Twitter annotations...)

2010-04-29 Thread Eric Hellman
Ha!

One of the things OpenURL 1.0 fixed was to wire in UTF-8 encoding. Much of 
the MARC data in circulation also uses UTF-8 encoding. Some of it even uses it 
correctly.

On Apr 29, 2010, at 8:58 PM, Alexander Johannesen wrote:

 On Fri, Apr 30, 2010 at 10:54, Eric Hellman e...@hellman.net wrote:
 May I just add here that of all the things we've talked about in these 
 threads, perhaps the only thing that will still be in use a hundred years 
 from now will be Unicode. إن شاء الله
 
 May I remind you that we're still using MARC. Maybe you didn't mean in
 the library world ... *rimshot*
 
 
 Alex
 -- 
 Project Wrangler, SOA, Information Alchemist, UX, RESTafarian, Topic Maps
 --- http://shelter.nu/blog/ --
 -- http://www.google.com/profiles/alexander.johannesen ---


Re: [CODE4LIB] Twitter annotations and library software

2010-04-28 Thread Eric Hellman
I mean, really, if the folks at RefWorks, EndNote, Papers, Zotero and LibX 
don't have crash programs underway to integrate Twitter clients into their 
software to send and receive  reference metadata payloads they can use in the 
Twitter annotation field, they really ought to hire me to come and bash some 
sense into them. Really.

I still think by-reference payloads would got the farthest, as described at 
http://go-to-hellman.blogspot.com/2010/04/when-shall-we-link.html
would go the farthest, but surely these folks know very well what they can send 
and receive.

Eric

On Apr 28, 2010, at 4:17 AM, Jakob Voss wrote:

 Hi
 
 it's funny how quickly you vote against BibTeX, but at least it is a format 
 that is frequently used in the wild to create citations. If you call BibTeX 
 undocumented and garbage then how do you call MARC which is far more 
 difficult to make use of?
 
 My assumption was that there is a specific use case for bibliographic data in 
 twitter annotations:
 
 I. Identifiy publication = this can *only* be done seriously with 
 identifiers like ISBN, DOI, OCLCNum, LCCN etc.
 
 II. Deliver a citation = use a citation-oriented format (BibTeX, CSL, RIS)
 
 I was not voting explicitly for BibTeX but at least there is a large 
 community that can make use of it. I strongly favour CSL 
 (http://citationstyles.org/) because:
 
 - there is a JavaScript CSL-Processor. JavaScript is kind of a punishment but 
 it is the natural environment for the Web 2.0 Mashup crowd that is going to 
 implement applications that use Twitter annotations
 
 - there are dozens of CSL citation styles so you can display a citation in 
 any way you want
 
 As Ross pointed out RIS would be an option too, but I miss the easy open 
 source tools that use RIS to create citations from RIS data.
 
 Any other relevant format that I know (Bibont, MODS, MARC etc.) does not aim 
 at identification or citation at the first place but tries to model the full 
 variety of bibliographic metadata. If your use case is
 
 III. Provide semantic properties and connections of a publication
 
 Then you should look at the Bibliographic Ontology. But III does *not* just 
 subsume usecase II. - it is a different story that is not beeing told by 
 normal people but only but metadata experts, semantic web gurus, library 
 system developers etc. (I would count me to this groups). If you want such 
 complex data then you should use other systems but Twitter for data exchange 
 anyway.
 
 A list of CSL metadata fields can be found at
 
 http://citationstyles.org/downloads/specification.html#appendices
 
 and the JavaScript-Processor (which is also used in Zotero) provides more 
 information for developers: http://groups.google.com/group/citeproc-js
 
 Cheers
 Jakob
 
 P.S: An example of a CSL record from the JavaScript client:
 
 {
 title: True Crime Radio and Listener Disenchantment with Network 
 Broadcasting, 1935-1946,
  author: [ {
family: Razlogova,
given: Elena
  } ],
 container-title: American Quarterly,
 volume: 58,
 page: 137-158,
 issued: { date-parts: [ [2006, 3] ] },
 type: article-journal
 }
 
 
 -- 
 Jakob Voß jakob.v...@gbv.de, skype: nichtich
 Verbundzentrale des GBV (VZG) / Common Library Network
 Platz der Goettinger Sieben 1, 37073 Göttingen, Germany
 +49 (0)551 39-10242, http://www.gbv.de

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


Re: [CODE4LIB] Twitter annotations and library software

2010-04-21 Thread Eric Hellman
I think Twitter annotations would be a good use for 
http://thing-described-by.org/ or a functional equivalent. The payload of the 
annotation would simply be a description URI and a namespace and value for 
descriptions by reference

1. the mechanism would be completely generic, usable for any sort of reference, 
not siloed in libraryland. In other words, we might actually get people to 
adopt it.
2. libraryland descriptions could use BIBO or RDA or both or whatever, and 
could be concise or verbose
3. descriptions could be easily reused

I'll write this up a bit more and would be interested in comment, but it's 
where this post was going:
http://go-to-hellman.blogspot.com/2010/04/when-shall-we-link.html



Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


[CODE4LIB] OpenURL aggregator not doing so well

2010-04-09 Thread Eric Hellman
Take a look at 
http://openurl.code4lib.org/aggregator
Any ideas how to make it work better?

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


[CODE4LIB] Update: Support for attending Code4Lib2010

2009-12-14 Thread Eric Hellman
I'm happy to report that the ad hoc committee to support attendance at Code4Lib 
will be able to provide the requested help.

I'd also like to thank Serials Solutions for their offer of support.

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


[CODE4LIB] Update: Support for attending Code4Lib2010

2009-12-10 Thread Eric Hellman
We now have four community members joining together to support the expenses of 
people who want to go to Code4Lib 2010, so it's likely that we'll be able to 
support more than two people's travel expenses. 

I should mention that support will be informal and discreet- its not like the 
scholarships offered by Brown/OSU.

If you would like to be considered, please send me an email as soon as 
possible, and before I wake up on Monday, December 14, at the latest. Please 
describe your economic hardship, your travel budget, and what you hope to get 
from the conference. We will use arbitrary and uncertain methods to decide who 
to support, and we'll inform you of our decision in time for you to register or 
not on Wednesday December 16, when registration opens.

If you want to go and money's a problem, don't hesitate to ask.

more at 
http://go-to-hellman.blogspot.com/2009/12/supporting-attendance-at-code4lib.html


Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

glue...@twitter
e...@hellman.net 
http://go-to-hellman.blogspot.com/


[CODE4LIB] Support for attending Code4Lib2010

2009-12-09 Thread Eric Hellman
 I hope to be in Asheville. But with the Global Economic Downturn, I worry 
that  some people who might have a lot to contribute and the most to gain may 
be unable to go due to having lost their job or being in a library with 
horrific budget cuts. So, together with Eric Lease Morgan (who has been 
involved with Code4Lib from the very start) I'm putting up a bit of money to 
support the expenses of people who want to go to Code4Lib 2010. If other donors 
can join Eric and myself, that would be wonderful, but so far I'm guessing that 
together we can support the travel expenses of two relatively frugal people.

If you would like to be considered, please send me an email as soon as 
possible, and before I wake up on Monday, December 14 at the latest. Please 
describe your economic hardship, your travel budget, and what you hope to get 
from the conference. Eric and I will use arbitrary and uncertain methods to 
decide who to support, and we'll inform you of our decision in time for you to 
register or not on Wednesday December 16, when registration opens.

more at 
http://go-to-hellman.blogspot.com/2009/12/supporting-attendance-at-code4lib.html


Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

glue...@twitter
e...@hellman.net 
http://go-to-hellman.blogspot.com/


Re: [CODE4LIB] Assigning DOI for local content

2009-11-25 Thread Eric Hellman
On Nov 23, 2009, at 1:32 PM, Ross Singer wrote:

 On Mon, Nov 23, 2009 at 1:07 PM, Eric Hellman e...@hellman.net wrote:
 
 Does this answer your question, Ross?
 
 Yes, sort of.  My question was not so much if you can resolve handles
 via bindings other than HTTP (since that's one of the selling points
 of handles) as it was do people actually use this in the real world?

Well, the short answer to that question is yes.

I think the discussion veered out of the zone of my understanding the point of 
it. The original question related to whether a journal should register Crossref 
doi's, and the short answer to that, as far as I'm concerned,  is an emphatic 
yes.

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


Re: [CODE4LIB] Assigning DOI for local content

2009-11-23 Thread Eric Hellman
For example, if you don't want to rely on dx.doi.org as your gateway to the 
handle system for doi resolution, it would be quite easy for me to deploy my 
own gateway at dx.hellman.net. I might want to do this if a were an 
organization paranoid about security and didn't want to disclose to anybody 
what doi's my organization was resolving. Or, I might want to directly access 
metadata in the handle system that doesn't go through the http gateways, to 
provide a service other than resolution.

Does this answer your question, Ross?



On Nov 20, 2009, at 2:31 PM, Ross Singer wrote:

 On Fri, Nov 20, 2009 at 2:23 PM, Eric Hellman e...@hellman.net wrote:
 Having incorporated the handle client software into my own stuff rather 
 easily, I'm pretty sure that's not true.
 
 Fair enough.  The technology is binding independent.
 
 So you are using and sharing handles using some protocol other than HTTP?
 
 I'm more interested in the sharing part of that question.  What is the
 format of the handle identifier in this context?  What advantage does
 it bring over HTTP?
 
 -Ross.

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


Re: [CODE4LIB] Assigning DOI for local content

2009-11-20 Thread Eric Hellman
Having incorporated the handle client software into my own stuff rather easily, 
I'm pretty sure that's not true.

On Nov 19, 2009, at 12:51 PM, Ross Singer wrote:
 The caveat being that the initial access point is provided via HTTP.
 
 But then again, so is http://hdl.handle.net/, which, in fact, the only
 way currently in practice to dereference handles.

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


Re: [CODE4LIB] XForms EAD editor sandbox available

2009-11-13 Thread Eric Hellman
XForms and Orbeon are very interesting tools for developing metadata management 
tools.

The ONIX developers have used this stack to produce an interface for ONIX-PL 
called OPLE that people should try out.

http://www.jisc.ac.uk/whatwedo/programmes/pals3/onixeditor.aspx

Questions about Orbeon relate to performance and integrability, but I think 
it's an impressive use of XForms nonetheless.

- Eric

On Nov 12, 2009, at 1:30 PM, Ethan Gruber wrote:

 Hello all,
 
 Over the past few months I have been working on and off on a research
 project to develop a XForms, web-based editor for EAD finding aids that runs
 within the Orbeon tomcat application.  While still in a very early alpha
 stage (I have probably put only 60-80 hours of work into it thus far), I
 think that it's ready for a general demonstration to solicit opinions,
 criticism, etc. from librarians, and technical staff.
 
 Background:
 For those not familiar with XForms, it is a W3C standard for creating
 next-generation forms.  It is powerful and can allow you to create XML in
 the way that it is intended to be created, without limits to repeatability,
 complex hierarchies, or mixed content.  Orbeon adds a level on top of that,
 taking care of all the ajax calls, serialization, CRUD operations, and a
 variety of widgets that allow nice features like tabs and
 autocomplete/autosuggest that can be bound to authority lists and controlled
 access terms.  By default, Orbeon reads and writes data from and to an eXist
 database that comes packaged with it, but you can have it serialize the XML
 to disk or have it interact with any REST interface such as Fedora.
 
 Goals:
 Ultimately, I wish to create a system of forms that can open any EAD
 2002-compliant XML file without any data loss or XML transformation
 whatsoever.  I think that this is the shortcoming of systems such as Archon
 and Archivists' Toolkit.  I want to integrate authority lists that can be
 integrated into certain fields with autosuggest (such as corporate names,
 people, and subjects).  If there is demand, I can build a public interface
 for viewing the entire EAD collection, complete with solr for faceted browse
 and search, but this is secondary to producing a form that people with some
 basic archiving knowledge and EAD background can use to easily and
 effectively create finding aids.  A public interface is the easy part, in
 any case.  It wouldn't take more than a week or two to build something
 fairly nice and robust.
 
 Here is the link:  http://beta.scholarslab.org:9080/cocoon/eaditor/
 
 I should stress that the application is *not complete.*  I am using cocoon
 for providing a list of EAD content in the system.  I will remove that
 application eventually and utilize Orbeon's internal pipelining features to
 achieve the same objective.  I haven't delved too deeply into Orbeon's
 pipelines yet.
 
 Here are some things to note:
 
 1. If you click on a link to open the main part of the guide or any of its
 components, you have to click the Load link on the top of the form.  Forms
 aren't being loaded on page load yet.
 2. Elements that accept mixed content per the EAD 2002 schema (e.g.
 paragraphs) only accept PCDATA.  I haven't worked on mixed content yet; it
 is by far the most challenging aspect of the project.
 3. I only have a few C-level elements available to add.
 4. Not all did elements are available yet.
 5. A lot of the generic attributes, like type and label, are not available
 for editing yet.  This may be the type of thing that is best customized per
 institution relative to their own best practices.  I don't want more input
 fields than necessary right now.
 6. The only thing you can add into the archdesc right now is the dsc.
 Once I finish all of the c-level elements, I can just put some xi:includes
 into the archdesc XForm file to show them in the archdesc level.
 
 I think those are the major issues for now.  As I stated earlier, this is
 sort of a pre-alpha.  The project is open source and available (through svn)
 to anyone who wants it.  http://code.google.com/p/eaditor/ .  I have put
 together an easy package to get the application up and running without
 difficulty.  All you have to do is unzip the download, go into the apache
 tomcat folder and execute the startup script.  This assumes you have nothing
 running on port 8080 already.
 
 Download page: http://code.google.com/p/eaditor/downloads/list
 
 Wiki instructions:
 http://code.google.com/p/eaditor/wiki/QuickstartInstallation?ts=1257887453updated=QuickstartInstallation
 
 Comments, questions, criticism welcome.  The editor is a sandbox.  Feel free
 to experiment.
 
 Ethan Gruber
 University of Virginia Library

Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net 
http://go-to-hellman.blogspot.com/


[CODE4LIB] DIY Book Scanner

2009-10-13 Thread Eric Hellman
I was at a conference last Friday where Dan Reetz demoed his open- 
source homemade book scanner. Code4Libbers who are involved with low- 
budget scanning projects may want to check it out:


http://www.diybookscanner.org/  (website for Dan's DIY book scanner)
http://www.instructables.com/id/DIY-High-Speed-Book-Scanner-from-Trash-and-Cheap-C/ 
 (Instructions for making the scanner)

http://www.diybookscanner.org/news/?p=17 (more pictures)
http://www.diybookscanner.org/forum/ (the DIY scanner community forum)

Blog posts:
Harry Lewis:  http://www.bitsbook.com/2009/10/do-it-yourself-book-scanning/
Robin Sloan:  
http://www.themillions.com/2009/10/bringing-book-scanning-home.html
Me:  
http://go-to-hellman.blogspot.com/2009/10/revolution-will-be-digitized-by-cheap.html



Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net
http://go-to-hellman.blogspot.com/


[CODE4LIB] Another way to do link maintenance

2009-09-16 Thread Eric Hellman
The thread on Implementing OpenURL for simple web resources inspired  
my to write an article on all the things that redirectors can be used  
for:

http://go-to-hellman.blogspot.com/2009/09/redirector-chain-mashup-design-pattern.html

Having thought about the original problem a bit, it strikes me that  
going a bit farther than what ross suggests could be a nice solution.


Have an onLoad javascript call your link maintenance database  and  
then rewrite the links in your page. This could be implemented in a  
JSON sort of way. (and no Openurl)


Here's why. There will be situations where you want to maintain the  
anchor text as well as the link, and this solution allows you to do  
it. Also, a well-crafted javascript will allow all the links to work  
(well, the good ones, at least) even if you link maintenace service  
goes down or disappears.


Eric

On Sep 15, 2009, at 11:47 AM, Ross Singer wrote:


Oh yeah, one thing I left off --

In Moodle, it would probably make sense to link to the URL in the  
a tag:

a href=http://bbc.co.uk/;The Beeb!/a
but use a javascript onMouseDown action to rewrite the link to route
through your funky link resolver path, a la Google.

That way, the page works like any normal webpage, right mouse
click-Copy Link Location gives the user the real URL to copy and
paste, but normal behavior funnels through the link resolver.

-Ross.




Eric Hellman
President, Gluejar, Inc.
41 Watchung Plaza, #132
Montclair, NJ 07042
USA

e...@hellman.net
http://go-to-hellman.blogspot.com/


  1   2   >