[CODE4LIB] Google can give you answers, but librarians give you the right answers

[Cornel Darden Jr.]

Hello,

"Google can give you answers, but librarians give you the right answers."

Is it me? Or is there something wrong with this statement?

I've been hearing statements like this since I've been in the field. Tonight I 
saw a public library post on FB: 

Library: "because not everything on the internet is true"

Some people applauded the statement and were like: "yay librarians!"

Others thought it was a very ignorant statement. And many patrons caused a huge 
backlash. It was interesting as the library responded to the irritated patrons. 

Thoughts?

Thanks,

Cornel Darden Jr. 
Chief Information Officer
Casanova Information Services, LLC 
Office Phone: (779) 205-3105
Mobile Phone: (708) 705-2945

Sent from my iPhone

[CODE4LIB] Job: Tribal Youth Intern/Oral Historian at The Great Basin Institute

[jobs]

Tribal Youth Intern/Oral Historian
The Great Basin Institute
Joshua Tree National Park

In cooperation with the National Park Service Joshua Tree
National Park (JOTR), the Great Basin Institute is recruiting a Tribal Youth
Intern. Joshua Tree National Park has identified a need to provide multiple
voices into its management and visitor programs. This project is intended to
integrate multiple disciplines and park themes such as Native American
traditional culture, homesteading, natural resource, and popular culture, by
combining the stories associated with the individual museum objects from both
a global and personal perspective. The Tribal Youth Intern will work closely
with park professional in the development of research content for park staff
in developing public programs utilizing information tribal members feel the
public should know about their cultural history, and expand the park's ability
to share an accurate enriched narrative. Orientation and safety trainings will
be presented throughout the year.

  
Duties:

The Research Associate, in collaboration with Joshua Tree National Park staff,
will be involved in all aspects of researching, developing, and presenting
educational materials for visitor education programs focusing on the following
duties:

o Conduct original ethnographic research using archives and conducting oral
history interviews with tribal elders and traditional practitioners in the
field;

o Work with park museum curator and interpretive staff to develop interpretive
content based on the research;

o Work with interpretive staff to develop and present public programs based on
NPS interpretive standards and methods;

o Collaborate with park museum curator and interpretive staff to design web
page content for the park's web page and social media outlets; and

o Assist with other interpretive and museum projects (oral history, visitor
services, and topical research).

  
Compensation:

o $18.50/hour

  
Timeline:

o 6 month position beginning as soon as the right candidate is identified.
Start date determined once federal background check is
complete. Possibility of extension
pending positive performance review and funding availability.

o Part time, 10-30 hours per week, including some weekends and evenings

  
Location:

Joshua Tree National Park encompasses nearly 800,000 acres in southern
California. Joshua Tree National Park is of special management concern, lying
in the transition of the Mojave Desert and the Colorado Desert. Field
conditions include hot, arid days with high exposure to the sun, as well as
cold, winter weather. Resources of the region include threatened and/or
endangered species habitat, big game habitats, abandoned mine lands, and
historic and prehistoric cultural sites.

  
Qualifications:

o Master's degree or PhD in anthropology, history, Native American studies,
Indigenous studies, or related discipline;

o Or currently enrolled is a similar program;

o Previous experience conducting oral histories, desired;

o Experience working with or in Native American communities;

o Basic skills/knowledge of the processes required for gathering oral history;

o Strong research skills, particularly from primary resources;

o Demonstrated ability to communicate effectively, both written and orally,
with a diverse audience;

o Enthusiasm to teach about Native American cultural sensitivity and topics;

o Experience with interpretation, visitor services, and presenting programs to
the public;

o Familiarity with web page design and social media outlets, preferred;

o Possess good organization skills with the ability to balance concurrent
tasks;

o Ability to operate basic computer equipment, including scanners, and
Microsoft Office programs, including Access;

o Flexibility and capability to meet the demands of rapidly changing plans and
schedules; and

o Possess a valid, state-issued driver's license and clean driving record with
experience safely operating 4WD trucks on and off paved roads, including
narrow and steep forest roads, and conducting routine vehicle maintenance.

o Successful applicant(s) must complete a Department of Interior (DOI)
Background Investigation (BI) or submit paperwork to BLM human resources
indicating an active and fully adjudicated BI has already been completed prior
to beginning position.

  
Local candidates or tribe members with established tribal connections will be
strongly considered.

  
How to Apply:

Please follow this link to apply directly through our online portal: http://cr
careers.thegreatbasininstitute.org/careers/careers.aspx?rf=CODE=2016-RAP-0
46

  
We conform to all the laws, statutes, and regulations concerning equal
employment opportunities and affirmative action. We strongly encourage women,
minorities, individuals with disabilities and veterans to apply to all of our
job openings. We are an equal opportunity employer and all qualified
applicants will receive consideration for employment without regard to race,
color, 

[CODE4LIB] The METRO Fellowship

[Nate Hill]

Hi all,

We've gathered a pretty interesting list of projects and problems
 from our membership here at METRO,
and now we are looking for the individual fellows who will spend 9 months
working with us here.

I hope some of you will consider applying. Now is the time to jump in.
We'll be offering three $50,000 stipends.

Come play with us here in NYC!

-- 
Nate Hill

Re: [CODE4LIB] Structured Data Markup on library web sites

[Brian Kennison]

On Mar 31, 2016, at 9:39 AM, Brian Kennison 
> wrote:

I was perplexed by this also but I realized that there was “content 
negotiation” going on. I set the header to accept rdf and indeed there is data 
for this document.


Everyone,

I must apologize for being such a dumb-ass.

I just switch to the terminal session that I was using this morning and decided 
to look at that file one more time. There is no rdf available for this resource 
< http://bmcr.brynmawr.edu/2016/2016-03-30.html >  and no content negotiation 
is happening. The rdf that I saw  is being generated by the OpenLink Data 
Explorer extension.

I did not understand what this extension did. I thought that it only pulled 
data that was in the page (which it does do) but it will also generate rdf even 
when there is no rdf in the page. 

 .  The wget that I used was mistakenly using  a url of this generated page 
which I grabbed out of the browser.

I apologize for the confusion.

—Brian

Re: [CODE4LIB] Notifications for short term loans

[R. C. Miessler]

We're a III shop, but we run a PHP script that queries the database server for 
hourly items coming up due, and then sends the results to the Twilio service 
which handles the text message processing.

https://github.com/rmiessle/sierra-sms

It's not a particularly elegant solution, but it works for us.

R.C. Miessler | Systems Librarian
Gettysburg College | Musselman Library
300 North Washington Street | Gettysburg, PA 17325
717-337-7020 | www.gettysburg.edu

-Original Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Emily 
Lynema
Sent: Thursday, March 31, 2016 2:30 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: [CODE4LIB] Notifications for short term loans

We are a SirsiDynix Symphony library that loans a lot of equipment on short 
terms loans (usually 4 hours). We charge relatively a relatively high overdue 
fee each hour the item is late in order to encourage students to return high 
dollar equipment like MacBook Pros. However, the notification functionality in 
Symphony is not good at sending users timely notices that an item is coming due 
so that they can renew it before being charged a fee.
Generally users get a notice within the first hour after checkout providing the 
due date/time and an overdue the following morning if they haven't returned it.

We're wondering if anyone has developed a creative solution to this problem of 
timely notifications. We'd be interested in solutions that alerted a user to an 
upcoming due date, say maybe 15 - 30 minutes in advance, whether it be email, 
text message, or an app-based mobile notification. We've looked a bit at vendor 
provided mobile applications, but haven't found much yet in this area.

Let me know if you've developed a creative solution in-house or found a vendor 
that provides a relevant service. We could do this from scratch, but would love 
to build off some prior work or take advantage of other elegant solutions.

thanks!

--
Emily Lynema
Associate Department Head
Information Technology, NCSU Libraries
919-513-8031
emily_lyn...@ncsu.edu

[CODE4LIB] Notifications for short term loans

[Emily Lynema]

We are a SirsiDynix Symphony library that loans a lot of equipment on short
terms loans (usually 4 hours). We charge relatively a relatively high
overdue fee each hour the item is late in order to encourage students to
return high dollar equipment like MacBook Pros. However, the notification
functionality in Symphony is not good at sending users timely notices that
an item is coming due so that they can renew it before being charged a fee.
Generally users get a notice within the first hour after checkout providing
the due date/time and an overdue the following morning if they haven't
returned it.

We're wondering if anyone has developed a creative solution to this problem
of timely notifications. We'd be interested in solutions that alerted a
user to an upcoming due date, say maybe 15 - 30 minutes in advance, whether
it be email, text message, or an app-based mobile notification. We've
looked a bit at vendor provided mobile applications, but haven't found much
yet in this area.

Let me know if you've developed a creative solution in-house or found a
vendor that provides a relevant service. We could do this from scratch, but
would love to build off some prior work or take advantage of other elegant
solutions.

thanks!

-- 
Emily Lynema
Associate Department Head
Information Technology, NCSU Libraries
919-513-8031
emily_lyn...@ncsu.edu

[CODE4LIB] GS-11 Librarian (Cataloger) position open at Library of Congress for American Archive of Public Broadcasting

[Leigh, Andrea]

Librarian (Cataloger)
GS-1410-11
Indefinite, not to exceed 2 Years
Closes 4/14/2016
Vacancy Announcement #150263

THIS IS NOT THE SAME AS VACANCY ANNOUNCEMENT #150283: 
https://www.usajobs.gov/GetJob/ViewDetails/432347800/ (CLOSING DATE 3/31/2016). 
YOU MUST APPLY FOR BOTH POSITIONS SEPARATELY IF YOU WOULD LIKE TO BE CONSIDERED 
FOR BOTH POSITIONS.

The Library of Congress is seeking a qualified Librarian (Cataloger) for the 
American Archive of Public Broadcasting National Educational Television 
Collection Catalog project. The position is indefinite, not to exceed two years 
and located at the The Packard Campus of the National Audio-Visual Conservation 
Center (NAVCC) in Culpeper, Virginia. For more details about the position and 
how to apply: https://www.usajobs.gov/GetJob/ViewDetails/434460300/

Information about the American Archive of Public Broadcasting:
http://americanarchive.org/

Information about the National Educational Television Collection:
http://americanarchive.org/about-the-american-archive/projects/net-catalog

Library of Congress Packard Campus for Audio Visual Conservation:
http://www.loc.gov/avconservation/packard/


Andrea Leigh
Moving Image Processing Unit Head
National Audio Visual Conservation Center |  Packard Campus
19053 Mt. Pony Rd.  |  Culpeper, VA 22701
o: 202/707-0852 |  e: a...@loc.gov
http://www.loc.gov/avconservation/packard/

Ideas & opinions in this email are not intended to represent those of the 
Library of Congress or its staff.
[cid:image001.png@01D18B50.2C41CF50]

[cid:image002.png@01D18B50.2C41CF50]

[CODE4LIB] Yes, You Can Video: a LITA repeat webinar

[Ken Varnum]

Yes, You Can Video! Repeat! 

Don’t miss this repeat of the highly popular how-to guide for creating
high-impact instructional videos without tearing your hair out.

Tuesday April 12, 2016
1:00 pm – 2:30 pm Central Time
Register now for this webinar


This LITA Webinar promises a fun time learning how to create instructional
videos.

Have you ever wanted to create an engaging and educational instructional
video, but felt like you didn’t have the time, ability, or technology? Are
you perplexed by all the moving parts that go into creating an effective
tutorial? In this session, Anne Burke and Andreas Orphanides will help
to demystify the process, breaking it down into easy-to-follow steps, and
provide a variety of technical approaches suited to a range of skill sets.
They will cover choosing and scoping your topic, scripting and
storyboarding, producing the video, and getting it online. They will
also address common pitfalls at each stage.

Join

Anne Burke, Undergraduate Instruction & Outreach Librarian, North Carolina
State University Libraries
and
Andreas Orphanides, Librarian for Digital Technologies and Learning, North
Carolina State University Libraries

Then register for the webinar


Full details 

Can’t make the date but still want to join in? Registered participants will
have access to the recorded webinar.

Cost:

   - LITA Member: $45
   - Non-Member: $105
   - Group: $196

Registration Information

Register Online page arranged by session date (login required)


OR
Mail or fax form to ALA Registration

OR
Call 1-800-545-2433 and press 5
OR
email registrat...@ala.org

Questions or Comments?

For all other questions or comments related to the course, contact
LITA at (312)
280-4269 or Mark Beatty, mbea...@ala.org.


--
Ken Varnum
Senior Program Manager for Discovery, Delivery, and Learning Analytics
Library Information Technology | University of Michigan Library
var...@umich.edu | @varnum | 734-615-3287
http://www.lib.umich.edu/users/varnum

Re: [CODE4LIB] Internet of Things

[Joshua Hogan]

The Internet of Shit, which I did not previously know about, may be my new 
favorite thing on the Internet.

Josh Hogan
Metadata & Digital Resources Librarian
Atlanta University Center Robert W. Woodruff Library
111 James P. Brawley Drive, SW
Atlanta, GA  30314
404-978-2057 (v)
http://www.auctr.edu
jho...@auctr.edu



We will always provide service that exceeds the customer’s expectation… Because 
we care!

-Original Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Lisa 
Rabey
Sent: Thursday, March 31, 2016 10:04 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Internet of Things

a. Thank you everyone for your input! I asked this question out of curiosity, 
not for a project / paper / research area (yet). All the responses have been 
brilliant.
b. #notalllibrarians
c. I've been made privy the security issues are so big you can drive a Mac 
truck through them, but I'm ignoring them at the moment to see what people are 
doing with the tech.
c. Andreas, if you haven't seen this before, I think you may enjoy Internet of 
Shit https://twitter.com/internetofshit

"Obviously the best thing to do is put a chip in it."

_lisa


On Thu, Mar 31, 2016 at 9:40 AM, Andreas Orphanides 
wrote:

> I'm not a technofuturist of any sort, so maybe I'm the wrong person to
> be commenting on IoT (or maybe I'm exactly the right person)... but
> stuff in IoT land is going to get utterly horrible before it gets
> good. I'd argue that it might already be horrible, but it just doesn't
> have the penetration to be fully recognized.
>
> Object lessons:
>
>- Your Jeep can be hacked so that someone can remotely disable the
>brakes, thanks to crappy wifi. [1]
>- Your smart refrigerator leaks your gmail credentials. [2]
>- Your lightbulbs expose you to drive-by packet sniffing. [3]
>- Your internet-enabled wine decanter requires you to use
>vendor-provided wine bottle cartridges [4]
>
> There's a number of overlapping problems here
>
>- the "Compuserve of Things" issue [5], where every eager vendor is
>going to try to lock users out of competitors' products [6]
>- the expansion of this problem, which is that corporations will be
>tempted to use the power of embedded computing to maximize profit [7]
>- a more general "Internet of Sh*t" problem [8], where the security
>ramifications of network-enabling devices is not fully realized and
> exposes
>users to all kinds of horrors. (As someone aptly put it: open
> network ports
>are like mucous membranes -- important for certain functions, but
> you don't
>want more of them exposed than necessary.)
>
> Now all of these problems can be solved, but I am not convinced that
> they will, unless and until things get particularly nasty:
> specifically, the commercial enterprises doing IoT stuff don't have a
> motive to make things better until it starts actually costing them money.
>
> What can libraries do about this? I don't know. Pushing for open
> standards helps. Implementing open standards helps. Practicing good
> security in IoT certainly helps. I do think that "Just because you
> can, it doesn't mean you should" is not a bad starting point,
> especially if we model stepping through the right risk analyses and
> security practices as we develop IoT in libraries.
>
> For now, I prefer to stick with Adama's Law: "If it can kill you,
> don't connect it to the network."
>
>
> [1] http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
> [2]
> http://www.theregister.co.uk/2015/08/24/smart_fridge_security_fubar/
> [3]
>
> http://arstechnica.com/security/2014/07/crypto-weakness-in-smart-led-l
> ightbulbs-exposes-wi-fi-passwords/
> [4]
>
> http://www.independent.co.uk/life-style/gadgets-and-tech/news/kuvee-sm
> art-wine-bottle-screen-internet-indiegogo-a6958751.html
> [5]
> http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml
> [6]
> http://www.digitaltrends.com/home/philips-hue-bridge-firmware-update/
> [7] http://ieet.org/index.php/IEET/more/rinesi20150925
> [8] https://twitter.com/internetofshit?lang=en
>
> On Thu, Mar 31, 2016 at 8:29 AM, Andrew Anderson  wrote:
>
> > For those who were not previously aware of IoT, here’s a primer
> > focused specifically on the library space:
> >
> >
> >
> https://www.oclc.org/publications/nextspace/articles/issue24/libraries
> andtheinternetofthings.en.html
> >
> > IMHO this is still a very young concept, and not even fully imagined
> > yet, so there is no reason to feel like you’ve missed the boat, when
> > the ship hasn’t even reached the dock yet.
> >
> > --
> > Andrew Anderson, President & CEO, Library and Information Resources
> > Network, Inc.
> > http://www.lirn.net/ | http://www.twitter.com/LIRNnotes |
> > http://www.facebook.com/LIRNnotes
> >
> > On Mar 30, 2016, at 22:16, Lesli M  wrote:
> >
> > > I feel compelled to pipe up about the comment "Very sad that a
> 

[CODE4LIB] Job: Web Developer (12885) at American University

[jobs]

Web Developer (12885)
American University
Washington, D.C.

American University Library invites applications for a Web
Developer.

  
Responsibilities:

The Web Developer ensures that the Library's website is responsive and
accessible, and is responsible for the Library's website strategy,
architecture, and the user experience. The incumbent will design, develop,
customize, and integrate web applications for the Library
website. This position develops applications to optimize
discoverability of third party research content, as well as systematic
processes for website usability testing. The incumbent
works closely with campus partners and stakeholders to ensure that the design,
delivery, and operation of web services are optimal and in support of the
needs of American University Library

  
Requirements:

Bachelor's degree in Information Systems, Human-Computer Interaction, or
related field, or the equivalent in education, training, and
experience.

  
• Five years' experience of progressively responsible experience including
building or designing solutions for web based technology, working with cross
functional teams, participating in project development, and leading
progressively complex projects

• Knowledge of current web innovations, technologies and best practices in web
design, and web application security concepts, and web services with HTML, CSS
JavaScript, and server side languages

• Two years' experience utilizing latest web standards and design practices,
including HTML5, CSS3, responsive design, and JavaScript libraries (e.g., SQL,
jQuery)

• Experience developing user-centered applications integrating RESTful
API's

• Experience with project lifecycles, source code management, and code
reviews

• Knowledge of current best practices in user experience and usability,
accessibility, and Section 508 compliance

• Experience with databases, preferably Oracle and MS SQL Server or similar

• Experience with usability testing

• Must possess excellent written and oral communications skills

• Ability to demonstrate past success working with multiple stakeholders in
ways that were both inclusive and data-
driven

  
Position available:

Review of applications will begin immediately and continue until the position
is filled.

  
Additional information:

Applicants should view the University's outstanding benefits package on our
web site at http://www.american.edu/hr/.

  
The Library website has become the primary service point for students and
researchers, and will only increase in importance as both users and resources
are increasingly online. A candidate who is committed to
the user experience, takes initiative to collect data and innovate, and
ultimately finds the best solutions for Library users as they carry out their
research will succeed in this role.

  
Hiring offers for this position are contingent on the successful completion of
a background check.

  
To apply, log in to the AU careers website
(https://jobs.american.edu/JobPosting.aspx?JPID=5460) to complete the online
application and upload your cover letter and
resume.

  
American University is an equal opportunity, affirmative action institution
that operates in compliance with applicable laws and regulations. The
university does not discriminate on the basis of race, color, national origin,
religion, sex (including pregnancy), age, sexual orientation, disability,
marital status, personal appearance, gender identity and expression, family
responsibilities, political affiliation, source of income, veteran status, an
individual's genetic information or any other bases under federal or local
laws (collectively "Protected Bases") in its programs and activities.



Brought to you by code4lib jobs: http://jobs.code4lib.org/job/25181/
To post a new job please visit http://jobs.code4lib.org/

Re: [CODE4LIB] Encrypting Data Archives

[Matt Schultz]

Cornel,

All good thoughts and questions. Your response encouraged me to Google a
little bit further beyond my baseline plan to just back up my secret key
via my local Time Machine routine.

Your mention of keeping a physical copy led me to Paperkey:

http://jpadilla.com/post/100355231982/backup-openpgp-keys-on-paper

I¹d be curious to know if others have had good success with that tool or
recommend others? Seems fairly straight-forward. Not sure how deep its
dependencies go or how well maintained it is, but it was easy to install
with homebrew and it appears that there are some developers working on
other implementations within GitHub. I¹ll play with it more later.

As to the institutional complexities - yes your questions are spot on.
Less flexibility and more risk when it comes to managing the keys.

Thanks,
‹ 
Matt Schultz
Metadata & Digital Curation Librarian

Grand Valley State University Libraries

schul...@gvsu.edu

616-331-5072









On 3/31/16, 11:59 AM, "Code for Libraries on behalf of Cornel Darden Jr."
 wrote:

>Hello,
>
>Keeping track of keys has been a pain in the past for me. I still believe
>it's the best method. Now that I'm much more focused and organized it
>hasn't been a problem. But having a physical copy of the key tucked away
>will be helpful to me in the future. As far as institutional data, i can
>see some areas of concern. Who's keeping track of the keys? And is that
>info passed along with employment changes?
>
>Thanks,
>
>Cornel Darden Jr. 
>Chief Information Officer
>Casanova Information Services, LLC
>Office Phone: (779) 205-3105
>Mobile Phone: (708) 705-2945
>
>Sent from my iPhone
>
>> On Mar 31, 2016, at 10:29 AM, Matt Schultz  wrote:
>> 
>> Hello,
>> 
>> I¹m writing to the list on a somewhat personal note. But I think any
>>responses to my question might also shed insights on future workflows in
>>my workaday world.
>> 
>> I have a personal use case wherein I would like to store some encrypted
>>directories of data (at rest) on external hard drives. The idea being to
>>keep a full copy of some of my own personal data at an offsite location
>>in a secure format.
>> 
>> I didn¹t have the intermediate storage resources to image the full
>>backups that the target directories reside on - and there was too much
>>other file system overhead that was extraneous in any event. So, my
>>initial approach has been to make use of GPGTools and a pair of RSA keys
>>to encrypt tarballs of each of the desired directories. I¹ve
>>successfully serialized, encrypted and passphrase decrypted the
>>directories. I¹m using BagIt to validate on both sides and all is well
>>there. Everything appears to be working just fine for me. Larger
>>directories do take some time naturally ­ RSA is a less efficient
>>algorithm as I understand it. That aside, I feel reasonably confident
>>that I can manage and migrate my keys going forward. I¹m also
>>maintaining a duplicate non­encrypted backup of all of this data at home
>>as well in any event.
>> 
>> My question is whether there are any limitations to use of RSA and the
>>approach I am taking to encrypting the contents in this serialized form?
>>Would anybody go about this in a different manner? Perhaps with
>>different tools? I¹m out in front of the loss scenario in this case, so
>>I have the time/luxury to make some changes to how I am going about this
>>if I get some good advice.
>> 
>> And then to the degree that the librarians, archivists, or records
>>managers on this list want to weigh-in, are there any emerging best
>>practices or compelling use cases you have encountered for encrypting
>>archives of your institutional data. If so, how did you weigh or
>>mitigate the benefits (privacy/security) against the risks (e.g,
>>mis-placing keys). I¹m very interested in what the Records in the Cloud
>>Project is producing: http://www.recordsinthecloud.org/.
>> 
>> Thanks,
>> ‹
>> Matt Schultz
>> Metadata & Digital Curation Librarian
>> Grand Valley State University Libraries
>> schul...@gvsu.edu
>> 616-331-5072

Re: [CODE4LIB] Internet of Things

[Cary Gordon]

Dre++

OMG, I am so disconnecting my Aibo from the internet.

I love the Compuserve of things… 
http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml

Cary


> On Mar 31, 2016, at 6:40 AM, Andreas Orphanides  wrote:
> 
> I'm not a technofuturist of any sort, so maybe I'm the wrong person to be
> commenting on IoT (or maybe I'm exactly the right person)... but stuff in
> IoT land is going to get utterly horrible before it gets good. I'd argue
> that it might already be horrible, but it just doesn't have the penetration
> to be fully recognized.
> 
> Object lessons:
> 
>   - Your Jeep can be hacked so that someone can remotely disable the
>   brakes, thanks to crappy wifi. [1]
>   - Your smart refrigerator leaks your gmail credentials. [2]
>   - Your lightbulbs expose you to drive-by packet sniffing. [3]
>   - Your internet-enabled wine decanter requires you to use
>   vendor-provided wine bottle cartridges [4]
> 
> There's a number of overlapping problems here
> 
>   - the "Compuserve of Things" issue [5], where every eager vendor is
>   going to try to lock users out of competitors' products [6]
>   - the expansion of this problem, which is that corporations will be
>   tempted to use the power of embedded computing to maximize profit [7]
>   - a more general "Internet of Sh*t" problem [8], where the security
>   ramifications of network-enabling devices is not fully realized and exposes
>   users to all kinds of horrors. (As someone aptly put it: open network ports
>   are like mucous membranes -- important for certain functions, but you don't
>   want more of them exposed than necessary.)
> 
> Now all of these problems can be solved, but I am not convinced that they
> will, unless and until things get particularly nasty: specifically, the
> commercial enterprises doing IoT stuff don't have a motive to make things
> better until it starts actually costing them money.
> 
> What can libraries do about this? I don't know. Pushing for open standards
> helps. Implementing open standards helps. Practicing good security in IoT
> certainly helps. I do think that "Just because you can, it doesn't mean you
> should" is not a bad starting point, especially if we model stepping
> through the right risk analyses and security practices as we develop IoT in
> libraries.
> 
> For now, I prefer to stick with Adama's Law: "If it can kill you, don't
> connect it to the network."
> 
> 
> [1] http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
> [2] http://www.theregister.co.uk/2015/08/24/smart_fridge_security_fubar/
> [3]
> http://arstechnica.com/security/2014/07/crypto-weakness-in-smart-led-lightbulbs-exposes-wi-fi-passwords/
> [4]
> http://www.independent.co.uk/life-style/gadgets-and-tech/news/kuvee-smart-wine-bottle-screen-internet-indiegogo-a6958751.html
> [5] http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml
> [6] http://www.digitaltrends.com/home/philips-hue-bridge-firmware-update/
> [7] http://ieet.org/index.php/IEET/more/rinesi20150925
> [8] https://twitter.com/internetofshit?lang=en
> 
> On Thu, Mar 31, 2016 at 8:29 AM, Andrew Anderson  wrote:
> 
>> For those who were not previously aware of IoT, here’s a primer focused
>> specifically on the library space:
>> 
>> 
>> https://www.oclc.org/publications/nextspace/articles/issue24/librariesandtheinternetofthings.en.html
>> 
>> IMHO this is still a very young concept, and not even fully imagined yet,
>> so there is no reason to feel like you’ve missed the boat, when the ship
>> hasn’t even reached the dock yet.
>> 
>> --
>> Andrew Anderson, President & CEO, Library and Information Resources
>> Network, Inc.
>> http://www.lirn.net/ | http://www.twitter.com/LIRNnotes |
>> http://www.facebook.com/LIRNnotes
>> 
>> On Mar 30, 2016, at 22:16, Lesli M  wrote:
>> 
>>> I feel compelled to pipe up about the comment "Very sad that a librarian
>> didn't know what it was."
>>> 
>>> Librarians come in all flavors and varieties. Until I worked in a
>> medical library, I had no idea what a systematic review was. I had no idea
>> there was a variety of librarian called "clinical librarian."
>>> 
>>> Do you know the hot new interest for law libraries? Medical libraries?
>> Science libraries?
>>> 
>>> The IoT is a specific area of interest. Just like every other special
>> interest out there.
>>> 
>>> Is it really justified to expect all librarians of all flavors and
>> varieties to know this very tech-ish thing called IoT?
>>> 
>>> Lesli
>> 

Re: [CODE4LIB] Encrypting Data Archives

[Cornel Darden Jr.]

Hello,

Keeping track of keys has been a pain in the past for me. I still believe it's 
the best method. Now that I'm much more focused and organized it hasn't been a 
problem. But having a physical copy of the key tucked away will be helpful to 
me in the future. As far as institutional data, i can see some areas of 
concern. Who's keeping track of the keys? And is that info passed along with 
employment changes? 

Thanks,

Cornel Darden Jr. 
Chief Information Officer
Casanova Information Services, LLC 
Office Phone: (779) 205-3105
Mobile Phone: (708) 705-2945

Sent from my iPhone

> On Mar 31, 2016, at 10:29 AM, Matt Schultz  wrote:
> 
> Hello,
> 
> I’m writing to the list on a somewhat personal note. But I think any 
> responses to my question might also shed insights on future workflows in my 
> workaday world.
> 
> I have a personal use case wherein I would like to store some encrypted 
> directories of data (at rest) on external hard drives. The idea being to keep 
> a full copy of some of my own personal data at an offsite location in a 
> secure format.
> 
> I didn’t have the intermediate storage resources to image the full backups 
> that the target directories reside on - and there was too much other file 
> system overhead that was extraneous in any event. So, my initial approach has 
> been to make use of GPGTools and a pair of RSA keys to encrypt tarballs of 
> each of the desired directories. I’ve successfully serialized, encrypted and 
> passphrase decrypted the directories. I’m using BagIt to validate on both 
> sides and all is well there. Everything appears to be working just fine for 
> me. Larger directories do take some time naturally – RSA is a less efficient 
> algorithm as I understand it. That aside, I feel reasonably confident that I 
> can manage and migrate my keys going forward. I’m also maintaining a 
> duplicate non–encrypted backup of all of this data at home as well in any 
> event.
> 
> My question is whether there are any limitations to use of RSA and the 
> approach I am taking to encrypting the contents in this serialized form? 
> Would anybody go about this in a different manner? Perhaps with different 
> tools? I’m out in front of the loss scenario in this case, so I have the 
> time/luxury to make some changes to how I am going about this if I get some 
> good advice.
> 
> And then to the degree that the librarians, archivists, or records managers 
> on this list want to weigh-in, are there any emerging best practices or 
> compelling use cases you have encountered for encrypting archives of your 
> institutional data. If so, how did you weigh or mitigate the benefits 
> (privacy/security) against the risks (e.g, mis-placing keys). I’m very 
> interested in what the Records in the Cloud Project is producing: 
> http://www.recordsinthecloud.org/.
> 
> Thanks,
> —
> Matt Schultz
> Metadata & Digital Curation Librarian
> Grand Valley State University Libraries
> schul...@gvsu.edu
> 616-331-5072

[CODE4LIB] Encrypting Data Archives

[Matt Schultz]

Hello,

I’m writing to the list on a somewhat personal note. But I think any responses 
to my question might also shed insights on future workflows in my workaday 
world.

I have a personal use case wherein I would like to store some encrypted 
directories of data (at rest) on external hard drives. The idea being to keep a 
full copy of some of my own personal data at an offsite location in a secure 
format.

I didn’t have the intermediate storage resources to image the full backups that 
the target directories reside on - and there was too much other file system 
overhead that was extraneous in any event. So, my initial approach has been to 
make use of GPGTools and a pair of RSA keys to encrypt tarballs of each of the 
desired directories. I’ve successfully serialized, encrypted and passphrase 
decrypted the directories. I’m using BagIt to validate on both sides and all is 
well there. Everything appears to be working just fine for me. Larger 
directories do take some time naturally – RSA is a less efficient algorithm as 
I understand it. That aside, I feel reasonably confident that I can manage and 
migrate my keys going forward. I’m also maintaining a duplicate non–encrypted 
backup of all of this data at home as well in any event.

My question is whether there are any limitations to use of RSA and the approach 
I am taking to encrypting the contents in this serialized form? Would anybody 
go about this in a different manner? Perhaps with different tools? I’m out in 
front of the loss scenario in this case, so I have the time/luxury to make some 
changes to how I am going about this if I get some good advice.

And then to the degree that the librarians, archivists, or records managers on 
this list want to weigh-in, are there any emerging best practices or compelling 
use cases you have encountered for encrypting archives of your institutional 
data. If so, how did you weigh or mitigate the benefits (privacy/security) 
against the risks (e.g, mis-placing keys). I’m very interested in what the 
Records in the Cloud Project is producing: http://www.recordsinthecloud.org/.

Thanks,
—
Matt Schultz
Metadata & Digital Curation Librarian
Grand Valley State University Libraries
schul...@gvsu.edu
616-331-5072

Re: [CODE4LIB] Structured Data Markup on library web sites

[Richard Wallis]

BTW the OpenLink Structured Data Sniffer (OSDS) 
is a great little browser plugin to see what structured data is lurking in
the html.

I believe that it supersedes the OpenLink Data Explorer Extension.

~Richard

On 31 March 2016 at 16:15, Brian Kennison  wrote:

>
> On Mar 31, 2016, at 10:24 AM, Kevin Ford > wrote:
>
> p.s.  Curl command I used:
>
>  curl -L -H 'Application/rdf+xml'
> http://bmcr.brynmawr.edu/2014/2014-02-18.html | grep schema
>
> I tried a few variations, such as removing the .html from the end of the
> URL etc.  Nada.
>
>
> Kevin,
>
> I can’t make the curl work either (I’ll have to investigate this further)
> but I do get it when I use wget. I also have the OpenLink Data Explorer
> Extension  installed (like Karen) and it also
> downloads the rdf.
>
> The caveat here seems to be what Richard said that the search engines are
> not doing content negotiation.
>
> —Brian
>
>

Re: [CODE4LIB] Structured Data Markup on library web sites

[Brian Kennison]

I’m sorry I should have attached the pdf. 

Re: [CODE4LIB] Structured Data Markup on library web sites

[Brian Kennison]

On Mar 31, 2016, at 10:24 AM, Kevin Ford 
> wrote:

p.s.  Curl command I used:

 curl -L -H 'Application/rdf+xml'
http://bmcr.brynmawr.edu/2014/2014-02-18.html | grep schema

I tried a few variations, such as removing the .html from the end of the
URL etc.  Nada.


Kevin,

I can’t make the curl work either (I’ll have to investigate this further)  but 
I do get it when I use wget. I also have the OpenLink Data Explorer Extension 
 installed (like Karen) and it also downloads the 
rdf.

The caveat here seems to be what Richard said that the search engines are not 
doing content negotiation.

—Brian

Re: [CODE4LIB] Structured Data Markup on library web sites

[Dan Scott]

As the person who created the patches for Bryn Mawr (Perl and Tcl and
SGML--oh my!) back in 2014, their publication process generates static
HTML. Any new pages should include RDFa (schema.org), but the legacy pages
would have needed to be regenerated.

It was fun working with Karen Coyle and Camilla MacKay on figuring out what
schema.org we could deploy to enrich what was largely a set of static
strings... albeit in some instances nicely marked up with SGML elements.

I believe Bryn Mawr was hoping to move to a brand new modern publishing
platform that will incorporate much richer linked open data starting from
the authoring side, so perhaps they chose not to go back and regenerate the
older pages. There were some variations in the SGML and publishing process
over time that I tried to accommodate, but they might have decided it
wasn't worth the risk of republishing (or the time to revalidate all of the
output) in the interim.

On Thu, 31 Mar 2016 at 10:43 Richard Wallis 
wrote:

> As a FYI, as far as I am aware the search engines do not access pages using
> content negotiation (e.g.. asking for Application/rdf+xml) when looking for
> structured data such as schema.org in their crawl process.
>
> They expect to find it embedded in the HTML as Microdata, RDFa, or
> increasingly JSON-LD in a script tag.
>
> ~Richard
>
>
> On 31 March 2016 at 15:24, Kevin Ford  wrote:
>
> > Hi Brian,
> >
> > I've tried the wget command and curl and in both cases I just get the
> HTML
> > version of the document.  I don't think any meaningful content
> negotiation
> > is happening.  It's probably as Karen suspected: they didn't return and
> > embed schema in older reviews.  Are you getting something else?
> >
> > I think the tool Karen is using takes the URL as the identifier (logical)
> > and converts the ' > (which seems fair).  That's how the tools comes up with the little bit it
> > does for this item.
> >
> > Yours,
> > Kevin
> >
> > p.s.  Curl command I used:
> >
> >  curl -L -H 'Application/rdf+xml'
> > http://bmcr.brynmawr.edu/2014/2014-02-18.html | grep schema
> >
> > I tried a few variations, such as removing the .html from the end of the
> > URL etc.  Nada.
> >
> >
> >
> >
> > On 03/31/2016 08:39 AM, Brian Kennison wrote:
> >
> >>
> >> On Mar 29, 2016, at 12:46 PM, Kevin Ford > k...@3windmills.com>> wrote:
> >>
> >> FWIW, I'm looking at the HTML itself.  You may be using a tool that is
> >> generating a little but of schema.  Is that accurate?
> >>
> >> Kevin,
> >>
> >> I was perplexed by this also but I realized that there was “content
> >> negotiation” going on. I set the header to accept rdf and indeed there
> is
> >> data for this document.
> >>
> >> —Brian
> >>
> >> wget --header "Accept: application/rdf+xml"
> >> http://bmcr.brynmawr.edu/2014/2014-02-18.html
> >>
> >>
>

Re: [CODE4LIB] Structured Data Markup on library web sites

[Richard Wallis]

As a FYI, as far as I am aware the search engines do not access pages using
content negotiation (e.g.. asking for Application/rdf+xml) when looking for
structured data such as schema.org in their crawl process.

They expect to find it embedded in the HTML as Microdata, RDFa, or
increasingly JSON-LD in a script tag.

~Richard


On 31 March 2016 at 15:24, Kevin Ford  wrote:

> Hi Brian,
>
> I've tried the wget command and curl and in both cases I just get the HTML
> version of the document.  I don't think any meaningful content negotiation
> is happening.  It's probably as Karen suspected: they didn't return and
> embed schema in older reviews.  Are you getting something else?
>
> I think the tool Karen is using takes the URL as the identifier (logical)
> and converts the ' (which seems fair).  That's how the tools comes up with the little bit it
> does for this item.
>
> Yours,
> Kevin
>
> p.s.  Curl command I used:
>
>  curl -L -H 'Application/rdf+xml'
> http://bmcr.brynmawr.edu/2014/2014-02-18.html | grep schema
>
> I tried a few variations, such as removing the .html from the end of the
> URL etc.  Nada.
>
>
>
>
> On 03/31/2016 08:39 AM, Brian Kennison wrote:
>
>>
>> On Mar 29, 2016, at 12:46 PM, Kevin Ford  k...@3windmills.com>> wrote:
>>
>> FWIW, I'm looking at the HTML itself.  You may be using a tool that is
>> generating a little but of schema.  Is that accurate?
>>
>> Kevin,
>>
>> I was perplexed by this also but I realized that there was “content
>> negotiation” going on. I set the header to accept rdf and indeed there is
>> data for this document.
>>
>> —Brian
>>
>> wget --header "Accept: application/rdf+xml"
>> http://bmcr.brynmawr.edu/2014/2014-02-18.html
>>
>>

Re: [CODE4LIB] Structured Data Markup on library web sites

[Kevin Ford]

Hi Brian,

I've tried the wget command and curl and in both cases I just get the 
HTML version of the document.  I don't think any meaningful content 
negotiation is happening.  It's probably as Karen suspected: they didn't 
return and embed schema in older reviews.  Are you getting something else?


I think the tool Karen is using takes the URL as the identifier 
(logical) and converts the 'schema:description (which seems fair).  That's how the tools comes up 
with the little bit it does for this item.


Yours,
Kevin

p.s.  Curl command I used:

 curl -L -H 'Application/rdf+xml' 
http://bmcr.brynmawr.edu/2014/2014-02-18.html | grep schema


I tried a few variations, such as removing the .html from the end of the 
URL etc.  Nada.




On 03/31/2016 08:39 AM, Brian Kennison wrote:


On Mar 29, 2016, at 12:46 PM, Kevin Ford 
> wrote:

FWIW, I'm looking at the HTML itself.  You may be using a tool that is
generating a little but of schema.  Is that accurate?

Kevin,

I was perplexed by this also but I realized that there was “content 
negotiation” going on. I set the header to accept rdf and indeed there is data 
for this document.

—Brian

wget --header "Accept: application/rdf+xml" 
http://bmcr.brynmawr.edu/2014/2014-02-18.html

Re: [CODE4LIB] Internet of Things

[Kim Ewart]

I think that librarians are uniquely security minded and focused on
protecting the privacy of users (patrons). I see us emerging as privacy and
security advocates, which would be timely and quite valuable.

On Thursday, March 31, 2016, Ben Cail  wrote:

> On 03/31/2016 09:40 AM, Andreas Orphanides wrote:
>
>> For now, I prefer to stick with Adama's Law: "If it can kill you, don't
>> connect it to the network."
>>
> +1. I share your security concerns about trying to connect everything
> possible to the Internet.
>

Re: [CODE4LIB] Internet of Things

[Andreas Orphanides]

Yeah, I guess I kind of strayed from the theme, but I couldn't pass up the
opportunity to kvetch. That said, as long as libraries are IoT-ing, I think
it's important for them to model "doing it right".

On Thu, Mar 31, 2016 at 10:04 AM, Lisa Rabey 
wrote:

> a. Thank you everyone for your input! I asked this question out of
> curiosity, not for a project / paper / research area (yet). All the
> responses have been brilliant.
> b. #notalllibrarians
> c. I've been made privy the security issues are so big you can drive a Mac
> truck through them, but I'm ignoring them at the moment to see what people
> are doing with the tech.
> c. Andreas, if you haven't seen this before, I think you may enjoy Internet
> of Shit https://twitter.com/internetofshit
>
> "Obviously the best thing to do is put a chip in it."
>
> _lisa
>
>
> On Thu, Mar 31, 2016 at 9:40 AM, Andreas Orphanides 
> wrote:
>
> > I'm not a technofuturist of any sort, so maybe I'm the wrong person to be
> > commenting on IoT (or maybe I'm exactly the right person)... but stuff in
> > IoT land is going to get utterly horrible before it gets good. I'd argue
> > that it might already be horrible, but it just doesn't have the
> penetration
> > to be fully recognized.
> >
> > Object lessons:
> >
> >- Your Jeep can be hacked so that someone can remotely disable the
> >brakes, thanks to crappy wifi. [1]
> >- Your smart refrigerator leaks your gmail credentials. [2]
> >- Your lightbulbs expose you to drive-by packet sniffing. [3]
> >- Your internet-enabled wine decanter requires you to use
> >vendor-provided wine bottle cartridges [4]
> >
> > There's a number of overlapping problems here
> >
> >- the "Compuserve of Things" issue [5], where every eager vendor is
> >going to try to lock users out of competitors' products [6]
> >- the expansion of this problem, which is that corporations will be
> >tempted to use the power of embedded computing to maximize profit [7]
> >- a more general "Internet of Sh*t" problem [8], where the security
> >ramifications of network-enabling devices is not fully realized and
> > exposes
> >users to all kinds of horrors. (As someone aptly put it: open network
> > ports
> >are like mucous membranes -- important for certain functions, but you
> > don't
> >want more of them exposed than necessary.)
> >
> > Now all of these problems can be solved, but I am not convinced that they
> > will, unless and until things get particularly nasty: specifically, the
> > commercial enterprises doing IoT stuff don't have a motive to make things
> > better until it starts actually costing them money.
> >
> > What can libraries do about this? I don't know. Pushing for open
> standards
> > helps. Implementing open standards helps. Practicing good security in IoT
> > certainly helps. I do think that "Just because you can, it doesn't mean
> you
> > should" is not a bad starting point, especially if we model stepping
> > through the right risk analyses and security practices as we develop IoT
> in
> > libraries.
> >
> > For now, I prefer to stick with Adama's Law: "If it can kill you, don't
> > connect it to the network."
> >
> >
> > [1] http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
> > [2] http://www.theregister.co.uk/2015/08/24/smart_fridge_security_fubar/
> > [3]
> >
> >
> http://arstechnica.com/security/2014/07/crypto-weakness-in-smart-led-lightbulbs-exposes-wi-fi-passwords/
> > [4]
> >
> >
> http://www.independent.co.uk/life-style/gadgets-and-tech/news/kuvee-smart-wine-bottle-screen-internet-indiegogo-a6958751.html
> > [5]
> http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml
> > [6]
> http://www.digitaltrends.com/home/philips-hue-bridge-firmware-update/
> > [7] http://ieet.org/index.php/IEET/more/rinesi20150925
> > [8] https://twitter.com/internetofshit?lang=en
> >
> > On Thu, Mar 31, 2016 at 8:29 AM, Andrew Anderson 
> wrote:
> >
> > > For those who were not previously aware of IoT, here’s a primer focused
> > > specifically on the library space:
> > >
> > >
> > >
> >
> https://www.oclc.org/publications/nextspace/articles/issue24/librariesandtheinternetofthings.en.html
> > >
> > > IMHO this is still a very young concept, and not even fully imagined
> yet,
> > > so there is no reason to feel like you’ve missed the boat, when the
> ship
> > > hasn’t even reached the dock yet.
> > >
> > > --
> > > Andrew Anderson, President & CEO, Library and Information Resources
> > > Network, Inc.
> > > http://www.lirn.net/ | http://www.twitter.com/LIRNnotes |
> > > http://www.facebook.com/LIRNnotes
> > >
> > > On Mar 30, 2016, at 22:16, Lesli M  wrote:
> > >
> > > > I feel compelled to pipe up about the comment "Very sad that a
> > librarian
> > > didn't know what it was."
> > > >
> > > > Librarians come in all flavors and varieties. Until I worked in a
> > > medical library, I had no idea 

Re: [CODE4LIB] Internet of Things

[Lisa Rabey]

a. Thank you everyone for your input! I asked this question out of
curiosity, not for a project / paper / research area (yet). All the
responses have been brilliant.
b. #notalllibrarians
c. I've been made privy the security issues are so big you can drive a Mac
truck through them, but I'm ignoring them at the moment to see what people
are doing with the tech.
c. Andreas, if you haven't seen this before, I think you may enjoy Internet
of Shit https://twitter.com/internetofshit

"Obviously the best thing to do is put a chip in it."

_lisa


On Thu, Mar 31, 2016 at 9:40 AM, Andreas Orphanides 
wrote:

> I'm not a technofuturist of any sort, so maybe I'm the wrong person to be
> commenting on IoT (or maybe I'm exactly the right person)... but stuff in
> IoT land is going to get utterly horrible before it gets good. I'd argue
> that it might already be horrible, but it just doesn't have the penetration
> to be fully recognized.
>
> Object lessons:
>
>- Your Jeep can be hacked so that someone can remotely disable the
>brakes, thanks to crappy wifi. [1]
>- Your smart refrigerator leaks your gmail credentials. [2]
>- Your lightbulbs expose you to drive-by packet sniffing. [3]
>- Your internet-enabled wine decanter requires you to use
>vendor-provided wine bottle cartridges [4]
>
> There's a number of overlapping problems here
>
>- the "Compuserve of Things" issue [5], where every eager vendor is
>going to try to lock users out of competitors' products [6]
>- the expansion of this problem, which is that corporations will be
>tempted to use the power of embedded computing to maximize profit [7]
>- a more general "Internet of Sh*t" problem [8], where the security
>ramifications of network-enabling devices is not fully realized and
> exposes
>users to all kinds of horrors. (As someone aptly put it: open network
> ports
>are like mucous membranes -- important for certain functions, but you
> don't
>want more of them exposed than necessary.)
>
> Now all of these problems can be solved, but I am not convinced that they
> will, unless and until things get particularly nasty: specifically, the
> commercial enterprises doing IoT stuff don't have a motive to make things
> better until it starts actually costing them money.
>
> What can libraries do about this? I don't know. Pushing for open standards
> helps. Implementing open standards helps. Practicing good security in IoT
> certainly helps. I do think that "Just because you can, it doesn't mean you
> should" is not a bad starting point, especially if we model stepping
> through the right risk analyses and security practices as we develop IoT in
> libraries.
>
> For now, I prefer to stick with Adama's Law: "If it can kill you, don't
> connect it to the network."
>
>
> [1] http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
> [2] http://www.theregister.co.uk/2015/08/24/smart_fridge_security_fubar/
> [3]
>
> http://arstechnica.com/security/2014/07/crypto-weakness-in-smart-led-lightbulbs-exposes-wi-fi-passwords/
> [4]
>
> http://www.independent.co.uk/life-style/gadgets-and-tech/news/kuvee-smart-wine-bottle-screen-internet-indiegogo-a6958751.html
> [5] http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml
> [6] http://www.digitaltrends.com/home/philips-hue-bridge-firmware-update/
> [7] http://ieet.org/index.php/IEET/more/rinesi20150925
> [8] https://twitter.com/internetofshit?lang=en
>
> On Thu, Mar 31, 2016 at 8:29 AM, Andrew Anderson  wrote:
>
> > For those who were not previously aware of IoT, here’s a primer focused
> > specifically on the library space:
> >
> >
> >
> https://www.oclc.org/publications/nextspace/articles/issue24/librariesandtheinternetofthings.en.html
> >
> > IMHO this is still a very young concept, and not even fully imagined yet,
> > so there is no reason to feel like you’ve missed the boat, when the ship
> > hasn’t even reached the dock yet.
> >
> > --
> > Andrew Anderson, President & CEO, Library and Information Resources
> > Network, Inc.
> > http://www.lirn.net/ | http://www.twitter.com/LIRNnotes |
> > http://www.facebook.com/LIRNnotes
> >
> > On Mar 30, 2016, at 22:16, Lesli M  wrote:
> >
> > > I feel compelled to pipe up about the comment "Very sad that a
> librarian
> > didn't know what it was."
> > >
> > > Librarians come in all flavors and varieties. Until I worked in a
> > medical library, I had no idea what a systematic review was. I had no
> idea
> > there was a variety of librarian called "clinical librarian."
> > >
> > > Do you know the hot new interest for law libraries? Medical libraries?
> > Science libraries?
> > >
> > > The IoT is a specific area of interest. Just like every other special
> > interest out there.
> > >
> > > Is it really justified to expect all librarians of all flavors and
> > varieties to know this very tech-ish thing called IoT?
> > >
> > > Lesli
> >
>



-- 

 

Re: [CODE4LIB] Internet of Things

[Ben Cail]

On 03/31/2016 09:40 AM, Andreas Orphanides wrote:

For now, I prefer to stick with Adama's Law: "If it can kill you, don't
connect it to the network."
+1. I share your security concerns about trying to connect everything 
possible to the Internet.

Re: [CODE4LIB] Internet of Things

[Andreas Orphanides]

I'm not a technofuturist of any sort, so maybe I'm the wrong person to be
commenting on IoT (or maybe I'm exactly the right person)... but stuff in
IoT land is going to get utterly horrible before it gets good. I'd argue
that it might already be horrible, but it just doesn't have the penetration
to be fully recognized.

Object lessons:

   - Your Jeep can be hacked so that someone can remotely disable the
   brakes, thanks to crappy wifi. [1]
   - Your smart refrigerator leaks your gmail credentials. [2]
   - Your lightbulbs expose you to drive-by packet sniffing. [3]
   - Your internet-enabled wine decanter requires you to use
   vendor-provided wine bottle cartridges [4]

There's a number of overlapping problems here

   - the "Compuserve of Things" issue [5], where every eager vendor is
   going to try to lock users out of competitors' products [6]
   - the expansion of this problem, which is that corporations will be
   tempted to use the power of embedded computing to maximize profit [7]
   - a more general "Internet of Sh*t" problem [8], where the security
   ramifications of network-enabling devices is not fully realized and exposes
   users to all kinds of horrors. (As someone aptly put it: open network ports
   are like mucous membranes -- important for certain functions, but you don't
   want more of them exposed than necessary.)

Now all of these problems can be solved, but I am not convinced that they
will, unless and until things get particularly nasty: specifically, the
commercial enterprises doing IoT stuff don't have a motive to make things
better until it starts actually costing them money.

What can libraries do about this? I don't know. Pushing for open standards
helps. Implementing open standards helps. Practicing good security in IoT
certainly helps. I do think that "Just because you can, it doesn't mean you
should" is not a bad starting point, especially if we model stepping
through the right risk analyses and security practices as we develop IoT in
libraries.

For now, I prefer to stick with Adama's Law: "If it can kill you, don't
connect it to the network."


[1] http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
[2] http://www.theregister.co.uk/2015/08/24/smart_fridge_security_fubar/
[3]
http://arstechnica.com/security/2014/07/crypto-weakness-in-smart-led-lightbulbs-exposes-wi-fi-passwords/
[4]
http://www.independent.co.uk/life-style/gadgets-and-tech/news/kuvee-smart-wine-bottle-screen-internet-indiegogo-a6958751.html
[5] http://www.windley.com/archives/2014/04/the_compuserve_of_things.shtml
[6] http://www.digitaltrends.com/home/philips-hue-bridge-firmware-update/
[7] http://ieet.org/index.php/IEET/more/rinesi20150925
[8] https://twitter.com/internetofshit?lang=en

On Thu, Mar 31, 2016 at 8:29 AM, Andrew Anderson  wrote:

> For those who were not previously aware of IoT, here’s a primer focused
> specifically on the library space:
>
>
> https://www.oclc.org/publications/nextspace/articles/issue24/librariesandtheinternetofthings.en.html
>
> IMHO this is still a very young concept, and not even fully imagined yet,
> so there is no reason to feel like you’ve missed the boat, when the ship
> hasn’t even reached the dock yet.
>
> --
> Andrew Anderson, President & CEO, Library and Information Resources
> Network, Inc.
> http://www.lirn.net/ | http://www.twitter.com/LIRNnotes |
> http://www.facebook.com/LIRNnotes
>
> On Mar 30, 2016, at 22:16, Lesli M  wrote:
>
> > I feel compelled to pipe up about the comment "Very sad that a librarian
> didn't know what it was."
> >
> > Librarians come in all flavors and varieties. Until I worked in a
> medical library, I had no idea what a systematic review was. I had no idea
> there was a variety of librarian called "clinical librarian."
> >
> > Do you know the hot new interest for law libraries? Medical libraries?
> Science libraries?
> >
> > The IoT is a specific area of interest. Just like every other special
> interest out there.
> >
> > Is it really justified to expect all librarians of all flavors and
> varieties to know this very tech-ish thing called IoT?
> >
> > Lesli
>

Re: [CODE4LIB] Structured Data Markup on library web sites

[Brian Kennison]

On Mar 29, 2016, at 12:46 PM, Kevin Ford 
> wrote:

FWIW, I'm looking at the HTML itself.  You may be using a tool that is
generating a little but of schema.  Is that accurate?

Kevin,

I was perplexed by this also but I realized that there was “content 
negotiation” going on. I set the header to accept rdf and indeed there is data 
for this document.

—Brian

wget --header "Accept: application/rdf+xml" 
http://bmcr.brynmawr.edu/2014/2014-02-18.html

Re: [CODE4LIB] Internet of Things

[Forrest, Stuart]

Here here..

Stuart

Stuart Forrest PhD
Library Systems Specialist
Beaufort County Library
843 255 6450
sforr...@bcgov.net

http://www.beaufortcountylibrary.org

For Leisure, For Learning, For Life


Sent from my iPad

On Mar 31, 2016, at 12:15 AM, Angela Galvan 
> wrote:

Randall speaks to the issue better than I can at the moment.

https://xkcd.com/1053/

-Angela
On Mar 30, 2016 11:11 PM, "Cornel Darden Jr." 
>
wrote:

Hello,

Yes, indeed. IoT is not limited to a specific area of librarianship.
Medical librarians and law librarians should be just as concerned and
knowledgeable about such things. Are we suggesting that there is an area of
librarianship that does not benefit from the IoT?

As far a IoT being tech-ish, I would argue that librarianship is too.
Hence, a huge divide in the craft.

What area of librarianship is IoT of specific interest? Please edify.

I apologize if I offended anyone, but as a librarian I am offened by our
lack of consistency in a field that is obviously losing tremendous ground.
I believe this very conversation is one of the reasons why that is such.

We have to grow a backbone eventually and address it.

Every industry and discipline is apart of the information and technology
revolution. Why would librarianship, of all fields, believe thay we are
somehow not only leaders of the revolution but, have the "option" to be on
the back burner.

Yet, I'm a private librarian, and the private sector doesn't afford such
complacency in practicing one's craft.

Again, sorry for the rant.

Thanks,

Cornel Darden Jr.
Chief Information Officer
Casanova Information Services, LLC
Office Phone: (779) 205-3105
Mobile Phone: (708) 705-2945

Sent from my iPhone

On Mar 30, 2016, at 9:16 PM, Lesli M 
> wrote:

I feel compelled to pipe up about the comment "Very sad that a librarian
didn't know what it was."

Librarians come in all flavors and varieties. Until I worked in a
medical library, I had no idea what a systematic review was. I had no idea
there was a variety of librarian called "clinical librarian."

Do you know the hot new interest for law libraries? Medical libraries?
Science libraries?

The IoT is a specific area of interest. Just like every other special
interest out there.

Is it really justified to expect all librarians of all flavors and
varieties to know this very tech-ish thing called IoT?

Lesli

Re: [CODE4LIB] Internet of Things

[Harper, Cynthia]

+1 Angela.

-Original Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Angela 
Galvan
Sent: Thursday, March 31, 2016 12:15 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Internet of Things

Randall speaks to the issue better than I can at the moment.

https://xkcd.com/1053/

-Angela
On Mar 30, 2016 11:11 PM, "Cornel Darden Jr." 
wrote:

> Hello,
>
> Yes, indeed. IoT is not limited to a specific area of librarianship.
> Medical librarians and law librarians should be just as concerned and 
> knowledgeable about such things. Are we suggesting that there is an 
> area of librarianship that does not benefit from the IoT?
>
> As far a IoT being tech-ish, I would argue that librarianship is too.
> Hence, a huge divide in the craft.
>
> What area of librarianship is IoT of specific interest? Please edify.
>
> I apologize if I offended anyone, but as a librarian I am offened by 
> our lack of consistency in a field that is obviously losing tremendous ground.
> I believe this very conversation is one of the reasons why that is such.
>
> We have to grow a backbone eventually and address it.
>
> Every industry and discipline is apart of the information and 
> technology revolution. Why would librarianship, of all fields, believe 
> thay we are somehow not only leaders of the revolution but, have the 
> "option" to be on the back burner.
>
> Yet, I'm a private librarian, and the private sector doesn't afford 
> such complacency in practicing one's craft.
>
> Again, sorry for the rant.
>
> Thanks,
>
> Cornel Darden Jr.
> Chief Information Officer
> Casanova Information Services, LLC
> Office Phone: (779) 205-3105
> Mobile Phone: (708) 705-2945
>
> Sent from my iPhone
>
> > On Mar 30, 2016, at 9:16 PM, Lesli M  wrote:
> >
> > I feel compelled to pipe up about the comment "Very sad that a 
> > librarian
> didn't know what it was."
> >
> > Librarians come in all flavors and varieties. Until I worked in a
> medical library, I had no idea what a systematic review was. I had no 
> idea there was a variety of librarian called "clinical librarian."
> >
> > Do you know the hot new interest for law libraries? Medical libraries?
> Science libraries?
> >
> > The IoT is a specific area of interest. Just like every other 
> > special
> interest out there.
> >
> > Is it really justified to expect all librarians of all flavors and
> varieties to know this very tech-ish thing called IoT?
> >
> > Lesli
>

[CODE4LIB] Thanks

[Edward Iglesias]

Thanks all of you who took the survey.  It will be up until 5:00 Eastern on
Friday.

https://www.surveymonkey.com/r/38H733R

Edward Iglesias

Re: [CODE4LIB] Internet of Things

[Andrew Anderson]

For those who were not previously aware of IoT, here’s a primer focused 
specifically on the library space:

https://www.oclc.org/publications/nextspace/articles/issue24/librariesandtheinternetofthings.en.html

IMHO this is still a very young concept, and not even fully imagined yet, so 
there is no reason to feel like you’ve missed the boat, when the ship hasn’t 
even reached the dock yet.

-- 
Andrew Anderson, President & CEO, Library and Information Resources Network, 
Inc.
http://www.lirn.net/ | http://www.twitter.com/LIRNnotes | 
http://www.facebook.com/LIRNnotes

On Mar 30, 2016, at 22:16, Lesli M  wrote:

> I feel compelled to pipe up about the comment "Very sad that a librarian 
> didn't know what it was."
> 
> Librarians come in all flavors and varieties. Until I worked in a medical 
> library, I had no idea what a systematic review was. I had no idea there was 
> a variety of librarian called "clinical librarian."
> 
> Do you know the hot new interest for law libraries? Medical libraries? 
> Science libraries?
> 
> The IoT is a specific area of interest. Just like every other special 
> interest out there.
> 
> Is it really justified to expect all librarians of all flavors and varieties 
> to know this very tech-ish thing called IoT?
> 
> Lesli