Thursday Threads: Battles over strong encryption, IPv4 addresses exhausted while IPv6 surges

Receive DLTJ Thursday Threads:

by E-mail

by RSS

Delivered by FeedBurner

Two articles in each of two threads this week:

Feel free to send this to others you think might be interested in the topics. If you find these threads interesting and useful, you might want to add the Thursday Threads RSS Feed to your feed reader or subscribe to e-mail delivery using the form to the right. If you would like a more raw and immediate version of these types of stories, watch my Pinboard bookmarks (or subscribe to its feed in your feed reader). Items posted to are also sent out as tweets; you can follow me on Twitter. Comments and tips, as always, are welcome.

If Strong Encryption is Outlawed…

Later this year the [U.K.] government intends to introduce legislation that will ensure that any form of communication, whether it’s an email, text message, or video chat, can always be read by the police or intelligence services if they have a warrant.

Few would disagree with the idea that criminals shouldn’t be allowed to plot in secret. But in reality there are huge technical, legal, and moral problems with what the British government wants to do, setting it on a collision course with both the tech industry and privacy campaigners.

[U.S.] Federal law enforcement officials warned Wednesday that data encryption is making it harder to hunt for pedophiles and terror suspects, telling senators that consumers’ right to privacy is not absolute and must be weighed against public-safety interests.

The testimony before the Senate Judiciary Committee marked the latest front in a high-stakes dispute between the Obama administration and some of the world’s most influential tech companies, moving the discussion squarely before Congress.

FBI, Justice Dept. take encryption concerns to Congress, by Eric Tucker, Associated Press via The Washington Post, 8-Jul-2015

When I was in my teens, I saw this written on a bathroom stall: “If freedom is outlawed, only outlaws will be free.” The same idea is being applied to strong encryption. These two articles come from many published in the recent weeks over the regulation and use of encryption technologies. I don’t envy the task of law enforcement in an age where technology makes covert communication easier. I would have thought, though, that at least the U.S. government learned from the Clipper Chip fiasco of the 1990s. Encryption is based on mathematical principles. Mathematical principles are not subject to legislation. You might make it illegal to publish encryption algorithms, but you cannot make it illegal for someone to think about encryption algorithms. And who will have a vested interest in having people think about encryption algorithms? If strong encryption is outlawed…

Allocations of IPv4 Internet Addresses Now Restricted; It’s a Good Thing IPv6 is Finally Here

Remember how, a decade ago, we told you that the Internet was running out of IPv4 addresses? Well, it took a while, but that day is here now: Asia, Europe, and Latin America have been parceling out scraps for a year or more, and now the ARIN wait list is here for the US, Canada, and numerous North Atlantic and Caribbean islands. Only organizations in Africa can still get IPv4 addresses as needed. The good news is that IPv6 seems to be picking up the slack.
ARIN, the American Registry for Internet Numbers, has now activated its “IPv4 Unmet Requests Policy.” Until now, organizations in the ARIN region were able to get IPv4 addresses as needed, but yesterday, ARIN was no longer in the position to fulfill qualifying requests. As a result, ISPs that come to ARIN for IPv4 address space have three choices: they can take a smaller block (ARIN currently still has a limited supply of blocks of 512 and 256 addresses), they can go on the wait list in the hopes that a block of the desired size will become available at some point in the future, or they can transfer buy addresses from an organization that has more than it needs.

It is now three years since World IPv6 Launch, and solid growth in global IPv6 adoption continues at a steady pace.

With over 17% of the country’s end-users actively using IPv6, the United States continues to be a dominant force in IPv6 traffic levels and adoption, with the top three U.S. broadband operators and all four of the top U.S. mobile operators actively rolling out IPv6 to their end-users. Other countries including Germany, Belgium, Japan, and Peru continue to have solid IPv6 traffic growth, and network operators in additional countries including Brazil, Saudi Arabia, Portugal, Estonia, and Greece have started large-scale IPv6 deployments to end-users.

Three years since World IPv6 Launch: strong IPv6 growth continues, by Erik Nygren, The Akamai Blog, 8-Jun-2015

I do remember when IPv6 made it through the IETF processes and became a standard. It was roughly just after the point where it was collectively decided that the 7-layer OSI network model had lost out to TCP/IP. (Okay, that was a bunch of geek — this was all getting hashed out in the mid-1990s.) Needless to say, actual implementation of the next version of the rules by which machines communicate with each other on the internet has been coming for a long time.

Is this something to worry about? Probably not — there are a bunch of really smart people making sure that the internet appears to work tomorrow just like it does today. (If you are technically minded, check out the latter half of the Akamai blog post — it has all sorts of interesting details about bridging IPv6 to IPv4 as we start to contemplate a world where IPv6 dominates.) One warning: if your work deals with “dotted quads” like, then you have a whole new addressing scheme to get used to.

Thursday Threads: Let’s Encrypt is coming, Businesses want you coming to the office, OR2015 Summary

Receive DLTJ Thursday Threads:

by E-mail

by RSS

Delivered by FeedBurner

This week’s threads:

NOTE! Funding for my current position at LYRASIS runs out at the end of June, so I am looking for new opportunities and challenges for my skills. Check out my resume/c.v. and please let me know of job opportunities in library technology, open source, and/or community engagement.

Feel free to send this to others you think might be interested in the topics. If you find these threads interesting and useful, you might want to add the Thursday Threads RSS Feed to your feed reader or subscribe to e-mail delivery using the form to the right. If you would like a more raw and immediate version of these types of stories, watch my Pinboard bookmarks (or subscribe to its feed in your feed reader). Items posted to are also sent out as tweets; you can follow me on Twitter. Comments and tips, as always, are welcome.

Let’s Encrypt Launch Schedule

Let’s Encrypt has reached a point where we’re ready to announce our launch schedule.

  • First certificate: Week of July 27, 2015
  • General availability: Week of September 14, 2015
Let’s Encrypt Launch Schedule, by Josh Aas, 16-Jun-2015

As you might recall from a earlier edition of DLTJ Thursday Threads, the Let’s Encrypt initiative will allow anyone who has a domain name to get an encryption certificate at no cost. Not only that, but the effort is also building software to automatically create, update, install, and securely configure those certificates. This will make it very easy for small sites — like libraries, archives, and museums — to use HTTPS-encrypted connections. There has been a great deal of talk within the library patron privacy community about how to best make this happen, including a proposal by Eric Hellman for a “Digital Library Privacy Pledge” that will encourage libraries to adopt encrypted web connections across all of their services. Keep your eye out for more about “Let’s Encrypt.”

Five trends that are reshaping your office

But lots of companies wrestling with how to get people to show their face at work, in an era where telecommuting is increasingly popular, are trying to lure them back rather than mandate it. While organizations have long embraced the benefits of “hoteling,” where employees reserve desks for themselves rather than getting a dedicated space to work every day, many are taking that concept even further, adding concierge-like staff and other perks to give workers more reasons to come onsite.

Five trends that are reshaping your office, by Jena McGregor, Washington Post, 15-Jun-2015

I’m not sure this applies to many of our offices, but it is useful to know that these things are happening. As someone who has worked remotely for the past five years, I don’t know if these kinds of perks from my employer would get me to come into an office more. It is hard to beat face-to-face interaction for its power to convey information and build community. We are using tools like Slack to reproduce that kind of interaction as best we can, and the tools are getting better at making it easier for remote teams to form cohesion and effectively get work done.

Open Repositories 2015 Summary

Tweet from @OpenRepository, as quoted by Hardly Pottinger in his 2015 Recap

That tweet is a summary of what happened at Open Repositories 2015 last week, and Hardly’s summary matches what I heard about the conference activities from a far. They keynote from Google Scholar's Anurag Acharya on pitfalls and best practices for indexing repository content was a bit hit. His slides are online as are a collection of tweets curated by Eileen Clancy, and I highly recommend software developers and repository users look over these do’s and don’ts for their own systems.

Thursday Threads: Man Photocopies Ebook, Google AutoAwesomes Photos, Librarians Called to HTTPS

Receive DLTJ Thursday Threads:

by E-mail

by RSS

Delivered by FeedBurner

In this week’s threads: a protest — or maybe just an art project — by a reader who saves his e-book copy of Orwell’s 1984 by photocopying each page from his Kindle, the “AutoAwesome” nature of artificial intelligence, and a call to action for libraries to implement encryption on their websites.

Feel free to send this to others you think might be interested in the topics. If you find these threads interesting and useful, you might want to add the Thursday Threads RSS Feed to your feed reader or subscribe to e-mail delivery using the form to the right. If you would like a more raw and immediate version of these types of stories, watch my Pinboard bookmarks (or subscribe to its feed in your feed reader). Items posted to are also sent out as tweets; you can follow me on Twitter. Comments and tips, as always, are welcome.

Use Your Photocopier to Backup you E-book

Picture of the hardback book of scanned Kindle page images.

E-book backup is a physical, tangible, human readable copy of an electronically stored novel. The purchased contents of an e-book reader were easily photocopied and clip-bound to create a shelf-stable backup for the benefit of me, the book consumer. I can keep it on my bookshelf without worry of remote recall. A second hardcover backup has been made with the help of an online self-publishing house.

E-book backup, Jesse England, circa 2012

This project is from around 2012, but it first caught my eye this month. The author — pointing when “some Amazon Kindle users found their copy of George Orwell’s 1984 and Animal Farm had been removed from their Kindles without their prior knowledge or consent” — decided to photocopy each page of his copy of 1984 as it appeared on a Kindle screen and create a bound paper version. The result is as you see in the image to the right.

Eight days ago, someone took the images from Mr. England’s page and uploaded the sequence to imgur. The project again circulated around the ‘net. There is a digital preservation joke in here, but I might not be able to find it unless the original creator took the text of 1984 and printed it out as QR Codes so the resulting book could be read back into a computer.

How Awesome is Artificial Intelligence?

The other day I created a Google+ album of photos from our holiday in France. Google’s AutoAwesome algorithms applied some nice Instagram-like filters to some of them, and sent me emails to let me have a look at the results. But there was one AutoAwesome that I found peculiar. It was this one, labeled with the word “Smile!” in the corner, surrounded by little sparkle symbols.
It’s a nice picture, a sweet moment with my wife, taken by my father-in-law, in a Normandy bistro. There’s only one problem with it. This moment never happened.

It’s Official: A.I.s are Now Re-Writing History, Robert Elliott Smith, 7-Oct-2014

Follow the link above to see the pictures — the two source pictures and the combination that Google’s algorithms created. The differences are subtle. I loaded both of the source images into Gimp and performed a difference operation between the two layers. The result is the image below.

Difference between two pictures

The difference between the two pictures that Google combined in its “AutoAwesome” way.

Black means the pixel color values were identical, so you can see the changes of hand position clearly. (Other artifacts are I assume differences because of the JPEG compression in the original source pictures.)

This reminds me of the trick of taking multiple pictures of the same shot and using a tool like Photoshop to remove the people. Except in this case it is an algorithm deciding what are the best parts from a multitude of pictures and putting together what its programmers deem to be the “best” combination.

Call to Librarians To Implement HTTPS

Librarians have long understood that to provide access to knowledge it is crucial to protect their patrons’ privacy. Books can provide information that is deeply unpopular. As a result, local communities and governments sometimes try to ban the most objectionable ones. Librarians rightly see it as their duty to preserve access to books, especially banned ones. In the US this defense of expression is an integral part of our First Amendment rights.

Access isn’t just about having material on the shelves, though. If a book is perceived as “dangerous,” patrons may avoid checking it out, for fear that authorities will use their borrowing records against them. This is why librarians have fought long and hard for their patrons’ privacy. In recent years, that include Library Connection’s fight against the unconstitutional gag authority of National Security Letters and, at many libraries, choosing not to keep checkout records after materials are returned.

However, simply protecting patron records is no longer enough. Library patrons frequently access catalogs and other services over the Internet. We have learned in the last two years that the NSA is unconstitutionally hoovering up and retaining massive amounts of Internet traffic. That means that before a patron even checks out a book, their search for that book in an online catalog may already have been recorded. And the NSA is not the only threat. Other patrons, using off-the-shelf tools, can intercept queries and login data merely by virtue of being on the same network as their target.

Fortunately, there is a solution, and it’s getting easier to deploy every day.

What Every Librarian Needs to Know About HTTPS, by Jacob Hoffman-Andrews, Electronic Frontier Foundation, 6-May-2015

That is the beginning of an article that explains what HTTPS means, why it is important, and how libraries can effectively deploy it. This is something that has come up in the NISO Patron Privacy in Digital Library and Information Systems working group that has been holding virtual meetings this month and will culminate in a two-day in person meeting after the ALA Annual convention in San Francisco next month. As you look at this article, keep an eye out for announcements about the Let's Encrypt initiative to kick-off some time this summer; it will give websites free server encryption certificates and provide a mechanism to keep them up-to-date.

Thursday Threads: Mobile Device Encryption, Getty Images for Free

Receive DLTJ Thursday Threads:

by E-mail

by RSS

Delivered by FeedBurner

Just a brief pair of threads this week. First is a look at what is happening with mobile device encryption as consumer electronics companies deal with data privacy in the post-Snowden era. There is also the predictable backlash from law enforcement organizations, and perhaps I just telegraphed how I feel on the matter. The second thread looks at how Getty Images is trying to get into distributing its content for free to get it in front of eyeballs that will end up paying for some of it.

Feel free to send this to others you think might be interested in the topics. If you find these threads interesting and useful, you might want to add the Thursday Threads RSS Feed to your feed reader or subscribe to e-mail delivery using the form to the right. If you would like a more raw and immediate version of these types of stories, watch my Pinboard bookmarks (or subscribe to its feed in your feed reader). Items posted to are also sent out as tweets; you can follow me on Twitter. Comments and tips, as always, are welcome.

Apple and Android Device Data Encryption

In an open letter posted on Apple’s website last night, CEO Tim Cook said that the company’s redesigned its mobile operating system to make it impossible for Apple to unlock a user’s iPhone data. Starting with iOS8, only the user who locked their phone can unlock it.

This is huge. What it means is that even if a foreign government or a US police officer with a warrant tries to legally compel Apple to snoop on someone, they won’t. Because they can’t. It’s a digital Ulysses pact.

The next generation of Google’s Android operating system, due for release next month, will encrypt data by default for the first time, the company said Thursday, raising yet another barrier to police gaining access to the troves of personal data typically kept on smartphones.

Predictably, the US government and police officials are in the midst of a misleading PR offensive to try to scare Americans into believing encrypted cellphones are somehow a bad thing, rather than a huge victory for everyone’s privacy and security in a post-Snowden era. Leading the charge is FBI director James Comey, who spoke to reporters late last week about the supposed “dangers” of giving iPhone and Android users more control over their phones. But as usual, it’s sometimes difficult to find the truth inside government statements unless you parse their language extremely carefully. So let’s look at Comey’s statements, line-by-line.

I think it is fair to say that Apple snuck this one in on us. To the best of my knowledge, the new encrypted-by-default wasn’t something talked about in the iOS8 previews. And it looks like poor Google had to play catch-up by announcing on the same day that they were planning to do the same thing with the next version of the Android operating system. (If Apple and Google conspired to make this announcement at the same time, I haven’t heard that either.)

As you can probably tell by the quote I pulled from the third article, I think this is a good thing. I believe the pendulum has swung too far in the direction of government control over communications, and Apple/Google are right to put new user protections in place. This places the process of accessing personal information firmly back in the hands of the judiciary through court orders to compel people and companies to turn over information after probable cause has been shown. There is nothing in this change that prevents Apple/Google from turning over information stored on cloud servers to law enforcement organizations. It does end the practice of law enforcement officers randomly seizing devices and reading data off them.

As an aside, there is an on-going discussion about the use of so-called “stingray” equipment that impersonates mobile phone towers to capture mobile network data. The once-predominant 2G protocol that the stingray devices rely on was woefully insecure, and the newer 3G and 4G mobile carrier protocols are much more secure. In fact, stingray devices are known to jam 3G/4G signals to force mobile devices to use the insecure 2G protocol. Mobile carriers are planning to turn off 2G protocols in the coming years, though, which will make the current generation of stingray equipment obsolete.

Getty Offers Royalty-Free Photos

The story of the photography business over the past 20 years has been marked by two shifts: The number of photographs in circulation climbs toward infinity, and the price that each one fetches falls toward zero. As a result, Getty Images, which is in the business of selling licensing rights, is increasingly willing to distribute images in exchange for nothing more than information about the public’s photo-viewing habits.

Now Getty has just introduced a mobile app, Stream, targeted at nonprofessionals to run on Apple’s new operating system. The app lets people browse through Getty’s images, with special focus on curated collections. It’s sort of like a version of Instagram (FB) featuring only professional photographers—and without an upload option.

Commercial photography is another content industry — like mass-market and trade presses, journal publishers, newspapers, and many others — that is facing fundamental shifts in its business models. In this case, Getty is going the no-cost, embed-in-a-web-page route to getting their content to more eyeballs. They announced the Getty Images Embed program a year ago, and have now followed it up with this iOS app for browsing the collection of royalty-free images.

Encryption of Patron Data in Modern Integrated Library Systems

“How much effort do you want to spend securing your computer systems? Well, how much do you not want to be in front of a reporter’s microphone if a security breach happens?” I don’t remember the exact words, but that quote strongly resembles something I said to a boss at a previous job. Securing systems is unglamorous detail work. One slip-up plus one persistent (or lucky) attacker means years of dedicated efforts are all for naught as personal information is inadvertently released. See, for example, what happened recently with Sony Online Entertainment’s recent troubles.

It was in that frame of mind that I responded to a series of questions from a librarian taking a computer science class. (As someone else who straddles the computer-science/library-science divide, I wanted to encourage this line of thinking!) Now library systems typically don’t have credit card information, so they may not be attractive to individuals that seek to expose or exploit personal information. But our systems do have physical addresses, e-mail addresses, and sometimes birthdays or other personal data. And we have a professional ethic to keep patron use information private.

The person that sent me these questions asked that I not mention a name or affiliation, but that it was okay that I repost the questions along with my replies. I’m hoping this encourages some discussion because my understanding of the use of encryption in ILS products is very narrow and only somewhat deep (and is getting shallower by the day as my direct experience is going on ten years old).

Background on the project is that during our encryption unit, I realized that I didn’t know anything about what libraries to do back up our strongly stated policies about protecting patron privacy, so I wanted to find out more about it.


  1. What encryption tools/standards, if any, are used to safeguard patron accounts (name, items checked out, databases accessed, etc.) at the library?
  2. Where in the systems do these tools typically fit — at the ILS level, or somewhere else? (e.g., university ID systems)
  3. How are circulation and other records expunged? I.e., are they permanently deleted in such a way that hard drive forensics couldn’t bring them back?

In my experience, this patron information is not encrypted in integrated library systems. The difficulty is that if those bits of information are encrypted, they must be decrypted by the program in order to be useful (generating an overdue notice means the patron’s information must be known to the program, displaying the patron’s name on his/her account information screen, etc.). And for programs to decrypt they must have the secret key. And if the programs know the secret key it is trivial for an attacker to get the key as well. And since good encryption, by its nature, is computationally “expensive” there would be a lot of system load with all of the encryption and decryption of bits of information. (Computationally expensive is good because it makes it harder for an attacker to guess the correct key.)

Password Hashing Flowchart

Note that passwords are a special case. Passwords are not really encrypted in a database; rather the output of a “one way hash” algorithm is stored. When the user tries to log in, the same one way hash algorithm is applied to the text string entered as a password and if the output matches what is stored in the database the user is let in.

As the diagram shows, with the login attempts the hashed password is not decrypted; the output of the hash algorithm is compared to what is known to be the hashed password.

[Aside: I’m trying an experiment in this post. The diagram is a Scalable Vector Graphic (SVG) file. It seems to be showing up fine in the browsers I’m testing, but I have no idea how it will appear in the RSS feed or if you are using an RSS reader or receiving this post via FeedBurner e-mail. If you don’t see the graphic, try viewing the post via the DLTJ website.]

The most effective encryption would be at the database management system layer. For instance, Oracle has “Transparent Data Encryption” feature. “Data is automatically encrypted when it is written to disk and automatically decrypted when accessed by the application.” Automatic encryption is not built into MySQL, but you can use a MySQL-specific function to encrypt a field. PostgreSQL has a contributed module that performs the function.

Another option — other than database-level encryption — is to have the operating system encrypt the underlying filesystem (for example, the Red Hat Encrypted Filesystem). That way all of the database storage files — stored in that filesystem directory — would be encrypted.

Note, though, that in any of these cases, the key is known to the computer somehow, and so it is possible for an attacker to recover the key and decrypt the data. There are, of course, varying levels of obscurity one can apply to the key, but I think we’re getting pretty far off on a tangent.

How often circulation and other records would be expunged would depend on implementations in each software system, but as a general guideline I don’t think a strong deletion mechanism is used to obliterate data on the disk. I’d be happy to be proven otherwise. And as you consider hard drive forensics, also think about pulling the same information off backup tapes; that would probably be easier to get to.

In a follow-up, I was asked:

WRT your response on Q2, do you have an idea of what level “most” or “some” libraries might have the encryption, or were you speaking purely from a view of what ideal/good situations might look like?

On 3, I have heard from a few others that there seems to be just deletion with no zeroing out features or the like and that it does take a period of time (1-2 months) for backup tapes to be overwritten. So it strikes me that the weakest link may be in the area we talk most about protecting.

With regards to the database-level or the filesystem-level encryption, I was speaking from a point of view of what idea/good situations might look like. One of the outcomes of posting these questions to a wider group of readers is, I hope, more real-world experience reports from people who might be running systems that actually do this.

Yes, I think those are weak links, with the backup tapes being the biggest problem. One can’t predict when blocks on a live filesystem disk will be overwritten, but overwriting tapes is pretty predictable — and easy because one doesn’t need access to the live system.

Thursday Threads: Unprotected Social Media Sites, Value of Free, and Real Life Net Neutrality

Receive DLTJ Thursday Threads by E-mail! Enter your email address:

Delivered by FeedBurner

This week’s Thursday Threads looks at a big hole in the security model of most internet sites that require you to log into them with a username and password plus a pair of stories about “big media” battles. If you find these interesting and useful, you might want to add the Thursday Threads RSS Feed to your feed reader or subscribe to e-mail delivery using the form to the right. If you would like a more raw and immediate version of these types of stories, watch my FriendFeed stream (or subscribe to its feed in your feed reader). Comments, as always, are welcome.
Continue reading

“Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide”

Cover of “Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide”The title of this post is the same as the report it describes, Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide [PDF]. It was announced by Ronald Deibert last week on his blog at Citizen Lab. The one sentence synopsis goes like this: “This guide is meant to introduce non-technical users to Internet censorship circumvention technologies, and help them choose which of them best suits their circumstances and needs.”

Although the stated audience is non-technical users, I found the description of techniques and circumstances under which one might deploy the techniques very interesting. The document provides guidance for those seeking circumvention and those who want to provide it. After a brief introduction to censorship activities worldwide (including in the United States), it walks the reader through an analysis of needs and describes solutions that meet the needs based on the user’s technical skills. I knew ‘tor‘ — a long-time favorite of mine — would be in there, but I was surprised by the range of other options.

To put a library spin on the report, some of the solutions offered are usable on “public computers” — such as, say, what one might find in a library. One could take the report and read about the techniques with the intent to block them on your public workstations, but I think another reading of it would say that such attempts are ultimately futile because of the likelihood of other similar services popping up to take their place. Unless you are running a white-list-only setup (that is to say, your public workstations are explicitly set to only allow access to a prescribed set of sites), any user can walk up to any public workstation and access the circumvention sites described in the report or any other ones that spring into existence.

The circumvention techniques are, of course, do not provide an assurance of privacy. Even though the network traffic is encrypted, the activities of the user can still be monitored by keystroke loggers and other techniques in the workstation itself. In order to get around that, one would need to restart the public workstation with a bootable Linux distribution, but that is perhaps a report for another time…

The text was modified to update a link from to on January 28th, 2011.

The text was modified to update a link from to on January 28th, 2011.

The text was modified to update a link from to on January 28th, 2011.