Wednesday, December 31, 2008

So you want to be a podcaster?

One of the questions that inevitably comes out of Web 2.0 workshops is how can I produce my own podcasts?

I have to admit my initial response is a rather skeptical, REALLY?

Why am I so skeptical? Let's look at what a podcast really is. Let's look at the definition from Wikipedia:

"A podcast is a series of audio or video digital-media files which is distributed over the Internet by syndicated download, through Web feeds, to portable media players and personal computers. Though the same content may also be made available by direct download or streaming, a podcast is distinguished from other digital-media formats by its ability to be syndicated, subscribed to, and downloaded automatically when new content is added. Like the term broadcast, podcast can refer either to the series of content itself or to the method by which it is syndicated; the latter is also called podcasting. The host or author of a podcast is often called a podcaster.

"The term is a portmanteau of the words "iPod" and "broadcast", the Apple iPod being the brand of portable media player for which the first podcasting scripts were developed (see history of podcasting). Such scripts allow podcasts to be automatically transferred from a personal computer to a mobile device after they are downloaded. As more devices other than iPods became able to synchronize with podcast feeds, the term was redefined by some parties as a backronym for "Personal On Demand broadCASTING"."

Okay, so when I hear a librarian say s/he wants to do a podcast, I interpret it to mean that s/he wants to offer an on-going audio/video program for syndication over the internet. Frequently, that's not what s/he means at all, instead s/he is using podcast to cover any audio or video program. Perhaps s/he just wants to take a video of the end of summer reading. If that's what you mean, there will be another blog post just for you. And the good news is that producing an occasional audio/video program is SO much easier than producing a podcast.

I think the first task of anyone starting a new project is to see what others are doing so you can get a good idea of what works and what doesn't. So, if you haven't done so already, by all means download iTunes, Juice, Ziepod or one of the numerous other podcast aggregators out there. Then subscribe to some library-related podcasts. Unfortunately, many seem to have been brief experiments and are no longer being updated. The only current ones in my iTunes library are podcasts of author/speaker events at some of the larger public libraries: Seattle, Philadelphia, Los Angeles. But do look around and see what you find. I also recommend an archived presentation from the SirsiDynix Institute: A Beginner's Guide to Podcasting: Part 2 - A Creator's Guide. It's over 2 years old already but provides a good overview.

So what do you need to be a podcaster?

1) Passion. This can be a lot of work and thus tough to maintain over the long run. So pick a topic area you really feel passionate about. This advice comes from some of the big name podcasters who've been doing it for years.

2) Set some reasonable timetables and goals. IMO, a real podcast should have new programs at least once a month. You want to reward your subscribers with a regular product. So, let's say you decide to create a podcast highlighting your library's programs for the upcoming month. That means next month's program needs to be available for download by the end of the current month. In the meantime, you need to decide how long the finished product will be - say 1/2 hour; who you'll need to interview - story time readers - what are their themes, potential books?; other children's/teens'/adult program leaders. Next come up with some scripts so you'll know what to ask them. The key is to keep it brief but to come up with something interesting and compelling to bring people into the library for the programs you're promoting. Set aside some time for editing. Chances are not all the interview content will be what you want so you'll want to cut extra, off topic stuff and perhaps hems and haws, coughs, sneezes, dog barking and other extraneous noises. Then you add information about the program to your feed and upload it to your server.

3) Equipment

There are some hardware/software needs.

The easiest way to take care of a lot of your equipment software needs for creating audio and video content is to get a Mac. They all come with built in web cams and microphones and with audio and video editing software. While the quality is not professional grade, it would suffice for most beginners. And the learning curve is not steep.
  • Microphones/speakers - many Windows laptops also come with built in microphones and speakers. But while the speakers on newer laptops are tolerable, I've never been able to get the built in microphones to work to my satisfaction. There are a number of reasonably priced headsets on the market which will take care of both headphones and microphones. MSL bought headsets from Plantronics. They work pretty well but you do get some popping noises when you speak. I was looking for a portable microphone/recording unit to use to record family oral histories. I recently bought a Zoom H2 from Amazon. It's small and very portable but the instruction manual is so daunting that I have yet to really try it out.
  • There's a lot of audio editing software out there. The most commonly recommended free option is Audacity. It's open source with all the positive and negative connotations therein. I've used it a couple of times with no significant loss of hair from pulling it out in frustration. But I can't say I feel like I know how to use it. And of course, there are a number of software products you can buy from fairly reasonable to very expensive. And, do keep in mind that audio editing and video editing in particular require a fast processor.
  • Feed creator software - you can create your own XML feeds but it's much easier to buy software to do it for you. That way you just fill in the blanks. I've never gone so far to create any podcasts myself so I haven't used any of the feed creators enough to recommend one. But some of those referred to the most are FeedForAll and JitBit.
  • Web space and bandwidth - this is potentially the most costly on-going expense. Audio and video files in particular are much larger than the average library web page. So they require more web space for storage. An NPR technology highlights program which runs 25 minutes is 11.5 MB. If you have 100 MB of web space available, you won't be able to keep more than 8 programs - not a big deal if this is a monthly event update but something to consider if you're recording local oral histories. And most service providers will charge you extra for what they consider excessive bandwidth usage. If your podcast has 10 subscribers who each download your program once a month, that's 115 MB of bandwidth used. You may need to buy additional space and bandwidth. So, you'll definitely want to ask questions of your service providers as to what's available and what are the costs. Also, when you're deciding whether or not to create podcasts, you may want to take into consideration the bandwidth available to your most likely subscribers. Even a relatively small program of 11.5 MB takes hours to download on a dial-up connection.
For video podcasts add:
  • a video camera
  • video editing software
  • a fairly new computer with fast processor
  • a web server with even more space and greater available bandwidth for downloads
You'll also need to make some decisions about video format. While audio podcasts generally use a standard .MP3 format, there are more choices available for video including high definintion. The potential expense for a video podcast is much higher than for audio. If you are contemplating creating video content, I suggest you look at some other alternatives, including YouTube. We can come back to video podcasts and talk about them in greater detail at some time in the future if there's an interest.

Two more points for consideration are copyright and privacy issues. One of the possible uses I've heard mentioned frequently for podcasts is recording story time. You can work out for yourselves whether or not you think it would have an appeal in an audio format but regardless of whether you use audio or video, keep in mind that most of your story time books are under copyright restrictions. Making the text available over the internet in an audio format and/or showing the illustrations in a video format would most certainly be viewed as copyright violations without the permission of the author/publisher. Regarding privacy, I'd be very cautious about including people, especially minors, in any internet video in particular without consent.

My final suggestion is to share the load. Put together a podcast team from among staff, board members, friends, etc. I think that will make it more likely that this will be an on-going library project than if one or a few overworked individuals try to add it to existing workloads. Small libraries may want to join together with others in their area/federation to create joint podcasts. You can share equipment, expenses and expertise.

Monday, December 22, 2008

Security Tip - F-Prot Antivirus

Hi. Long time no see. I just wanted to fill you in on a good product. F-prot Antivirus (http://www.f-prot.com/) is a very good and simple antivirus product I have been using for a few months now. I used to use it back in the early-mid 90s (ancient computer history) and I have recently run across it again. I'm glad I did. It is $5 per PC per year. It that price, I am able to run antivirus on all my public stations now.

I get the corporate edition which provides 10 licenses for $50. There are two installation options. First, you can install a version that will check the Internet to upgrade signature files. Or you can install a version that will check a local shared drive for the signature file. There are a set of fairly easy instructions to setup the shared folder and keep it populated with the current signature file.

I installed the Internet checking version on a server, created a shared folder on that server, arranged for F-prot to put the signature file in that folder, and then all the other stations have the "LAN update" version on them and they check that shared folder to upgrade their signature file.

The reason you would want to do this is so that you don't have every station downloading from the F-prot Internet site when an upgraded signature file becomes available. You would just have one station downloading the file and then sharing it with all its associates on the LAN. This makes for a more efficient use of your WAN connection.

I hope you're all staying nice and warm these days. I'll be back in touch next year.

Friday, October 31, 2008

Security Tip - Windows PE

Good job on the new look for your blog, Suzanne.

A couple weeks ago my sister-in-law brought me her PC that would no longer boot. These things get dumped on me from time to time with a request to recover all their documents, make it work, and tune it up so that it runs faster than it ever ran before. My sister-in law is a sweetheart, so I figured I would have a go at it.

I started by trying a variety of the boot options provided through the F8 boot menu. Mostly the boots just ended at the same blank screen, but one presented the BSOD, otherwise known as the Blue Screen of Death. The BSOD is an error screen that happens so frequently on MS operating systems that it has its own acronym. The error message on my sister-in-law’s machine suggested some sort of video problem.

So I’m figuring the PC is dead, I’m going to have to do a fresh install of Windows XP and maybe replace the video card, but I want to save whatever I can from the disk so she can get her documents back. So I pull out the Windows PE disk.

The windows PE disk is something I have just started using, but I can already see that it will be a common tool for a variety of tasks managing a Microsoft environment. Have a look at www.windowspe.com or just search “Windows PE” to find out more. It’s an operating system on a CD. You put it in your CD drive, you boot it, and you have a MS environment to work in. It’s just a command line, but there is a lot you can do with this. Here is what I did with this troublesome PC.

I intended just to copy the entire contents of the hard drive to an external drive. I booted Windows PE to the command prompt, plugged in the external drive, and copied the entire hard drive successfully to a folder on the external drive. I was then free to do a fresh install on the PC’s hard drive because I had captured all my sister-in-law’s documents.

But my sister-in-law has kids, and there is a general principle known to people who manage PCs that PCs don’t work for very long in households with kids in them. So I plugged the external drive into my own PC and ran a virus and spyware scan on the folder of files copied from the offending PC. I found a couple dozen hits. I then went back to my sister-in-law’s PC and, using Windows PE, manually deleted all the couple dozen files that my scanner had identified as malware on the external drive. When I booted her PC off the hard drive again, after deleting those couple dozen files, the PC booted just fine. I then updated her virus scanner, installed and ran the Spybot spyware scanner, and presto she has her PC back.

I have been doing some other things with the Windows PE disk as well. Most interesting is that the Windows PE disk has enabled me to stop using Ghost to image and deploy PCs. More on that later.

Tuesday, October 28, 2008

Why Twitter?

A couple of questions keep coming up during Web 2.0 sessions when I talk about Twitter:
  • How is this different from email and email lists?
  • How is this different from RSS feeds?
Email vs. Twitter

The first difference from email is that you're limited to 140 characters in a twitter posting. So, you'd better be able to make it brief. Even URLs are routinely shortened. The good thing is you don't have to wade through pages of prose to try to figure out if this is something you need to know. Some people attempt to get around this limitation by sending out tweet after tweet. But I think the preferred procedure if you want to wax eloquent is to do it in a blog post and just send a link via Twitter.

Another difference is that Twitter posts are ephemeral. They're usually gone after 48 hours. They don't clutter up your inbox. Of course the downside is that if there's something you're interested in pursuing further, you'd better bookmark it or else you're going to have a hard time tracking it down later. But I was able to track down by a graphic I'd liked but neglected to save by contacting the person who'd sent it out. Within an hour, I had it.

Finally, email contacts tend to be fairly limited. Even if you subscribe to wired-mt, there are a lot of people on the list you never hear from. And while there are ways to check, most of the time you don't even know who's out there reading the emails you send to a list. With Twitter you know who's following you and getting your tweets. You decide who to follow based on your interests. In many cases, whoever you follow will also choose to follow you. And vice versa. So you can end up with people on your Twitter network that you didn't know at all before you started following and being followed. You can make some useful contacts. And, once again, using the principles of social networking, you can make a lot more useful contacts by seeing who others in your network are following and following them too.

RSS vs. Twitter

I think the biggest difference between RSS and Twitter is that RSS is really just one way communication while Twitter can be more two-way. And those who really use it effectively set it up as a two-way communication tool.

Say you're in a library looking for new ways to promote your new acquisitions and/or activities. You have an RSS feed from your catalog of new acquisitions. You can use a tool like TwitterFeed to take the RSS feeds and make them into Twitter posts. You can do the same thing with RSS feeds from your library's blog. If nothing else, this can be a fairly easy way to reach additional potential library users. And you probably will get some followers especially if you promote your Twitter page. You can also set up two way communication by following your followers. If these are library users, you can find out about their interests. You can also get feedback to your RSS enabled posts or to any questions you may direct toward them.

Let me give a recent example of what I think is the great potential of Twitter. When I initially signed on, I started following a number of libraries to see how they were using Twitter. Some had accounts but weren't using it at all. Others tweeted about an occasional event at the library. I found one library would send out 20 or more tweets in a day each referring to a new book or DVD. I thought this was overkill and used this library as an example of how you might not want to use Twitter in a couple of recent Web 2.0 sessions. But I felt bad about using them as a negative example without telling them so. This library wasn't following me, nor could I find an email address on their website. So, I used Twitter. I was soon contacted by their branch manager. I learned how they were attempting to use Twitter. He was interested in the feedback. And I've made a new contact who's experimenting with a lot of interesting social networking applications in his library in Arizona. Might we have connected sometime without Twitter? Possibly, but this was definitely faster.

It really is all about making connections. And Twitter seems to be one of the more useful tools for doing that at this moment in time.

Tuesday, October 21, 2008

using delicious links in your web page

Do you have a Delicious account with all kinds of great links that you'd like to share with others via your website or blog?

Delicious provides several tools on their website to make this easy to do.
  1. Click on Help in the upper right hand corner
  2. Click on Bookmarking buttons and add-ons for your browser or website? under Need Tools?
  3. Select the tool you want and copy and paste the html code into your web page/blog editor. You'll need to use the Edit Html section.
  4. Warning - these rely on CSS (Cascading Style Sheets) to make them look pretty and aligned. What you have set in your blog or web page will probably override the CSS from Delicious. This can make it look really goofy. That's one of the reasons I changed the template for this blog.

    Following are examples of Linkrolls and Tagrolls and how they'll look integrated into a blog.
Linkrolls will provide access to some of your recent bookmark additions:



Tagrolls put your tags into a tag cloud. The larger tags are used more frequently:



You can play around with some of the settings to customize for your website.

Wednesday, October 8, 2008

Do You Trust Your Tech?

I ran across an interesting article last month. A survey was recently conducted in which IT workers were asked whether they use "their IT privileges to gain access to employees' confidential data". One in three admitted to doing so. Have a look at
http://windowsitpro.com/article/articleid/99515/do-you-snoop.html for a little more detail. If a third of them are admitting to it you would think the number actually doing it would be somewhat higher.

It is hard to provide a tech solution for privacy from your system administrator. It can be done but it is a lot easier and cheaper just to trust your tech. It is what we do at my employer and my clients. All these places do have personnel records, for example, and I should not have access to them, but I do. I don't even need to be in the building to see any of it, as long as it is an electronic file.

But look at it from the tech's side. If for some reason the trust fades, then the tech is automatically a suspect simply because he has had access to the confidential information. So it is not a very good situation for the tech either. I don't anticipate providing any good solution to this though anytime soon.

Sorry there is not much of a tip here but I thought you would enjoy hearing about the high moral standards of the average tech these days. Truth be told, I suspect this would be accurate for the population at large, if they had similar access to your information.

Note to my own employer and clients: My lips are sealed.

Thursday, September 18, 2008

Security Tip - Renaming Tools

Some malware is smart enough to recognize its enemies. I ran across one of these this week cleaning up an infected PC. The PC had a recent version of the Spybot anti-spyware tool (www.safer-networking.org/en/index.html) on it so I started that up to run a scan. Nothing happened. I tried again but still nothing.

So then I downloaded Autoruns from Sysinternals (technet.microsoft.com/en-us/sysinternals/default.aspx). I started that up and again nothing happened. So what can you do when you can't even open your tools to try to get rid of some malware?

In this case, I renamed my tool and ran it under the new name and it worked. The executable at the core of the Spybot version I was using is a file called "spybotSD.exe". I renamed it to some arbitrarily chosen name. I called it "bobo.exe". Then when I double-clicked on that file I just renamed, it opened the Spybot program. I ran my scan. It found the malware and removed it.

So if it seems like one of your scanning tools isn't working, this is one thing to try. Be careful out there.

Monday, September 8, 2008

World Community Grid

The World Community Grid (www.worldcommunitygrid.org/) uses your computer to help solve problems we are all interested in solving, for example cancer and AIDS. Have a look at their site to find out more about the problems they work on, or go to YouTube and search on "World Community Grid". The idea is simple. They mean to use the leftover processing power of your PC to cure cancer.

I first heard about it a couple months ago and I have been running this software on some of my public stations, and my own, as a test. Though I suspect a number of you are already familiar with this application, I thought I would share my experience with and plans for this software.

I have been running this software on a half dozen stations for about the past month. I have noticed no response degredation at any time on any machine because of this software. It certainly does use resources but it is efficient about keeping its use to a minimum and not getting in your way.

One of the installation options is to run it as a service. This is what I use. This means it runs in the background. I use no screensaver or graphics so there is no indication there is anything going on in the background. Whenever the PC is on, this computer is working on one of these problems.

I am installing this on my public stations. I have been using it on OPACs so far. OPACs spend most of the minutes in a day just sitting there waiting for a person to use it. Now they are put in service for the good when someone isn't using them. I am just getting ready to install it on our surfing stations too.

Once this is fully in place we will provide a little promotional packet telling our our patrons what we are doing with these PCs and show them how they could put their home PC to similarly good use as well.

Tuesday, September 2, 2008

Security Tip - Hosts File Security Filtering

Here is another option for DNS filtering. As Suzanne described, OpenDNS is a great way to provide content filtering. But here at MPL, we simply won’t do any content filtering at all. On the other hand, as the guy who has to keep all things tech working, I am very interested in filtering access to sites that can do us harm. So I would like to filter not content, but malware.

Let me digress into techspeak for a moment. DNS is all about translating human language to computer language. You want to type blahblah.com but your computer needs to know it is 55.555.55.55. This translation can occur at a variety of places, for example at a DNS server at your ISP or the OpenDNS server. But before your computer checks some other machine, it will check its own records to see if it has the translation stored from a previous visit to the site. You can manipulate these records yourself. So if you know you want to never access the site malware.com, you can lie to your PC and tell it malware.com is found at 127.0.0.1. That IP is a dummy IP address. So when your computer checks its records as it tries to get to malware.com, it gets lied to and it can’t get there. End techspeak section.

But there are thousands of bad sites that you would potentially block for security reasons. Wouldn’t it somewhat time consuming finding those sites and changing all your records? It would. So have somebody else do it for you. That is what they do at www.mvps.org/winhelp2002/hosts.htm. The ‘records’ I refer to above are kept in a file called “Hosts” deep in your file system. This site creates a custom Hosts file with thousands of entries. It is up to you to download it and put it in the right place on your PC. I won’t tell you how to do that because there are instructions at the site. You have to be at least a little tech savvy to do it though.

I have automated the process of disseminating the current hosts file to all my PCs by using logon scripts. I still have a couple glitches but I almost have it right. If you are running a server in your environment and you would like the description of how I have automated it, drop me a line at jims@missoula.lib.mt.us and I’ll send you the description when I get it right. Or, if enough of you drop me a line, I’ll just post the description here at Montana Bibliotechies (http://mtbibliotechie.blogspot.com/). Thanks y’all.

Addendum: The IP address 127.0.0.1 is not really a dummy address. It has a definite meaning. It means the present PC, regardless which PC that is. It’s called the “Home” PC. That is why you see those bumper stickers on geek cars that say “There is no place like 127.0.0.1”.

Tuesday, August 26, 2008

Security Tip - XP Antivirus 2008 - BAD!!

XP Antivirus 2008 is NOT the latest antivirus tool we should all be using. It is malware. It’s starting to get a fair bit of traction too. If you get infected, you will find extremely annoying fear-mongering popups urging you to purchase the product. Here is a description from an infected user:
"Last week a pop-up appeared that landed on my icon line.... xpantivirus2008. Thinking that it was another security alert from windows, I clicked on it. It proceeded to "scan" my hard drive and inform me that I had 90+ security "issues" that needed to be addressed..... while the scan was underway, a windows msg appeared saying that it did not recognize the program source. I found that odd... but, as a result, did not buy the xpantivirus2008 program. Now, one week later, I am constamtly being asssaulted by never-ending pop-ups, regisdtry scans, bubbles, etc. I followed a suggested uninstall (though I never installed the program) plus all of the usual ateps in detecting and removal of unwanted programs... but, although I removed everything that I was able to find via search commands, and using the process recommended by TomT (using regedit, hkey current user, msconfig, and unchecking "xpa" at the startup file, the program continues to reappear, pop-up every 2 minutes and at every start up.... Although I finally succeeded, attempting to delete xpantivirus.exe would not allow me to delete saying that it was being used by another user or runniong in another program which, obviously, it was not.... Even with all of it apparently gone, it still reappears and performs its maddening process. Even a file search at this point does not detect xpantivirus.... HELP!!!!!"

One of my library clients recently found this on one of their staff PCs. The popup window cannot be moved, minimized, or closed, and you can't see anything behind it of course. Luckily, Spybot 1.52 (http://www.safer-networking.org/en/download/) found and removed it. More recent versions of Spybot would probably also remove it. Trend Micro antivirus did not find it. This PC had a couple other infections on it as well. That PC was setup a few years ago and we have had no trouble with it until this. What had changed? Not the antivirus on it. Not the applications on it. Not the firewall for the library. The only thing that changed is one user’s lack of restraint. User restraint is one of your best protections.

My spam filter blocked a message that is probably the infecting source. The message is shown below. I have removed all the hyperlinks from the text. The first line is linked to an IP address in Moldova (That’s a country in eastern Europe) with an executable called Install.exe. It looks like this: http://555.555.555.555/install.exe. I have changed the actual numbers in the IP address. That line then is asking you to install software from a site that it will not even identify in English (or any other human language). There are also three links at the bottom: Unsubscribe, More Newsletters, and Privacy. They all link to msn.com which would seem to lend an air of authenticity. This email is a good example of what you should never ever do, should you run across something like this.
_________________________________________________________
Free Update Windows XP,Vista
About this mailing: You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.©2008 Microsoft Unsubscribe More Newsletters PrivacyMicrosoft Corporation, One Microsoft Way, Redmond, WA 98052
________________________________________________________

Moral: Use spam filters. Use Spybot. Keep it updated. Exercise restraint. Be paranoid about links presented to you in email. Have a nice day.

Wednesday, August 20, 2008

OpenDNS filtering

Jim mentioned OpenDNS as a possible fix for the DNS vulnerability.

I've been using OpenDNS for the past several months on my laptop, but not just as an alternate domain name server but to test its filtering capabilities. Yes, OpenDNS also offers free internet filtering. Once you set up an account, you can go into Dashboard - Settings and either go with one of their pre-selected filtering levels or customize your own.I was running a fairly restrictive version for quite a while and only had it block two sites - South Park and blip.tv - both as adult themed sites. The description provided by OpenDNS warns you to only choose Adult Themes if you want to be very restrictive on your network.

One nice feature is that you get a customizable block page that tells you why the site was blocked. You can give patrons information about how to get the site unblocked. This is an important feature for 1st amendment considerations.Yesterday, I thought that as long as I was changing DNS settings for my new ISP, I might as well set my router to OpenDNS and see how the filtering works on a network. I discovered that it filters every device on my wireless network including my iPod Touch. So, how do you turn it off? You go into your dashboard and remove whatever restrictions you choose. It's pretty easy to turn on and off but because the filtering takes place at remote servers, it takes a few minutes to deactivate and reactivate the filtering. In the meantime, your entire network is unfiltered. If you're interested only in complying with CIPA for public library E-Rate purposes, and want to avoid potential problems, I'd suggest being very selective in what you choose to filter, particularly for adult patrons.

We'll be talking about this more at the E-Rate session at Fall Workshop.

Saturday, August 16, 2008

Security Tip - Recent DNS Vulnerability

A new DNS vulnerability was recently discovered and information about it was released to the public last month. You may have heard about it in various tech-related news stories. Google "kaminsky dns vulnerability" for more info. A lot of the coverage and commentary is about how the information was released but that is not what I am interested in here.
DNS is what translates English into IP. When you type www.ups.com, some DNS server somewhere translates that to 96.6.81.243, which is what your computer needs to know to get you the UPS site so you can send a package. If you have ever configured a computer to use the Internet you know that one of the blanks you have to fill in is for the DNS server. You usually get that information from your ISP. It is usually the DNS server your ISP maintains for all of their clients.
It is pretty important that the DNS server you use has been patched to be resistant to this particular flaw. How do you know if the DNS server you use has been patched? That's what I want to tell you today.
Point your browser to www.dnsstuff.com. In the "DNS Vulnerability" box, click on "TEST NOW". Wait for it to process. If all the results come back "good" or "great" then you have an ISP that has taken care of this problem on their DNS server. If your result is less, such as "fair" or "poor", then call your ISP, tell them about your results, and request they patch their DNS server.
If they don't fix it, use a different DNS server. Have a look at opendns.com for more info.

Friday, August 15, 2008

internet speed test ranks montana 49th

The organization Speed Matters just issued its 2008 report on internet speeds in the US. You can download the entire report, a state ranking table and/or reports on individual states.

Montana's results were as follows for 2008:
Number of tests - 497
Median download speed - 1,320 kbps (1.32 Mbps)
Median upload speed - 378 kbps
Download speed ranking - 49

While this is not exactly a scientific study, individuals go to the website to test their speeds similarly to DSL Reports. It's just that these results are collected. And I think they are interesting nonetheless. But I probably wouldn't give them a whole lot of credence particularly when broken down by county. I couldn't help but notice that Custer county was awfully red - 6 Mbps +. It could have been only one person with high bandwidth testing per zip code. Why not add your library's data to the mix, especially if you're in one of the blank areas. Use this box to test your speed:



I did want to bring greater attention to this report because it supports my assertion in a posting to the E-Rate blog that we really do need to be working on increasing bandwidth for our public libraries. 1.32 Mbps just does not cut it in a video/audio downloading/streaming world!

Thursday, August 7, 2008

check your dsl/cable speed

I ran across the site DSLReports.com a couple of years back. It's handy to go in occasionally and run a free speed test to see what kind of bandwidth you're getting. I recently upgraded my home account to 7 MB and wanted to see if Qwest had made the upgrade yet - today was supposed to the day. So, I ran the Flash test and got the following results:



Apparently, the upgrade has not yet taken place...

Friday, August 1, 2008

linux for library pcs

In May, I took an old IBM laptop that was destined for surplus and loaded Ubuntu on it to test the usability of Linux OS for library use. This has become the laptop I take with me on road trips. I want to see how it works and I figure it's less desirable for thieves and hackers.

I downloaded a recent stable version of Ubuntu onto my current laptop, burned it onto a CD and loaded it onto the IBM, reformatting the hard drive. This does erase everything you've got on the computer so be sure and backup or move contents before you do this. I have to say that the initial install didn't work. I was given several options, took my best guess and apparently chose the wrong one. So when I tried to boot the new OS, I was met with an error message. Linux doesn't come with instructions. Instead you have user forums. The forum solution for my problem had command line instructions. I chose to reinstall instead, this time making a different choice for how to format the hard drive. The second install was successful. But my initial thoughts were that this may not be for the faint hearted.

Once I've had a chance to work with it, I've discovered some pros and cons.

Pros:
  • Switching to Linux and open source can potentially extend the life of some old computers. The Ubuntu Operating System came with other open source programs including Open Office. The whole thing was only about 800 MB in size. It doesn't require as much hard drive space, memory or processor power as Windows, particularly Windows Vista.
  • You can do most common computer tasks easily using open source software:
    - Surf the internet with Firefox - wifi connections are easy to set up
    - Do office tasks with Open Office - word processing, spreadsheets, presentations
    - Listen to music, download podcasts
    - Upload and edit photos from your digital camera
    - Work on graphics
    - Watch YouTube videos
    - Open and read PDF files
    - Play DVDs and CDs
  • It's pretty easy to pdate current and download new open source programs. I made this much harder than it had to be until I found out where to go within the system to find more program options.
  • It's pretty secure. Most spyware and viruses are designed to go after Windows systems. Firefox vulnerabilities have been exploited so open source is certainly not invulnerable. But they seem to come up with fixes fairly quickly.
In short,my Ubuntu has performed admirably. Right off the bat, it got called into service at the May Montana Shared Catalog meeting when Sarah's Dell couldn't get onto the hotel's wi-fi connection. My Ubuntu laptop located and got onto the hotel's wi-fi easily. It also displayed web pages, word.docs and excel files (with one exception that will show up in the cons) from the internet, and ran PowerPoint presentations off a USB drive. Few knew they weren't looking at a Windows computer.

Cons:
  • If there are specific programs you have to have on your computer because of patron demand, you want to make sure these programs have Linux versions. Some don't - iTunes and Windows Media Player are good examples. There are open source music players and podcatchers but if patrons use library computers to purchase and download music or video from iTunes or stores that use WMA copy protection, they probably won't be able to access these via open source programs. I haven't spent a lot of time researching this, but I don't think you could use a Linux computer as an OverDrive download station for the above reasons.
  • It doesn't work well with all Microsoft "features." During the MSC demos, the open office spreadsheet program would not open an excel spreadsheet using macros. This isn't a bad thing for security sake, but if you're doing very sophisticated spreadsheet or database work, you'll probably want to stick with the software you're currently using. Neither could Open Office cope with a PowerPoint 2007 presentation at a Parmly program I attended. A Windows computer running PowerPoint 2003 can't open a 2007 file either, but it will give you an option to download a viewer. Open Office can't do anything with them. But being open source, someone might be working on or have even come up with a fix for this problem already.
  • If there's something that's a bit buggy or you really don't like, you're pretty much stuck with it until someone in the community decides to fix it. That is, if you're a regular library user. If you have programming skills, you can get into the open source code and make changes yourself. But if coding's not your strong point, you may feel frustrated if you don't like a current version. And you don't really know when new versions are coming out unless you read the updates.
  • Most open source software does not come with tutorials or much help. If you have users who are already comfortable using browsers or office software, they can probably figure out the open source versions fairly easily. But if you're getting started with graphics design, moving right into Gimp can be a bit daunting. Not that PhotoShop isn't daunting as well, but there is a lot more help available to learn the program.
It's still a Windows world so I think that most libraries will want to have at least a few Windows PCs available. It's what people expect. But putting Linux on some of your older PCs may be a good way to help keep those computers usable and help meet demand for a bit longer. Open source is getting more user friendly all the time. I think that most library staff with a good computer comfort level could use and update it pretty easily. There are also vendors like Userful that will take care of it all for you for a fee. My advice is to give it a try. What have you got to lose? Besides your sanity and for me, that's probably pretty much gone already.

I'd love to hear what others have to say about open source in their libraries.

Monday, July 28, 2008

gadget du jour

While this is technically an MP3 player, I think it deserves a post of its own. I've had my iPod Touch since October of last year but I've recently become enraptured by it. The big difference is the 2.0 update. I got a little whiny initially about having to update iTunes and pay for another update but this one is so worth it. The Touch now has a number of new apps available for it that really add to its usefulness in a wi-fi environment. A few of the ones I've added are: Twitterrific, Facebook, NYTimes and Pandora Radio. I found it pretty easy to get into Twitterrific in hotels and libraries and send off quick updates. Very cool!

Another feature I'm trying out is Apple's new MobileMe. This purports to allow you to sync email, calendars and bookmarks between PCs, Macs and iPod Touches and iPhones. I just set it up yesterday so I can't really offer a solid review at this point. I've noticed two things right away - one positive and one negative. The positive is that I've been able to set up a number of email accounts on my Touch. So, it will be much easier to check email when I'm traveling. I just click on Mail, choose the account and my messages are right there. And I can type quick replies. But the touch keyboard continues to make me a bit crazy. It will also open up Word docs for viewing.

The negative is that when I first synced my Touch, it erased everything on my calendar. But I'll have to play around a bit more to see if it comes back when Outlook starts syncing with iCal. When did life become so complicated that I've had 3 calendars now 4 to worry about keeping in sync? But if this works, I love the idea of being able to keep web calendars and calendars and contacts on various devices in sync.

I'll keep you posted on whether or not this works. MobileMe does have an annual fee. I get 60 days free as a new iMac owner. Hopefully, by then I'll be able to figure out if it's worth continuing.

And, I was please to see iPods now listed as being compatible with OverDrive at least for MP3 formatted books.

mp3 players revisited

As we get closer to implementation of the downloadable audio content project, I expect there will be more questions about what MP3 players to recommend. As I've covered some of the issues to be considered in previous presentations and blog postings, I have no intention of going over all that again. Instead I'll provide some updates and links to already available information:
The above links are just my advice and you can feel free to take it or leave it. I hesitate to see libraries invest heavily in just one type of MP3 player, especially before library staff have had a chance to test them out. I'd suggest purchasing a couple of different players. Try them out and/or have patrons try them out and see which ones you like best before committing to just one brand and model.

That said, if I had to choose one make and model to recommend for patron purchase, it would probably be the Creative Zen V (or Zen V Plus). They're essentially the same except for more features in the Plus model. Do note that this is a different model from other Creative Zen players. What sets this one apart in my opinion is bookmarking capabilities. These are available from many different sources. One source I'd look at, particularly for library test models is the Creative labs savings center for refurbished players. You can get a refurbished Zen V 1GB player for $29.99 as of 7/28/08. So, try a couple of different models. Just make sure they're on Overdrive's list of compatible devices.

A relatively new player that I think is worth a look is the the SanDisk Sansa Clip. It's comparable in size to the Creative Zen Stone but gets better reviews. I picked one up from Costco not too long ago and have been pleased with it's features. It does hold the place in an audiobook when you turn it off.

And I do have a couple of the cheaper replaceable battery-powered models available if you'd like to try them out for yourself. Just let me know and I can drop one in the mail.

Monday, July 14, 2008

Hacking Service Economy

I’m currently enrolled in a distance learning Windows security class. There is a lot of useful information about how to manage and protect Windows systems. But they also throw in some interesting descriptions of the current state of the environment we need to protect ourselves against.

In just the past year the hacking service economy has been made available and is quite popular. The Russian mafia seems to be very entrepreneurial in this area. Let’s say your ex-spouse runs a website and you’re thinking its payback time. You contact the right person electronically and arrange to rent a botnet. You pay via Paypal. You get access to 4000 PCs that will do your bidding. You are given access to a website that gives you a control panel to manage these 4000 PCs. You make your selections that will cause these 4000 PCs to swamp your ex-spouse’s website with garbage information, which basically shuts it down. Your ex loses their job, and life is good.

This new kind of service is so popular that it is sure to be offered by other “vendors”. Have a look at this site from Harvard Business Publishing (conversationstarter.hbsp.com/2008/02/the_cybercrime_service_economy.html).

This is what is happening on the other side when your PC gets infected. You may become one of those 4000 PCs in that botnet. So keep your Windows updates current, run antivirus and antispyware, be very suspicious about clicking on unknown links and unsolicited email. As usual this note can also be found at the Montana Bibliotechies Blog (mtbibliotechie.blogspot.com).
Thanks.

Friday, June 27, 2008

Web-based screen reader for vision-impaired users.

For those of you interested in making provisions for patrons with vision problems, this is really slick. The University of Washington has developed a web-based screen reading program that works from any internet connected computer, without needing to install any software or obtain permissions. And it’s free, which is just the right price for all of us. It's worth promoting to patrons who need this type of assistance. It's in alpha release, so it will undoubtedly be tweaked, but it's worth testing.

Find out more and see a video demo at: http://uwnews.org/article.asp?articleID=42563

Thursday, June 12, 2008

Are You A Spammer?

A number of folks had indicated they would appreciate a tip or two to help them determine whether they spam or not. So here I go.

Caveat 1: There is no button you can click that will tell you yes or no about this. What I will describe here will be a series of techniques to help you get clues to answer this question.

Historical preface: During my past 5 years as an MPL employee, I have had to deal with two infections. Both were during the past year. I think this means the bad guys are winning. It could be that I’m just getting more stupid. Folks here suggest as much occasionally.

One infection was only on a single user notebook. The user was looking at their email, knew they should not click on a link presented in an unsolicited email, but they did anyway. A Trojan was downloaded and that user’s notebook became a zombie, which is a PC that does what some remote site tells it to do. It was told to spam. It did and that user’s mailbox was full of “Undeliverable” messages.

The other infection was on my mail server which I have recently described in previous posts. That issue seems to be resolved but it did get worse before it got better.

For both of these issues, the antivirus software initially failed to discern the infection. These were both popular vendors, Symantec on one and Trend Micro on the other. Both were installed so that they were running in the background whenever the PC or server was on. Both had the latest signature files. Both initially failed to catch the infection when a manual scan was run. Do you wonder why you spend so much on antivirus software? I do.

In the first case, I used a nifty product called Autoruns (http://www.sysinternals.com/) to find the offending executable. I then googled the name of the file and found out that, at that point, only one AV company (Pharos) had identified a signature for the Trojan. I then downloaded a trial of their AV software and the Trojan was found and removed.

I have already described what I went through with my mail server but the bottom line is that I probably had the infection for at least a couple weeks before my AV vendor provided a signature file that identified it. So finally a manual scan did turn up an infection.

In both these cases the first symptom was that a users’ mailbox was filling up with garbage. See example below. I can’t tell you how much I wanted to open up the Mexican Wrestling Squirrels message. Alas, it remains a mystery.


Hundreds of these messages would arrive in a short period of time. So it wasn’t hard to think that we had a problem. It was more like a slap in the face.

So technique # 1: If you get a lot of messages with “Undeliverable” in the subject line, you may be a spammer. This will not be hard to discern. It may be hard to clean up the mess though.

#2 Ask your ISP. One of the indicators I had was a friendly call from my ISP saying they had noticed somewhat elevated outgoing traffic on port 25, which means sending a lot of mail out. Your ISP may be so small that they don’t watch things so closely or so large that they don’t care to bother with you.

#3 Check to see if you have gotten yourself on a spammer blocklist. First go to http://www.whatismyip.com/ to see what your outside IP address is. Then go to cbl.abuseat.org and use the IP address lookup to see if you are listed Composite Block List or CBL. Some email vendors filter incoming email traffic based on a block list like this.

#4 Make sure your antivirus program and antispyware programs have the latest signatures and run full scans. When the response comes back clean, still be suspicious.

#5 Run the Autoruns utility mentioned above. This is a great tool but I think a person needs quite a bit of experience at working with Windows under the hood to be able to use it effectively.

That’s all. Excuse my droning. I will make the next post short and possibly sweet.

Thursday, May 22, 2008

kindle review

I've had my Kindle for about a month now. And I had a chance to try out its wireless features during a recent trip to Chicago. So, I feel ready to to post a fairly serious review.

I think it's fine for reading. The contrast is good. It's not backlit so you do need to find a light source. And I have noticed some reflection from the screen.

The size is reasonable - about the same as a quality paperback, smaller and lighter than a hardcover.

The navigation - next page, previous page is adequate. The main next page button is on the right. I get ahead of myself sometimes and hit next page before I'm ready. Then I fumble for a moment to get back to the previous page. It's on the left but so is another smaller previous page button. I find the other higher level navigation somewhat clunky. That might be a result of the fact that I don't read directions. But it seems to take several tries to get to the top level navigation.

It works like a charm with audiobooks from Audible. Unfortunately, it won't work as of yet with Overdrive or Netlibrary. But for Audible purchases, the navigation is good and you can listen via a small speaker or headphones. You can also add your own MP3s. But this is apparently intended as background music. You can play MP3s but I haven't been able to figure out how to select an individual track. It seems you just listen to them one after the other.

I LOVE the wireless features. They're what really makes this device work. So, it's a pity that Amazon chose not to make that available to anyone in Montana or Alaska as well as wide swaths of other rural states. I don't know what browser Kindle uses. It's found under Experimental, if that's any indication. I understand it uses a Linux OS. It works fine for largely text-based sites like news sites. I loved being able to scan the headlines on BBC's site. I was also thrilled to be able to use it to (in theory) locate and map restaurants while on the el in Chicago. I say in theory because while I found the restaurant listing, kindle froze before I could map the location. You'd think a techno-geek like me would know never to put faith in technology, especially new untested technology. I had to reset it. Since I often don't have a paper clip on me at such moments, I had to wait to reset it until I got back to the hotel and could do the always popular earring reset. Not something to attempt on a subway for a lot of reasons. Also, due to the browser quirks and limitations I couldn't get into my IMT or mtlib.org emails, but it worked okay with gmail. It also worked with Twitter, but Twitter's so glitchy, I wouldn't use that as a standard.

It's probably a good thing that I can't use the wireless. If I could I'd probably be buying far too much from Amazon. I bought 4 books in the 2+ days I was in Chicago. And I would certainly be subscribing to at least one daily newspaper. It's ridiculously easy to shop the Amazon kindle store and click buy and have your purchase downloaded to you within minutes. For a biblioholic like me, I could really go bonkers. It works okay with computer downloads but it lacks that immediate gratification. I talked about the rather clunky purchase and loading previously. It's workable but makes me less susceptible to that tendency to buy on impulse. I have a feeling that they still would have made money off me had they to pay for roaming for wireless access.

The built in memory is pretty limited in this day and age of terabyte drives. But it's amazing how many print books/magazines you could carry with the 185 MB. I discovered fairly quickly that was not going to go very far with audiobooks, however. So, I bought a 2 GB memory stick and installed it. That helped.

Without the wireless, I really couldn't recommend this for purchase for anyone but the highly geeky must-have-the-latest-gadget type (like yours truly), and/or for those who travel quite a bit outside of the rural west. And I've been pondering it's potential usefulness for libraries. The $399 price tag means it would hurt if it were loaned out and lost or damaged. But possibly more of a concern would be the easy purchase features in most of the country. So, you check it out to a patron who decides that he wants the entire Stephen King collection and clicks buy to charge it to the library account. I'm sure this instant purchase feature could be turned off, at least I hope it could. But it's certainly not in Amazon's interest to do so.

In short, I do like it. I enjoy being able to carry a bunch of books, magazines, audiobooks and music all in one pretty compact package. It's gotten me to subscribe to several magazines again. I stopped because I couldn't keep up with reading, particularly weeklies. I don't feel so bad when the evidence of my backlog is strictly digital. And it's a great conversation starter. Some of my state E-rate colleagues were very intrigued. It also started a great conversation about YA books with the woman sitting next to me on the Chicago-Denver flight. But I'm going to continue to complain about the lack of wireless availability.

Tuesday, May 13, 2008

I, Spammer

OK, so everything I said in my last post (Fight SPAM with reCaptcha) is true. It's just not applicable to my present situation. Here is the latest on my SPAM epic.

We get very little SPAM in our accounts here at MPL. So we really noticed it when it started coming in during the middle of April. Like I said, we have three layers of protection, so I didn't think it was our mail server. I ran some anti-virus and anti-spyware scans on the mail server and some of the affected PCs, which indicated nothing to worry about. It would go away soon.

Well, it hasn't gone away and it's getting old so I felt I needed to look into it a little more. The final kick in the butt for me was when my ISP called last week to say that they are seeing somewhat elevated port 25 traffic coming from our site. That is mail traffic. It was confirmation that we are the problem. We had become a spammer.

Since all our traffic comes out from behind a single public IP address, the ISP could only say it was coming from the library, but not where inside the library. That's my job. Suspecting that someone has infected their PC by doing something inappropriate, I block outgoing email from everything except the mail server. Still SPAM goes out. So I know the problem is with the server itself.

Finally, yesterday I decide to run another virus scan. Bingo! It turns up something called "Troj_Dloader.amt. The scanner removed the trojan and I haven't seen any "undeliverable" messages since. The Anti-virus vendor, Trend Micro, first identified this trojan on May 6. It had a solution to remove it on May 8. I ran a manual scan on the mail server on May 13 which found it.

There are a few interesting points here.


  • I don't yet know how this server got infected, but I work pretty hard to make my servers resistant to this sort of thing. If I find out, I'll let you know.

  • My AV program is always running on my server. I would have thought it should have recognized the infection, even though the infection was there first, once it downloaded the signature file that recognized the problem. But it didn't. It didn't catch it until I ran a manual scan.

  • We have been infected for about a month now. Yet the SPAM volume was never so high as to cause my ISP to shut me down, or the mail server to slow down substantially, or to make humans so annoyed that I had to immediately find and fix the problem to keep them from cutting my throat. The bad guys are now less concerned about making a big splash by rendering unusable thousands of PCs and more about making money. So the parasites are smart enough to keep the host alive and functioning. They are trying to stay under the radar.
  • That said, I wonder how many of you are spammers too. The trojan I had doesn't necessarily require an existing in-house mail server to work, so you could have just one PC and still be sending someone's SPAM out. How can you tell for sure? That's a good question. For many of us we only find out when the PC doesn't work anymore or the ISP shuts us down.

If you are interested in knowing a few tricks to help determine whether you are a spammer or not, drop me a line saying so and I'll show some ideas in a future post.



Tuesday, April 29, 2008

Fight SPAM with reCaptcha

We’re having trouble with SPAM here at the Missoula Public Library. Four times in the past week, on four different accounts, the user gets a lot of SPAM. This will last for hours. Then it stops.

Our accounts generally get a few to a few dozen SPAM emails over the course of a day. But these episodes will bring in hundreds of messages over a period of minutes to hours. So it is a pretty noticeable effect when it happens.

We have three layers of SPAM and virus protection at MPL. You may think that Jim wears suspenders, a belt, and hangs on to his pants as well, and maybe I do sometimes, but layered protection is one of the main tenets of computer security. We have a layer of protection at our ISP, there is a layer at our perimeter (the router), and another at our mail server. Still we see this SPAM.

We are in a period that is seeing a lot of new exploits being tried out. Have a look at http://isc.sans.org/diary.html?storyid=4343 for an interesting analysis of one’s person’s SPAM.

We’re not actually getting so much SPAM itself as the failed detritus of attempted mailings. We are getting a lot of “Undeliverable” messages. It works like this. This spammer has a list of millions of email addresses. Some of them are valid, some are not. He sends a mortgage refinancing email to all the millions of addresses. He is careful to set the sender address of all these emails to some valid address, because email servers are getting clever enough to verify that the return address must be valid or they won’t accept the email.

So what valid sender email address does he put in the SPAM he sends out. In some of them he is putting our main library contact address. So when the SPAM gets to an email server and the server says there is no such user at that address, the mail server automatically sends out an “undeliverable” message. And that comes back to us here at MPL.

How do they get our email addresses? There are robots that roam websites looking for email addresses and collecting them. Have you looked at our website lately? We have email addresses all over it; contact addresses, staff addresses, board members, etc. That’s only one way these robots collect addresses. They also get them from listservs, signatures, and more.

Contrary to my inclination, we have had addresses on our website for a long time, but now we have a good alternative. Ben Miller is our webmaster and a bright color in the box here at MPL. He is in the process of doing good in the world and protecting our email addresses at the same time. Before you can see one of our email addresses you have to identify a word. The words that are presented are part of a digitization project.

Take a look at recaptcha.net and think about what you can do to protect your addresses and help digitize hard to read texts. See how it is working for us by going to http://www.missoulapubliclibrary.org/contact.htm. Try clicking on “Ben Miller” to see how the process works.

Monday, April 28, 2008

initial thoughts on kindle

Okay, so I broke down and bought a Kindle. The deciding factors proved to be that they had finally caught up to demand so I could have it in hand within a week of ordering, and I'm starting my spring/summer travels so I would actually be in locales where I could try out the wireless capabilities.

I like the fact that I could pretty much figure out how to use it right out of the box. I'm one of those people who never reads instructions. As one of my tech gurus put it, having to resort to reading instructions amounts to a product design flaw.

Ordering and transferring books and periodicals is a bit clunky without the wireless function. You have to
  1. get on your computer
  2. go to Amazon's internet site
  3. find the item
  4. purchase it
  5. open up the Amazon library
  6. download the item to your computer
  7. open up Windows Explorer
  8. attach your Kindle to your computer via USB port
  9. copy and paste to your Kindle document folder
The location of the document folder turns out to be a key factor. Not having read the instructions, I got as far as copying to the Kindle but couldn't figure out why it couldn't find my book. Instructions and/or Amazon support staff are very helpful.

I also had some problems with a couple of Kindle periodicals I subscribed to. Their status was listed as pending for two days. I contacted Amazon's support staff and they "reactivated" the subscriptions. Once they were active, I could download and transfer using the steps above. While it seems workable for books and monthly, or possibly even weekly periodicals, I don't think I'm going to be subscribing to any newspapers in the near future.

One of the interesting pluses I've discovered is that the Kindle works with Audible.com audiobooks. I already had a couple on my computer so I was able to copy one to my Kindle using Windows media player. One of the downsides of the Kindle is that it only has 185 MB of available memory built in. While this is probably quite adequate for book reading (I was surprised to find that the first book I ordered was only 227K in size), it's going to fill up quickly if you want to listen to audiobooks and/or MP3s on it. But you can add a memory card which will be one of my next purchases. Anyway, I did load one 16 hour audiobook on it, at a Audible 3 quality level. The Kindle has a small speaker and a headphone jack. The audiobook controls on the Kindle are really nice. But then this is a very expensive audiobook reader! Still it's a nice feature. It does not, however, work with Overdrive.

It comes with a dictionary so you can look up words while you're reading. You can also add notes and clip and bookmark sections. There are also a number of wireless features that I have yet to try out, including wireless access to the Kindle store. I suspect that the absence of that feature will save me money in the long run. I also still have to try out converting and transferring other documents.

I'd rate the readability and usability right out of the box as good. I like the fact that you can easily increase or decrease text size. This becomes increasingly important to aging eyes. I brought my Kindle along to Walker's last night and passed it around to a table of friends. They were all fairly tech savvy and picked up how to navigate and use it pretty quickly. It was readable even in jazz night lighting. One appeal is the green aspect of fewer magazines and newspapers in land fills. They were impressed but thought it too pricey at $399. They might be interested at about half that price.

Overall, I'm pleased with the Kindle thus far. I wouldn't recommend it for purchase in Montana until wireless is available in the state. That seems to be what really makes it work. For those of us outside Sprint's wireless network, it's like we're being sold a car without wheels. Yeah, it's all great but it doesn't go anywhere. For the foreseeable future, it will always be slightly broken. Nor do I have any immediate notion of how or whether Kindle will be useful in libraries. IMO, it's too expensive to purchase and check out. And it remains to be seen what this access vs. ownership model of books will mean for libraries. But one could argue that we've already moved in this direction for periodicals. And it is another significant move toward instant electronic availability at a time when Montana libraries are still struggling with how to move large quantities of books across the state. Sometimes it seems like I'm caught living simultaneously in two different eras.

Friday, April 18, 2008

twitter and pownce

I finally gave in and signed up with Twitter. I have to say up front that I've had some mixed feelings about it. There is something at least slightly creepy about signing up to follow and be followed. I can't help but translate into stalking or being stalked.

But Steve McCann convinced me that I really do need to know about this. So, I'm stalking him.

For those of you who are unfamiliar with Twitter, you send brief updates periodically via the web, IM or text message. Those updates are posted on your Twitter site and go to those who are following you. In return, you get updates on your site from everyone you're following. If you want to see what it looks like, you can check out my Twitter page. Note the somewhat scary and crazed-looking South Park avatar in the background. This should make any potential for real stalkers think twice.

I'm still not sure about how libraries can make use of this. Certainly you could use it to keep patrons informed about upcoming library events and/or new books. There are also ways for blog updates to show up on Twitter. In the meantime, I'm looking for some good library examples. So, if you know of any, send them my way. And I'm trying to avoid those that give me TOO MUCH INFORMATION. I set up a Twitter account for MT Bibliotechies that will use an RSS feed so Twitter's another way you can keep up with tech postings.

Pownce is another variation. What's different about Pownce is that you can not only share text but also media with your friends. That means you can send photos, videos, music files. I'm not sure what the size limit is for free accounts. But if I'm puzzled as to how to use Twitter in libraries, I'm even more puzzled with Pownce. But the event feature has some potential. I just posted a notice about an upcoming author event at Parmly on my Pownce page.

Don't be surprised if one or both of these apps shows up in a future Library 2.0 class. In the meantime, if you want to try them out and start building a network, feel free to follow me. It really is all about being where your users are.

Tuesday, April 15, 2008

Latest Symantec Internet Security Threat Report

This is my first post on the Montana BiblioTechies blog. Thanks to all you MBTs for inviting me. I hope to be a good MBTT (Montana BiblioTechie Trainee). My angle is security and my inclination is toward Microsoft products. I run a completely Microsoft shop at MPL, although that is slowly changing with some MAC OS and soon some Linux flavors.



Every six months Symantec publishes a document called the Internet Security Threat Report. The report on the last six months of 2007 has recently been released. The short version, which I have linked to above, is 36 pages of geek-speak.



One of the leading interesting points is that attacks are increasingly going web-based. What does this mean? Haven't we always had to be careful about clicking on urls we get in email?



Yes, you have, and now you need to be even more careful. The document states at one point that "... attackers are particularly targeting sites that are likely to be trusted by end users, such as social networking sites." Attacks against generally trusted sites are getting more clever and so more successful.



What does this mean for the Montana librarian, who doesn't have a CS degree and doesn't stay up to the wee hours learning how to protect themselves? I think it means that you simply pay attention to the basics, and always keep your ear open to getting a little more security savvy.



The basics are Windows updates, anti spyware and anti virus, and good passwords. This is a good start. Keep up with your Windows updates. The latest from Microsoft are released the second Tuesday of every month. You should have your PCs updated by the end of that week.

All the main antivirus vendors are good so which one you use is not as important as that you should be using one or another. I also use Spybot which is a free antispyware product. Run a manual scan every week or two and you might be suprised at what you collect on your PC.


I'll talk about passwords in a later post as I tend to drone on about passwords.

Thanks y'all.

Friday, April 4, 2008

online audio/video poetry

April is poetry month so I thought I'd put together some of the websites where you can find poets reading their works:
  • Borders Open Door Poetry - video poetry readings along with print versions of the poems.
  • UCTV (University of California Television) - UCTV has a series called Lunch Poems. You can watch or listen online or you can subscribe to the podcast and download new programs as soon as they become available.
  • PBS NewsHour Poetry - watch or listen online, download readings, subscribe to podcasts, read profiles along with additional information for teachers.
  • YouTube has poetry videos. You should probably exercise some caution if you're directing patrons there as a resource. For example, there are a number of Def Poetry videos where some might find the language offensive. But you'll also find fascinating gems like Billy Collins Animated Poetry:


  • Poets.org (Academy of American Poets) - information about poets and poems, resources for teachers and librarians for National Poetry month. Listen to poetry readings, sign up to receive a poem a day by email in April. They also have some interesting widgets for Mac users and a Poetcast (podcast) - you can subscribe to.
  • Writer's Almanac - you may be familiar with Garrison Keillor's program on NPR. It's also available as a podcast.
  • Poetry Foundation - a lot of information and poems you can listen to as well as several podcasts.
  • Classic Poetry Aloud - listen to classic poetry online or as podcasts.
  • Finally, it's worth keeping an eye on some of the events podcasts from major public libraries. I ran across a reading by one of my favorite contemporary Polish poets, Adam Zagajewski, as part of theLos Angeles Public Library ALOUD series.

Tuesday, March 25, 2008

YouTube - It's not all silly

I've read a lot of blogs by participants of the Montana Library 2.0 Challenge saying that they didn't find anything worthwhile on YouTube. I can understand that as a first impression. You go in and look at what's popular and find a cat playing a piano, a guy climbing a parking garage, and lots of other at best entertaining but not-quite-educational videos.

Well, there is a lot of quality material as well. Like podcasts, there are a number of organizations that don't get much mainstream media attention finding their way to YouTube as a distribution outlet. So, how do you find the gems? One good way is by making use of social networking connections. If you find a video that you think is worthwhile, look at who produced it. Do they have a channel you can subscribe to to find more quality videos? What else do they subscribe to? Who subscribes to this channel? The logic here is that you'll find similar tastes. You'll find that a number of organizations have channels on YouTube where you can find collections of their videos, subscriptions, etc. By subscribing to a channel, you'll find out whenever new content is posted.

Here are some of the interesting channels I've run across on YouTube:
  • ForaTV - you're getting just tastes of their content on YouTube. If you want the whole programs, many are available for download or subscription via podcast.
  • UCTelevision - programs from the University of California. I get a lot of these on satellite television and am pleased to be able to share some of the wonderful lectures with others.
  • TEDTalksDirector - lectures from the annual TED conference
  • AtGoogleTalks - not too surprisingly, Google gets a lot of big names coming to talk to their employees - authors, candidates, etc.
  • LinkTV - another satellite channel with interesting world news reports.
  • AmericanLibraryAssoc - mostly promotional videos. Here's one promoting National Library Week:


  • And of course, you can always rely on people you know to help find good stuff. If you want to subscribe to my personal channel and see what I've picked out, including a lot of the channels listed above, go to mtbibliotechie.

Thursday, March 13, 2008

adding image links to your blog or website

Copy and paste this html code into the edit html portion of your web page editor or blogging software:


<a href="http://askmontana.org/">

<img src="http://askmontana.org/images/askmt.gif" alt="Ask Montana">
</a>




to create this logo and link to the Ask Montana virtual reference service



Ask Montana

Tuesday, March 4, 2008

book trailers

I just heard about book trailers last week. They're short promotional videos for books. Here's one for Stephen King's new novel Duma Key


Book trailers might be something fun to add to New Books pages.

Monday, February 25, 2008

google rejected my query

Has anyone else ever received one of these 403 error messages from Google?

This is the second one I've received today. I got this first one when I tried to search for "academy awards." I also got one when I tried to search "403 error."

I'll do as they suggest and clear my Google cookie - but for now, rejected by Google! How will I ever get over it?

Tuesday, February 12, 2008

classical music performances on youtube

I happened to catch a segment on Morning Edition on NPR this morning talking about classical music performances on YouTube. Here's one featuring Maria Callas:

What a wonderful to expose young people to some of the stars and performances of yore.

Monday, February 11, 2008

RSS feed widget

I ran across this widget for displaying RSS feeds on your blog or web page at Library Journal.

Apparently you can do this with just about any RSS feed.

I have to warn you that I ran into some problems copying and pasting this one into my blog, however. This is where it's helpful to know some html. I was able to fix it by just adding a tag. I'd be curious to see if this works better if you use their automatic post to blogger option.

If anyone tries it, leave a comment as to whether or not it worked.

Tuesday, February 5, 2008

speaking of widgets and podcasts

I'd added this NPR widget to my Facebook page some time ago. Then I just realized it could probably be used elsewhere. This might be a way to introduce library patrons and staff to podcasts.

Add NPR to your page

Pretty neat, huh?

amazon buys audible

I've blogged previously about Amazon's innovative approach to distributing printed materials as evidenced by the Kindle. Now, I ran across a news item from the NY Times talking about Amazon's purchase of Audible.

For those of you who might be unfamiliar with Audible, they offer downloadable audio content largely via subscription. You pay a monthly fee and can download so much content for that fee.

I'm still not sure what the potential implications are for how libraries deliver service. But there are a lot of innovations going on in the marketplace. I think it's well worth considering what these trends might mean for us.

Monday, February 4, 2008

more on video podcasts

I decided to do a new posting on video podcasts instead of just updating the old one because video podcasts have become a lot more popular in the last year.

Not surprisingly, there are a lot of technology related video podcasts.
  • A number of Tech TV alums can be found on programs from Revision 3. One of my favorites is Tekzilla. It features a half hour program once a week answering questions, reviewing hardware, software and demos. There are also daily quick tips.
  • Cranky Geeks - features discussions of tech news.
  • Lab Rats - my favorite Canadian geek duo. Plus, Andy has a couple of cute cats - Biff and Boo.
More general interest
If you browse iTunes, in particular, you'll find a lot of video content produced by National Geographic, Discovery channel, etc. Sometimes these are shorts or promos for tv programs but they're well produced and appropriate for children and adults.

A couple of things to be cautious about RE: video podcasts. There's still the issue of formats. Cranky Geeks offers the following choice of formats: H.264, iPod/PSP, MPEG4, Windows Media, iTunes 320x240, iTunes 640x480. These are generally only going to make a difference if you're planning to use a media player to watch. You'll also find Quicktime formats on occasion. Those require Apple's Quicktime software. Just be sure that you match the format with your player(s).

I'd also be a bit cautious about video podcast directories. One that I looked at showed the top searches as all adult-related. While that's not surprising, these may not be the programs you want to highlight for library use.

Friday, February 1, 2008

Open Source Software

You hear a lot of talk about open source software particularly in techie circles. And it has some real advantages - namely it's usually free. But you do need to keep in mind that open source software is created by techies for techies and is therefore not for the faint of heart.

I'll share a recent experience as an illustration. I wanted to create an audio introduction to the podcasting lesson for the Montana Library 2.0 Challenge. I decided to try out Audacity - open source audio recording software. I found it was easy to download and install and figure out how to use. I even figured out how to do some basic editing. Great!

Then I needed to save it. When I tried to just save it I got a warning that it would be saved as an .aup file that few if any other programs could use and that I might choose to export it as a different type of file. Okay, so I looked at some of my other options. One was to export as an MP3 file. Perfect! MP3 files are the common format used by podcasters. So, I chose that option and was prompted to name my file.

That's when the fun began. I got a popup box telling me that a file lame_enc.dll was required and it wanted to search my newly created folder for the missing file. Not surprisingly, it didn't find it there because my new folder was still empty. I went back to Sourceforge.net the website where I got Audacity and searched for the missing file name. I found a file called lame-3.97.tar which looked like it would contain the missing file. So, I downloaded it. When I tried to open it, I was prompted for the program. Huh? I tried Audacity and got a popup warning that it was looking for a .dll file, did I really want to use the .tar file instead? Probably not. I chose to let Windows look for an appropriate program on the web. It helpfully found a number of zip utilities that I could purchase for roughly $20-$50. No thanks! But thanks for telling me that I needed a zip utility. Didn't I already have one on my computer? Apparently not this one.

Luckily, I do have some techie tendencies so I decided to look for freeware and went to Tucows. There I found a free zip utility that was rated well - ShellZip. So I downloaded and installed it. I must add it was one of the slowest downloads in history. But I went back to the lame-397.tar file and told Windows to open it with ShellZip. And I got a whole mess of files, none of which was lame_enc.dll. Let me add just how much I hate dealing with unzipped files that I have to try to figure out what to do with.

Okay, my frustration was definitely mounting. What now? Well, perhaps I just wasn't seeing the right one in the mess of lame files (very aptly named, I might add). So, perhaps I could use the Windows search mechanism to look for lame_enc.dll? Well, it did find it - in a program I'd never heard of TC Web Conferencing. So, all I had to do was direct Audacity to look there for the required file and my MP3 file was created. But the whole saving as an MP3 process took a good hour and a couple of needless downloads to accomplish.

Like I said, this is not for the faint of heart or anyone who gives in easily to frustration. The assumption with most open source software is that you know what all the stuff is and how to use it. There are few, if any, instructions and those that you do find are seldom helpful unless you're a computer programmer or software engineer. But there are a lot of useful open source software options out there. So, if you've got a lot of patience and/or you enjoy a good challenge, it's well worth pursuing. If not, you might want to go with an off-the-shelf software product that you buy complete with support and upgrades.