- LISWire: EBSCO Releases Social Work Reference Center™ Bringing Evidence-Based Information to Social Workers
- LISWire: La Veta Public Library Goes Live on LibLime Koha 4.14
- LISWire: Griffin Free Public Library Chooses ByWater Solutions’ Koha Support
- LISWire: Lester Public Library of the South Central Library System (SCLS) Goes Live on LibLime Koha 4.14
- LISWire: Gale Announces National Geographic Kids
IT Security For Libraries
IT Security For Libraries - Index
September 8, 2011 - 12:22pm — Blake10. Staying Current In The Field
9. 15 tips for social media security in libraries
8. Social Media Security
7. Practical IT Security
6. Integrating IT Security In Your Library
5. 20 Common Security Myths
4. How To Stay Safe Online
3. Passwords
2. Privacy
1. IT Security Foundations
A Handy PPT Side Deck you can use to do some training in your library.
Share This Post On...
LISTen: An LISNews.org Program -- Episode #229
January 21, 2013 - 1:02am — StephenKThis week's episode looks around the LISHost galaxy while looking at some ambiguous information in a speculative manner.
Related links:
- LISWire: Worch Memorial Public Library Joins COOL and Goes Live on Evergreen
- Pwnie Express: Pwn Plug Elite
- Wired: The Little White Box That Can Hack Your Network
- The Verge: Wikileaks claims Aaron Swartz was an ally and possible source, breaking anonymity
- CNET: WikiLeaks says Aaron Swartz may have been a 'source'
- The Guardian: Libraries crisis set to get 'much worse' this year
- Galileo 0.012 released!
Download here (MP3) (Ogg Vorbis), or subscribe to the podcast (MP3) to have episodes delivered to your media player. We suggest subscribing by way of a service like gpodder.net. A way to send gifts of replacement hardware to Erie Looking Productions is available here via Amazon, as always.
This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/.
Share This Post On...
LISTen: An LISNews.org Program -- Episode #228
January 14, 2013 - 12:36am — StephenKThis week's program deals with Wikipedia hoaxing, an Internet icon, and a miscellany of brief items.
Related links:
- The Daily Mail: The war that never was: Most elaborate Wikipedia hoax ever as 4,500 word article on 'Bicholim Conflict' - a fictitious fight for Goan independence - fooled site for FIVE YEARS
- Yahoo News: War is over: Imaginary ‘Bicholim Conflict’ page removed from Wikipedia after five years
- PC World: Fake Wikipedia entry on Bicholim Conflict finally deleted after five years
- The Register: Anger grows over the death of Aaron Swartz -- Internet prodigy hounded to suicide claims family
- Althouse: "Prosecutor as bully."
- Threat Level: Aaron Swartz, Coder and Activist, Dead at 26
- EFF Deeplinks: Farewell to Aaron Swartz, an Extraordinary Hacker and Activist
- Reuters: Internet activist, programmer Aaron Swartz dead at 26
- BoingBoing: RIP, Aaron Swartz
- PCMag.com: Family of Aaron Swartz Blames U.S. Attorney's Office in Statement
- Legal Insurrection: Sad irony in Aaron Swartz case
- Patterico's Pontifications: EXCLUSIVE: Attorney for Aaron Swartz: Prosecutors’ Arguments Were “Disingenuous and Contrived”
- New York Times: Failing to Close the ‘Digital Divide’
- It's Not About the Books: Mission creep – a 3D printer will not save your library
- PCMag.com: FCC Chairman Wants to Ease Wi-Fi Congestion
- The Verge: JSTOR begins offering free yet limited access to its online academic library
- Public Libraries News: Discovery, warmth, knowledge, dreams, welcoming … what’s your five words to describe public libraries?
- Voices for the Library: Concern over loss of Arts Council England Libraries post
- Megan McCardle: Is Barnes and Noble Next?
Download here (MP3) (Ogg Vorbis), or subscribe to the podcast (MP3) to have episodes delivered to your media player. We suggest subscribing by way of a service like gpodder.net. The list of hardware sought to replace our ever-increasing damage control report can be found here and can be directly purchased and sent to assist The Air Staff in rebuilding to a more normal operations capability.
This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/.
Share This Post On...
Simple tricks websites can use to fingerprint you
October 15, 2012 - 8:09am — BlakeThe "I Know..." series of blog posts shows relatively simple tricks [malicious] websites can use to coax a browser into revealing information that it probably should not. Firewalls, anti-virus software, anti-phishing scam black lists, and even patching your browser was not going to help.
Fortunately, if you are using one of today’s latest and greatest browsers (Chrome, Firefox, Internet Explorer, Safari, etc.), these tricks, these attack techniques, mostly don’t work anymore. The unfortunate part is that they were by no means the only way to accomplish these feats.
I Know…
- … Series Introduction
- …A LOT About Your Web Browser and Computer
- …The Country, Town, and City You Are Connecting From (IP Geolocation)
- …What Websites You Are Logged-In To (Login-Detection via CSRF)
- … I Know Your Name, and Probably a Whole Lot More (Deanonymization via Likejacking, Followjacking, etc.)
- … Who You Work For
- … Your [Corporate] Email Address, and more…
- … Summary and Guidance
Share This Post On...
SEC4LIB The Place To Learn About IT Security Issues In Libraries
September 18, 2012 - 11:48am — BlakeYou might be interested in the new(ish) list where we talk about IT Security stuff, SEC4LIB. It's low volume and you'll probably learn a few things about security issues.
You may also like to check out the IT Security For Libraries section here at LISNews: http://lisnews.org/security
Share This Post On...
Hacker Group Breaches Library of Congress Site, Publishes Passwords
March 5, 2012 - 6:03pm — BlakeHacker Group Breaches Library of Congress Site, Publishes Passwords
A group of hackers claims to have breached the official website of the Library of Congress, America’s national library.
The group claiming responsibility, BlitzSec, decried the wildly unpopular US Congress and said it used a SQL injection attack to access the Library of Congress Website's back end database and expose user names, passwords and email addresses. The group has posted data taken from the Library on the file sharing Web site Pastebin.
Share This Post On...
Are your mobile apps spying on you?
February 17, 2012 - 10:12am — BlakeAre your mobile apps spying on you?
Why is this a big deal? Because phone numbers are some of the most personal information available about anyone. They are a semi-permanent unique identification number that also serves as a direct way to reach you at all times. Giving someone else your number means you trust them to not abuse it, call you at 3 a.m. for no reason, or spray paint it on a restroom wall.
But can you trust these Web apps -- especially those that grab your numbers without asking -- to not abuse it? The answer is that we shouldn't have to. Maybe now, thanks to the Path debacle, we won't.
Share This Post On...
A Research Agenda Acknowledging the Persistence of Passwords
January 16, 2012 - 4:02pm — BlakeA Research Agenda Acknowledging the Persistence of Passwords
Despite countless attempts and near-universal desire to replace them, passwords are more widely used and firmly entrenched than ever. Our exploration of this leads us to argue that no silver bullet will meet all requirements, and not only will passwords be with us for some time, but in many instances they are the solution which best fits the scenario of use. Among broad authentication research directions to follow, we first suggest better means to concretely identify actual requirements (surprisingly overlooked to date) and weight their relative importance in target scenarios; this will support approaches aiming to identify best-fit mechanisms in light of requirements. Second, for scenarios where indeed passwords appear to be the best-fit solution, we suggest designing better means to support passwords themselves. We highlight the need for more systematic research, and how the premature conclusion that passwords are dead has lead to the neglect of important research questions.
Share This Post On...
The secret stalker within your phone
October 25, 2011 - 11:04am — BlakeIf you've ever wondered just what's going on inside some of those apps on your phone, you'll want to take a look at this!
Secret iOS business; what you don’t know about your apps
Developers can get away with more sloppy or sneaky practices in mobile apps as the execution is usually further out of view. You can smack the user with a massive asynchronous download as their attention is on other content; but it kills their data plan. You can track their moves across entirely autonomous apps; but it erodes their privacy. And most importantly to me, you can jeopardise their security without their noticing; but the potential ramifications are severe.
Share This Post On...
Keeping Current In IT Security
September 12, 2011 - 3:04pm — BlakeI have almost 300 feeds in my feed reader dedicated to security now. You probably don't need to read that much about security! If so, here's an OPML file: http://lisnews.org/files/blakes-security-subscriptions.xml
If that's too much (and it almost certainly is) here are some recommended sources I think you'll find will keep you up to date in the field, and won't overwhelm you with too much information!
Recommended - Easy To Follow:
SANS Newsletters http://www.securingthehuman.org/resources/newsletters/
Schneier on Security : http://www.schneier.com/blog/
Naked Security – Sophos : http://nakedsecurity.sophos.com/
Security FAQs : http://www.security-faqs.com/
SANS Information Security Reading Room : http://www.sans.org/reading_room/
Scurity Now Podcast : http://grc.com/securitynow.htm
Recommended - More In Depth:
TechRepublic: IT Security : http://www.techrepublic.com/blog/security/
Lenny Zeltser : http://blog.zeltser.com/
Threatpost: http://threatpost.com/en_us/frontpage
Packet Storm : http://packetstormsecurity.org/
MOREnet Security News : http://www.more.net/content/security-2
Root Secure : http://www.rootsecure.net/
Security Bloggers Network : http://www.securitybloggersnetwork.com/ -- Read More
Share This Post On...
Recent blog posts
- Every Book Its Reader: The Power of the Printed Word to Stir the World
- The Bradbury Chronicles
- Cites & Insights 13:6 (June 2013) now available
- Brought to You by Mountain Dew
- Book: Fear Less
- The End of Power
- If you don't read my dog, I'll shoot this book.
- Cites & Insights 13:5 (May 2013) available
- Skygods
- Pandora's Lunchbox
Recent comments
22 hours 30 minutes ago
1 day 2 hours ago
1 day 21 hours ago
3 days 22 hours ago
4 days 1 hour ago
4 days 20 hours ago
5 days 8 minutes ago
5 days 2 hours ago
5 days 8 hours ago
5 days 8 hours ago