Slashdot Mirror

← Back to Stories (view on slashdot.org)

Building Anonymous-Friendly Computer Libraries?

Posted by Cliff on from the protecting-your-privacy dept.

H310iSe writes "Listening to NPR today and caught a story on All Things Considered about how the FBI has demanded information on borrowing and browsing habits, including computer seizures, from 85 libraries since Sept. 11 (utilizing their new-found powers from the PATRIOT act). Similar stories (which don't require RealAudio) are here and here. The American Librarian Association is providing information for librarians to help deal with this, and it seems heavily tilted towards supporting individuals' rights to privacy. It seems like the Slashdot crowd could come up with a great library computer setup that would protect anonymity (I'm thinking about things like creating a RAM disk and loading the OS onto it). How about ways to enable people to borrow books anonymously without opening the door to large-scale theft? I bet if we offered a packaged, free, easy to install Safe Browsing computer or Anonymous Checkout program, libraries across the U.S. would enthusiastically embrace it." According to the articles, these checks can be made for any reason, not just for suspected terrorism. It seems that if the American people are going to protect their rights, they are going to have to do so actively. Is the idea presented above, feasible? How would you improve upon it?

6 of 293 comments (clear)

  1. As one that works in a Library Systems Office ... by Anonymous Coward · · Score: 3, Informative

    ... Privacy is extremely important to us. We allow not only Web browsing but also offer full the full MS Office package on several hundred computers so that people can work on their projects as they conduct their research.

    While not completely secure, we clear the web browser cache and history each time the browser loads (and it closes itself after 10 minutes of inactivity o further help this along).

    We also remove the contents of "My Documents" and then the Recycling Bin each morning before the library opens. This is all done via scripts of course.

    Granted this isn't the best solution, as the info could still be retrieved, but between not requiring login's (there-fore not knowning where anyone that comes into the library was sitting) and deleting as much as we can, as often as we can it should help.

  2. Don't remove the books by dr_l0v3 · · Score: 2, Informative

    If you don't want to be hooked by some large data-mining net you can always read the book in the library and take handwritten notes.

  3. Small OSes, alternatives? by Anonymous Coward · · Score: 1, Informative

    What OS do you run that requires 3GB of space?

    Linux w/ X could easily run in 128mb ram, possibly 96 or 64 if you fit things right and get rid of everything absolutely not needed.

    Might you have an alternative idea?
    By all means, do share.

    I hope you aren't dellusioned into believing that creating a hypothetical and unrealistic situation then proving it wrong is helpful.

  4. How? by starX · · Score: 2, Informative

    "I bet if we offered a packaged, free, easy to install Safe Browsing computer or Anonymous Checkout program, libraries across the U.S. would enthusiastically embrace it."

    The fundamental problem with this is that an anonymous checkout system would mean that the library would have no way of getting their books back. Not that a lot of people are out to steal books from public libraries, but I know that if there weren't a fine for returning it late, I would probably put my borrowed books down some place and forget that they were borrowed and not mine. After two weeks of this, they usually give me a call reminding me that the books actually belong to them.

    Now picture a world where they can't call me, and when I check out a book, they have no idea that I have quite a few sitting in my apartment waiting to be brought back. Multiply that by the number of people checking out books, and the nations libraries would soon be depleted.

    Another thing, I know quite a few people who work in libraries, and they tend not to enthusiastically embrace anything. Especially anything that even sounds like it might require having to re-enter every book in their collection to a new database, and unfortunately they equate the people I know equate "new software" with "new database:. Of course this view is probably a little bit skewed because I'm used to pivcking around small libraries in sleepy towns in the sticks.

  5. Re:Cash up front by TKinias · · Score: 2, Informative

    [ checking books out for a cash deposit ]

    There's a very real drawback to doing this: many important works are out of print (and will stay that way until they enter the public domain -- but that's a different rant) and cannot be had at any price unless you can locate a used copy. If I found a library that would lend me -- anonymously! -- a book which I'd spent a year trying to find for, say, a $50 deposit, the temptation simply to "buy" it that way would be tremendous. Unless the deposit were made so onerous that no one could consider its payment an acceptable price to acquire the work, the system would fail. And if the deposit were that onerous, books would not circulate.

    --
    In principio creauit Linus Linucem.
  6. The crypto for anon checkout is already done... by Jim+McCoy · · Score: 4, Informative

    David Chaum, the inventor of the "blind" signature mechanism that is the core of most digital cash protocols, created an extended variant of this system [Chaum90] that explained how you can accomplish some rather tricky things with unlinkable identity systems. One of the examples he has used in the past a computer controlled library, the "librarian" would let you check out books with an anonymous identity and maintain policies such as "only three books out at any one time", etc. with strong security for the system and complete unlinkability among user transactions as long as they follow the rules.

    This system handles the daily mechanics of such a digital library, but it needs an external hook to get a user into the system called an "isa-person" certificate (a cert that you could only get one of, probably biometric, that is a hard link to your meatspace identity) which is used as the stick to prevent people from walking away with your books. If someone checks out books and does not return them they get a negative mark on their isa-person cert that will follow them to around until it is cleared. A deposit of cash, as others have suggested, would probably serve an equivalent purpose.

    If you really want a secure, anonymous digital system it is probably going to end up working something like NetFlix. You apply for an anonymous id and put down a cash deposit, the anon id lets you borrow titles with certain restrictions, when you are finished with the account you cancel your subscription and get your deposit back.

    Jim

    [Chaum90] David Chaum: Showing credentials without identification: Transferring signatures between unconditionally unlinkable pseudonyms; Auscrypt '90, LNCS 453, Springer-Verlag, Berlin 1990, 246-264.