On October 23, 2008 I gave a talk at Netspeed 2008 titled Hackers in the Library. The talk was designed to build awareness regarding information security threats in libraries and to dispel the myth that “nobody would want to hack a library.”

In this presentation I tell many stories of actual security incidents that I have encountered in various libraries and punctuate these stories with reports from the media of similar events in libraries around the world.

The slides for the presentation are now available for download in MS Powerpoint (PPT) format. The slides include embedded notes covering the content of my speech and additional commentary and links. I have also included some questions and answers that have come up after the talk.

Word on the street is that Ezproxy, the remote access solution for libraries, is to be acquired by OCLC. I predict a change in the licensing and potential litigation for users in the future. More to the point, this should be seen as a call for an open-source equivalent.

For years ezproxy has been an outstanding solution for providing library patrons with remote access to licensed web resources. It has been dirt cheap with excellent support. Yet, at the same time the documentation is poor and the configuration bizarre. I know, I administered a large, complicated, ezproxy for a library consortium for many years.

With all strengths and weaknesses combined, ezproxy was head-and-shoulders above any competitor. Ezproxy’s well-earned popularity meant that there was really no advantage for anyone to create an open-source equivalent. However, now that it is to be acquired by a large library vendor, we can expect many reasons to emerge. The quality of support will likely change over time. The licensing is likely to become complex.

I believe that either a Java application or a apache module with a management tool for building, managing, and distributing the rules-sets for specific web resources is in order. Apache would be interesting as it already has an API for doing authentication/authorization and could be integrated with federated identity through emerging projects that would be seperate (that is to say, ezproxy wouldn’t need to support these… apache will). This is also true of Java in some sense as well as many Java Application Servers have identity management components that would help with this. But they are not open-source (generally speaking… some specific ones are).

This awesome short film on YouTube came to my attention because it is tagged with the word “librarian” (I’ve got an RSS feed that shows all “library” videos on YouTube). Apparently, the whole thing was created in less than 48 hours: the whole thing. It was an entry in the UNLV 48 Hour Film Festival. Wow! I think everyone with an interest in film-making should go out and make a video answering the question: “If you travelled back in time and got stuck, what would you do?”

Via Creative Commons: LibriVox has released their 1000th free audiobook.

LibriVox takes public domain books and creates freely downloadable audiobooks from them. Unlike hard or impossible to use audiobooks from OCLC, these do not have any DRM technology to stop you from hearing them. LibriVox makes their books available in MP3 format and Ogg Vorbis. Ogg Vorbis produces smaller files for the same quality as MP3 and is not encumbered by patents or DRM issues.

Exciting news from Meebo, the web-based Instant Messaging application. They have announced the availability of their platform for meebo application development. The platform provides access to the Meebo API and allows developers to create new applications that integrate with Meebo.

I think this has interesting possibilities for virtual reference services. Meebo is already famous in the library world for its MeeboME Widget. The Meebome Widget lets you add an IM client to any webpage. Users visiting your site can chat with you and they do not need any kind of special IM software or even have an IM account. Libraries have been using this to implement chat reference services.

Now imagine this. Imagine that whenever you, as a reference librarian, were chatting with a client via Meebo that you had a special window that let you enter in citation info for articles. Imagine that each time you entered citation info that it constructed a link to either your citation linker (e.g. SFX) or your remote access system (e.g. ezproxy). As you chat with the client and find articles and resources answering their questions, you could store each link on a “bookshelf”. When you were done you could click a button and send it to the chat session and also save it for future reference.

I am sure that we can come up with much more impressive ideas as well.