Note About Public Wireless Validation E-Mails

Those of you who are looking to sign up for an account and use an AOL e-mail address, you will not be able to receive the validation e-mail needed to activate your account. This is due to AOL requiring that incoming e-mails' IP addresses trace back to a valid domain. Since our authentication server runs on a static IP address with no DNS entry, AOL won't accept it.

Charter, Comcast, and free e-mail services such as Yahoo, MSN, Mail.com and Gmail should accept validation e-mails; though some may flag it as spam, so check your spam folders too.

When signing up for a new account, it should only take about five minutes at most for a validation e-mail to be sent to address you provided. To validate your account, you then simply open the e-mail and click on the validation link to activate your account.

In the event that you do not receive a validation e-mail, your account can still be validated. You can contact our District Headquarters at 989-362-2651 or e-mail us at our website and ask for help.

In either case, you don't have to go into a long-winded explanation. Simply say that you signed up for public wireless and didn't get a validation e-mail. We'll only ask for the user-name you signed up for, and in a few minutes, your account is validated and ready for use.

When the system is fully deployed, the authentication system will be running on a server with a fully-qualified domain name. Your public wireless account will work at our other branch libraries that have a hotspot.

In East Tawas, there are other totally free and open hotspots for use. G's Pizzeria on the corner of East Bay/US-23 and Newman Street in downtown East Tawas; 115 East Bay. There's also Different Blend coffee shop on East Bay/US-23 across from the Kentucky Fried Chicken/Long John Silver's restaurant.

Web Page Back Up

You'll notice that our web page is back up, but it's an older version. We have only one small problem, and that is getting back into our site so we can reload the current copy of our web page. That should happen today.

Our Main Web Page Down

Currently, our web page at ioscoarenaclibrary.org is down. It has been down since yesterday evening. Our web host has been contacted and they are working on the problem.

This does not affect our branches' Internet Access, Item Circulation or Item Lookup services. Links to MelCat and our Item Catalog are available from this blog.

Privacy and The Internet

I recently came across an article that concerned how large corporations handle users' private data. Privacy International recently published a report that ranks several major companies, including Microsoft, Amazon, eBay, and Google among others, by how well they handle private data.

Please note that this is not a final report, but more of a guide and should be viewed as both a warning and a reminder to anyone who uses a computer that your privacy is not 100% guaranteed.

The Interim rankings summary can be found here:
http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-553961

The Interim Rankings itself, in the from of a PDF (Adobe Acrobat), can be viewed here:
http://www.privacyinternational.org/issues/internet/interimrankings.pdf

In regard to the impact on our equipment and services, the following does not apply in regard to Privacy International's summary:

• There are no browser toolbars installed on the Item Catalog or Patron computers because I feel that they add no value or security, and would affect neutrality.

An effort is made to be as neutral as we can. This is why you have a choice of software; two web browsers (Firefox and Internet Explorer), two office suites (MS Office and OpenOffice), two virtual mapping programs (GoogleEath and NASA WorldWind), and other open-source programs like The Gimp. Yes we filter our computers, but this is due to a requirement for our Federal Funding.

• Our own e-mail accounts, patron accounts and item circulation do not use any of Google's services. With one exception, that being one staff e-mail account hosted by Yahoo, our e-mail and item circulation services and related technical support are provided by the Valley Library Consortium.

The following does apply:

• This Blog uses Blogger, which is owned by Google. However, the information posted is meant to be accessible by the public. The purpose of the blog is to post news about technology that the District uses and other related matters.
• 
  
• GoogleEarth is installed on all publicly-accessible computers for use as a reference tool. While activity stored locally on a patron computer's hard drive is wiped, search information and content accessed from Google's servers may be retained.
• 
  
• The IP Address of a patron computer is forwarded through our content filtering and caching server to the Internet. Therefore, the activity of a publicly-accessible computer can be recorded and tracked.
• 
  
• Activity on a publicly-accessible computer that may be stored on its hard drive is always wiped at the end of the day or, in some cases, when a web browser window is closed.
  

All publicly-accessible computers are configured to save as little information as possible. Both web browsers are configured to clear their caches and cookies when they are closed, as well as not save any passwords. The Windows operating system itself is configured to minimize any storing of user activity; Faronics DeepFreeze wipes any changes or other stored data when a computer is rebooted or shutdown.

Our content filtering and caching server does not track user activity, store any personal information, and is only accessible from the Internet by employees only for maintenance and diagnosis purposes.

As for our public wireless Internet service, I encourage you to read our Wiki entry, which describes in detail what information we record and why. WifiDog is open-source software and uses only one Google service, GoogleMaps, to locate wireless hotspots on a map.

Lintrack

I need to retract my previous statements about a tutorial that I called faulty. This tutorial, "Lintrack As A LAN Gateway and An OpenVPN Bridge" is correct and will result in a working router. I was having problems getting a client machine to connect to the Internet and it was due to a problem with the software on the system, not a mistake the author made. All I had to do to get it working properly was update the package list and upgrade the software.

So, I now have a working PC-based router running Lintrack and a client computer can connect to the Internet.

It's important to note that the intention is to only boot off of the compact flash card (read-only, except for software changes and upgrades) and run the router in RAM, or system memory. Flash memory in general has a finite number of write cycles before they wear out, which is why they are not hard disk replacements.

The reason is that when a system runs out of, or low on, memory, it uses the hard disk as a cache to store and retrieve (swap) information that isn't immediately needed, which is called a swap partition. When you consider that a lot of read and write cycles take place with a swap partition, you can understand how quickly a flash disk would wear out. Yes, a flash disk would work, but would fail sooner than a conventional hard disk drive if it used a swap partition. Flash-based routers and computers simply write an image of the flash disk (that contains all the software and settings) into RAM (memory) and run off of the image.

Small Change On Our Item Catalog

The Valley Library Consortium, which manages our Horizon item circulation database and item catalog, has corrected a glitch in our Item Catalog website.

If a patron was logged in on the Item Catalog and selected the Popular Lists tab, the user would be logged out. This has been fixed, however users will notice that the layout of the Popular Lists has changed slightly. The links for searching on the Popular Lists tab are now gone. However, the Popular Lists can still be searched like any other section of the catalog.

SAM and Other News

The meeting with the librarians went as planned on Wednesday. All but two of them were present and the presentation went very well. Some were very excited about automating the process of using SAM (Smart Access Manager) by Comprise to handle managing PC and Print Management.

While there were still many questions to be asked before we even thought about asking for a quote, this was a major step forward. They were equally excited about public wireless and the faster T1 connections.

What they were not so happy about, and beyond our control, was the item circulation software. SirsiDynix has decided to halt development of Horizon (our client) and combine Horizon and another (cheaper) Client, Unicorn, into a single product called "Rome." This means that in two years, we're going to end up switching to something else. The Valley Library Consortium is already researching a replacement.

As for the speed and freezing issues, we're hoping the upgrades we're going to get this summer will solve some of the problems we've had.

The schedule for deployment will be as follows (roughly):

June 2007 - Receive feedback from library staff, answer questions, and establish location requirements

July 2007 - Upgrade all Internet connections to full T1s and deploy WifiDog hotspots at all locations

August/September 2007 - Deploy SAM only at heavy use branches.

Given that SAM is a product that I have (at present) little or no experience with, this will require a learning curve for me at first. This will change as the software and hardware is installed and configured. We all all hoping for a relatively painless and glitch-less deployment. As for the patrons and staff, the learning curve for actually using the system should be considerably less. Proper setup is the key to making this work.

For more information about SAM, you can visit Comprise Technologies. All their product data sheets are available online. While we will be considering stand-alone stations for releasing print jobs and reserving PCs and even electronic signs for announcing wait times, we will not be using anything outside the scope of printing and computers. All payments for printing and paying fines will be cash only; we are not going to get into handling credit cards or personal checks.

As for our public wireless service, we will still be using WifiDog, and this will be a separate system from SAM. I urge potential users and staff to read our Wiki entry about the topic.

You will find information about the hardware and software used, as well as some general guidelines for use. We are going to have more formal usage guidelines published when the other hotspots are deployed, but what's in the wiki is relevant. What is currently not clear are certain guidelines that haven't been discussed at length yet.

Finding a Distro For A Particular Application

A project that I previously mentioned, a Virtual Private Network using Desktop PCs as testing platforms, is back in swing. I mainly got discouraged by the operating system I installed on the hard disks: Ubunter Server Edition 7.0.4.

When it comes to the desktop experience, I really enjoy Xubuntu. It's a very easy Linux distro to install and use.

How easy? Well, I have a older AMD Duron 850Mhz desktop PC that was running XP Pro and Mandriva. It has an ASUS TVFM PCI tuner card, 256MB of RAM, a 17" LCD monitor (a hand-me-down from another computer) usb keyboard and mouse. In Mandriva, I couldn't get the card to work, and while the card worked in Windows, the application software for watching TV and listening to the radio either were inadequate (it was part of a Home Theater application, not stand-alone) or lacking.

To make a long story short, I was hardly using the computer, it was taking up space in the house, and wanted an all-in-one solution for the detached garage to replace a slow Mac G3 AIO that was still running OS9 and used a VCR as a tv. Since I didn't need Windows, I formatted the hard drive and did a clean installation of Xubuntu 7.0.4.

Within minutes, I was able to install the applications I wanted (TVtime for the tv tuner, GnomeRadio for the FM tuner) and updated the system. Without touching a thing, I launched GnomeRadio and was listening to CMU Public Radio and other stations that didn't come through in Mandriva or required a "home theater" program to use. TVtime worked perfectly, and I was even able to hook up the VCR's A/V outputs and view tapes. It has a DVD drive, so watching DVDs was a snap, and with Amarok, I was able to listen to Internet Radio or my MP3 collection, a copy of which resided on a resurrected Gateway server that I bought from work.

Their server edition leaves something to be desired.

My initial attempt to use it as a hasty (literally) replacement for Mandriva on the content filtering server met with failure. It was due to not understanding how iptables rules are set and having to work without a GUI (Graphical User Interface); something I got spoiled on using Mandriva. While I am using Xubuntu on my home server for listening to my music collection, it's already behind a firewall, and was merely being used for sharing files. Those are very different requirements.

Of course, one of my goals for the production VPN units is to not use a GUI, or run any unneeded software. It will only have a command-line interface (with perhaps a web-based one later on) and be accessible only through SSH or a serial console (via a serial port). No moving parts means no disk drives at all, including hard disks, so it will be wholly contained on a flash card.

Though you can install and run a Linux distro (distribution) on a flash drive, there are limitations. In the case of DSL (Damn Small Linux) used on the item catalog computers, they only load an image of the entire setup into the computer's RAM and use part of the RAM as a disk (RAM Disk). You can't use a flash drive as a regular hard disk because you can only write to it so many times before it becomes corrupted and therefore unusable. Some distributions may not boot from a flash drive; some may not install at all. Like DSL, the operating system must be able to only load its contents into RAM and run from RAM, only allowing writes to the disk for any changes.

Another consideration is size. DSL is only 50MB in size while Ubuntu and Mandriva require 2GB of disk space to install on. You could do minimal installations that take under 512MB, but there's still the first issue mentioned above. It's better to start with something that is designed to run from flash in the first place. There are Linux distros that do this (OpenWRT, which I use on hacked wireless routers), but either support a limited range of hardware or are difficult to setup.

While doing some searching through Google, I found an alternative that seems perfectly suited to my goals: Lintrack. It's a relatively small (installs on a 256MB flash disk) distribution meant for ISPs (Internet Service Providers). This Linux distro is meant for building powerful Internet routers. It provides support for all the needed X86 hardware and network devices, and OpenVPN will run on it. So it seems a near-perfect choice.

The past few days, off and on, I worked on installation and configuration. Installation was very easy. You burn a installation CD, load it in the computer's drive and boot from CD. Booting from compact flash worked perfectly every time. Configuration was a different story.

It's not really the fault of the developers or the software; they did a good job. It was the fault of the tutorial I was following and my own error. What I initially read seemed to contradict what I knew about networking. Eventually, I couldn't get the computer to get online. Rather than deal with changing settings and trying again and again, I did another fresh installation and went on another search for something that made more sense.

I found something far clearer here:
polishlinux.org - Lintrack: Linux for Internet Service Providers

No, I haven't even touched the keyboard yet, but instead did what I should have done in the first place. The pages from the site were printed out, read and reread and notes jotted down. Since what I needed was not exactly what I intended to use, I went back to the original tutorial, circled the relevant information, and crossed out the rest.

Next week, I'll get back to working on testing out Lintrack. If it will work as I want it to, this very likely will be the Operating System running on all the Firewall/VPN servers in the district, booting off of 512MB compact flash cards; convenient as I already have a card and an IDE interface to test with.

There are a lot of different Linux Distributions available. Some are open-source (Ubuntu, Gentoo) while others are proprietary (Xandros, Linspire), and yet others are geared toward specific applications like music and video production or entertainment, for beginners (Vector Linux and Ubuntu) or advanced (Gentoo) users. There are distros for embedded devices like OpenWRT or CFLinux (meant to run on compact flash cards) and even game consoles like the XBox and Playstation 2 and 3. In fact, I have an XBox that I plan to resurrect with a new hard drive and run both original games and Linux off of someday.

So you can see that there are a lot of options open in the open-source world.

For more on Lintrack:
Lintrack - Linux router for ISPs