Aardy R. DeVarque (aardy) wrote,
Aardy R. DeVarque

  • Mood:
  • Music:

Animal crackers

Since it's now public knowledge, I can actually mention this:

A %$#@! cracker got into my library's consortium's catalog server sometime in the last few weeks and opened up an illegal file sharing service. He's gone now, but we've been coping with the effects and the aftermath for more than a week.

(Apologies if those links end up being date sensitive; I couldn't find more permanent links to the stories.)

Thankfully, it's quite laborious for anyone without the actual catalog client software to get at any patron information and get it in a readable format (and that's not what this particular person was after, anyway), and there's very little that anyone (other than the FBI) would want. And even then, what identity thief really wants to know how much you owe in overdue fines, or the fact that that you've just renewed Sex for One for the third time?

By the by, as referenced in that second article ("Morris said a 'primitive' back-up system was used to record when patrons checked out books"), for many or most of the 22 libraries in the system, the back-up circulation program they use was written by yours truly, and it's really not that "primitive"--though I honestly don't know whether that particular library is one of those who use it, or one of those who use much more primitive (all the way down to paper & pen) or bug-filled back-up circulation systems.

On the down side, while they work at keeping the cracker out, scrubbing the server, restoring clean data from backups, and getting technicians to come out to repair the hardware failures that were discovered during the process, they've shut off all outside access to the server, even to quasi-internal users like myself (my library has a dedicated T1 line that connects directly from here to a router in their building), so I can't work any of the "magic" that I often do for them to help make everything go more smoothly. (Like the imminent merging of Evanston Public Library's catalog into our own; Evanston is "only" one of the three largest public libraries in the state of Illinois outside of Chicago Public. Hopefully they'll decide it's safe enough to let me back in by then.)

Feudalism: Serf & Turf
Tags: hackers, libraries

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded