It is a security/privacy edition of DLTJ Thursday Threads this week. First a link to a 3-page PDF that talks about the use of password managers to keep all of your internet passwords unique and strong. Next a story about how the W3C standards body is looking at standardizing digital rights management for browser content. And finally, a story about a site that one personal data broker put up that gives you a glimpse of what they know about you.
Three groups of stories in this long-in-coming DLTJ Thursday Threads. First, we look at the pent-up risks of running Windows XP systems given that support for that operating system is scheduled to end in April 2014. Second, a pair of articles that look at the ups and downs of open source software governance as it relates to the Apache Foundation. And lastly, look out for that garbage can — it may be watching your every move.
One of the great things about the Shibboleth inter-institution single sign-on software package is the ability for the Identity Provider to limit how much a Service Provider knows about a user’s request for service. (Not familiar with those capitalized terms? Read on for definitions.) But with this capability comes great flexibility, and with the flexibility can come lots of management overhead. So I was intrigued to see the announcement for an online webinar from the InCommon Shibboleth Federation with the title “The Challenges of User Consent” covering the issues of managing who gets access to what information about users.
“How much effort do you want to spend securing your computer systems? Well, how much do you not want to be in front of a reporter’s microphone if a security breach happens?” I don’t remember the exact words, but that quote strongly resembles something I said to a boss at a previous job. Securing systems is unglamorous detail work. One slip-up plus one persistent (or lucky) attacker means years of dedicated efforts are all for naught as personal information is inadvertently released. See, for example, what happened recently with Sony Online Entertainment’s recent troubles.
Almost a decade ago while at the University of Connecticut I conducted a survey of ARL libraries on their patron privacy practices. The full text of that survey and ARL member responses are available from Google Books and from HathiTrust. Lee Anne George of ARL confirmed via e-mail that permission has been given for full view of SPEC Kits up through 2005 as well as other ARL publications. Lee Anne said that there are over 400 titles now in full view.
Within the span of a recent week we’ve had two views of the OCLC cooperative. In one we have a proposition that OCLC has gone astray from its core roots and in the other a celebration of what OCLC can do. One proposes a new mode of cooperation while the other extols the virtues of the existing cooperative. Both writers claim — independently — to “talk to librarians” and represent the prevailing mood of the profession. Can these two viewpoints be reconciled?
A few weeks ago, a reporter at the Chronicle of Higher Education interviewed Adam Smith, Google’s director of product management, about the Google Book Search settlement and posted the interview in audio form. The page isn’t dated, but guessing from metadata in the URL it was somewhere around the publication of paper issue dated June 26, 2009. I’m calling out this particular interview because Mr. Smith said things that I hadn’t heard in other forms yet — Google’s intentions about privacy in Google Book Search, an explicit statement about the Book Rights Registry releasing information about the status of orphan works, and a statement on what Google expects the size of the orphan works problem to be once the Registry has been in operation for a while.
Last month, Clay Shirky gave a presentation with the title “It’s Not Information Overload. It’s Filter Failure” at the Web 2.0 Expo. 1 Shirky admits up front at the start of the talk that the topic is something new that he is exploring, and as a result the ideas are not fully formed. (I get lost in how the last of his three examples applies to the topic at hand, for instance.) But his viewpoint is a refreshing way to look at the issue of “information overload” from a new perspective, and it is worth looking at even in this raw stage. For starters, he says that we’ve been facing information overload for the past 500 years — since the introduction of the Gutenburg movable type press gave readers more books than they could possibly read. What has changed in the last decade has been how past information “filters” are no longer effective.
The title of this post is the same as the report it describes, Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide [PDF]. It was announced by Ronald Deibert last week on his blog at Citizen Lab. The one sentence synopsis goes like this: “This guide is meant to introduce non-technical users to Internet censorship circumvention technologies, and help them choose which of them best suits their circumstances and needs.”