Public Use Computers FAQ
1. Why can't I download -insert name here- instant messenger and install it?
a. We do not allow anyone to install software on our PCs, nor do we want to install and maintain every instant messaging program in existence. This is by design to prevent problems related to unneeded, unauthorized or illegal software. If you want to use an instant messenger, you can use a web-based version, which is available from AOL, MSN, Yahoo and ICQ, among others.
For simplicity, go to http://www.meebo.com/ which offers you AOL, MSN, Yahoo and GoogleTalk. You can log into any one, any combination of them, or all four, and have a single messaging session.
2. When I try to download a file, I get a blocked page. Why?
a. To conserve our resources, as well as prevent malware or viruses from even taking a foothold, we block certain file types from being downloaded. We do allow downloading of the following:
DOC - Microsoft Word Document
XLS - Microsoft Excel Document
PDF - Adobe's Portable Document Format
ZIP - Compressed Zip file
3. A site that I've visited in the past without any problems is now being blocked. What's wrong?
a. As you know, we are required by law to use content filtering software to block objectionable content. Unfortunately, no filter is perfect and can block perfectly legitimate websites. Also, at times, a web page you've visited without any problems before might have some content on it that could trigger the filter. Try refreshing your web browser after a few minutes. If you believe the site is legitimate and shouldn't be blocked, please inform your librarian.
4. So, you can bypass the filter?
a. Yes, but this is only under very specific circumstances. First, you must be 18 and older; that is the law. Second, it must be for research purposes. You will be allowed to view an unfiltered page for twenty minutes.
5. So you use filtering software. What is it?
a. We use a dedicated server that runs the Linux operating system. The filtering software used is called DansGuardian. This is Open-Source software that filters content based on banned words, phrase lists, sites, and file types. To help speed up and reduce the load on our broadband connections, we also run Squid.
Squid is a caching program that stores commonly accessed content. This means that instead of, for example, thirty computers accessing CNN.com and downloading the same page from the Internet, one computer makes a request to the server. The server downloads the content, stores it locally, and allows the computer that requested the page to download the page from the server. From that point on, any other computer that requests the same page will download it from the server.
6. So if you are caching content that we access, does that mean you also store personal information?
a. Absolutely not. We do not store any personal information. We do not log who accesses what site. We do log pages that are blocked so that we can refine our filtering software, and though this shows the specific computer that the page was accessed from, it doesn't show who. Furthermore, the patron computers are setup to wipe any activity after they are shutdown.
We do respect your privacy and, by design, our computers are setup to minimize the possibility of any private information being viewed, stored, or stolen.
7. So, my personal data is safe if I use your computers?
a. Nothing is foolproof. We do what we can, but that's no guarantee against a computer crime being committed. Please remember to practice common sense when using the Internet on any computer.
8. Does this mean I'm not totally anonymous when surfing the web?
a. Nope, sorry. There is a degree of anonymity, but when it comes down to it, given time and resources, any activity can be traced. For those of you who think you can commit the perfect crime with our equipment, don't bother.
9. What do you do to prevent things like viruses, malware, and spyware from getting on your patron PCs?
a. We use a combination of software and settings. Besides our content filtering and caching server, we have SpyBot Search and Destroy and Spyware Blaster installed on all our computers. These tools help detect and stop malware from taking a foothold.
SpyBot S&D blocks known bad products, as well as allow us to find and remove malware. SpyBlaster has a record of known tracking cookies, and blocks them from even being downloaded.
On top of that, the desktop you use is what Microsoft calls a "Limited Account." This means that you can not install software or make system wide changes. In addition, we use other tools to lock down certain parts of a computer.
Finally, to top that all off, we use a product from Faronics called Deep Freeze Professional. This software is what wipes any change, viruses, malware program, or user activity off the computer after it's rebooted. Naturally, we also use AVG Antivirus for Networks from Grisoft.
10. Sometimes, near closing time, the computer will restart and I see a message that says "Maintenance Mode, mouse and keyboard are disabled." What is this?
a. This is a feature of Deep Freeze Professional called "Maintenance mode" that allows the computers to make permanent changes.
Instead of having to manually update certain software, the computers are set to reboot, update appropriate programs and then shutdown for the day. The keyboard and mouse are disabled to prevent tampering. This also simplifies getting things ready for our staff. All they have to do to get a computer ready for a given day is to push one button: the power button! Unless there is a problem, there's no other intervention required.
11. I notice, in the lower right hand corner, a blue square icon with a black eye. What is this?
a. This is the VNC server; Virtual Network Computing. We use UltraVNC on all patron and staff computers as a diagnostic aid. It allows us to remotely control a PC as if we were at the keyboard in person.
This is a very valuable time-and-money saving tool because, instead of driving forty miles or more one way to fix a five minute problem, we can just connect to that PC from our office, fix the problem, and then disconnect from it. It's also very handy as a teaching aid when a patron or staff member is having trouble and would like help walking through something.
12. Are you connected to my computer right now and watching me?
a. Absolutely not. Like the filtering server and safeguards against malware and wiping activity, VNC is setup by design so that if someone is connected to a computer, the user is aware of it. When a computer is connected to another remotely, the color of the icon changes from blue to green. Furthermore, we have a strict policy governing its use.
Library staff are not allowed to use VNC, only the Director and Technical Coordinator are allowed to use it under the following conditions: either a staff or patron user requests assistance and/or prior notice and permission is asked for before connecting. Please remember that we have this installed as a diagnostic tool, not as a spy program.
If that doesn't sway you, please remember that we are a public library, not the NSA. We've neither the resources, nor the staff, to monitor every single computer in the district.
12. I get to a website that doesn't seem to work. What's wrong?
a. Sometimes, a website being viewed on IE might work in FireFox or vice versa. Try using a different web browser first. Some sites require specialized software that has to be installed. If you have a special need or request that's for educational purposes only, please speak with your librarian and we will consider it. Please keep in mind that this is not a practice we encourage, so we will reserve the right to refuse any requests.
13. So, what and where is this filtering/caching server and what else do you run?
a. As there are security issues with this question, I'm not about to give you all the details. But I can tell you that we keep everything locked up in a network cabinet, protected from surges and power outages with Uninterruptible Power Supplies and surge protectors, and locked down from outside intrusions from hackers by various means.
As for the hardware, the content filtering/caching server is a Tyan Transport GX28 barebones rack-mounted server with 2GB of RAM, dual AMD Opteron 244 CPUs, and two Seagate 80GB SATA hard drives in RAID 1 (mirrored so that if one fails, the server keeps going). It is protected by a Tripp Lite 1000VA rack-mounted UPS. We chose this server for its upgradability and capacity down the road in case we want to add additional computers or run other services off of it.
Network-wise, it has three Ethernet interfaces, two we use for patron PCs to access, the third for diagnostic purposes, connected to a managed Ethernet switch that is protected from network surges by an APC ProtectNet Surge protector. Yes, a computer can get fried through the network port; we learned that lesson the hard way a few years ago in Standish.
14. Are you ever going to allow us to connect to the Internet with our own laptops and surf wirelessly?
a. Not yet. Though there is no timeline for implementing wireless, there is a project that, if successful, will address our security and usage issues while not breaking the bank. It revolves around two open-source packages, OpenWRT and WifiDog, and a $50 Linksys wifi router bought from the local Wal-Mart. Please note that the $50 WRT-54G router now being sold, hardware v5, will not work. If you want to know more, check out these sites:
http://www.openwrt.org -- The linux operating system (yes, the Linksys WRT-54G up to v4 and the WRT-54GL runs linux! The $80 WRT-54GS does too.)
http://www.wifidog.org -- A wireless captive portal suite for creating wireless access portals.
15. What the heck is Linux?
a. Linux is an open source operating system that was created by Linus Torvalds in the early 90s as a hobby based on Minix. Through the collaborative work if countless volunteer developers and engineers, it grew to become a very powerful, flexible, and increasingly easy-to-use operating system. It's free to download, distribute, install and use. It's more stable, memory efficient, and less vulnerable than Windows. Did I mention it's free? We use Mandriva 2006 on our server. Check out these sites:
16. How do you know what software needs to be patched or updated?
a. We regularly monitor three sites for technology news and any software vulnerabilities. These sites are:
http://secunia.org/ - Daily news about software vulnerabilities
http://www.geek.com/ - Technology news site
http://news.google.com/ - Google.com news site
Windows and AVG are automatically updated daily. Monthly visits to each computer are made for any other updates and to check up on everything else.
17. I noticed that on some of the new Dell slim PCs with flat panel monitors that the Children's programs and Microsoft Office are not installed. Why not?
a. This is due to licensing with the Gates Foundation, who originally supplied the Gates computers. Though we're phasing out the older PCs, some branches have requested to retain them as non-Internet Children-only PCs. Since we can't buy additional licenses, we have to keep the software with the computer. For PCs that are replaced, we simply transfer the software.
18. What is OpenOffice.org?
a. OpenOffice.org is an open-source office productivity suite with a similar look-and-feel to Microsoft Office. It has a word processor, spreadsheet, presentation and drawing programs that are compatible with Microsoft Office, with all the same features. Like Linux, it's free to download, distribute, install and use. Try it out.
19. What is FireFox?
a. FireFox is a web browser that is considered to be faster and more secure than Internet Explorer. It's based on Internet Standards that Microsoft either has yet to adopt or seems to ignore in lieu of their own standards. We provide FireFox as an alternative to Internet Explorer.
20. Can I play DVDs or audio CDs on the new PCs?
a. Obviously, other than not allowing Adult films, you are welcome to play DVDs on the computers that support them; namely the Dell PCs with flat panel monitors. Audio CDs can be played on all our PCs.
21. Can I bring in my USB drive and use it?
a. Yes. You can use USB flash or external hard drives on any computer with front-mounted USB ports. However, you are responsible for bringing any adapters needed to plug your USB flash drive in. Though the Gates PCs have USB ports, we can not allow them to be used because the ports are located at the back of the PC.
22. I have a flash drive with software on it but it won't run on the PC. What's going on?
a. We do not allow any executable files to run on USB flash drives, and we prevent any copying onto the local drive. Again, we don't want unauthorized software running on our equipment.
23. What about bringing in a digital camera and copying the images onto a USB flash drive?
a. You can do that if you want as it's a drag-and-drop affair; "dragging" the files from the camera and "dropping" them into the USB drive. But you are responsible for bringing in any adapters and drives needed. There is no software provided for retrieving the images from a camera, so it's up to you to find where on the camera or disk they are located.
24. Why are you using only Dell PCs? Isn't it cheaper to build them yourself?
a. There are at least two good reasons: First, Dell is an established manufacturer with an dedicated government support. Second is that their costs are relatively low per PC.
As for building them ourselves, though we did build our own content and development servers, these are just two computers running software that is free and on hardware that is rock-solid reliable. In other words, we don't expect it to break, and if it did, we can fix it on our own.
Patron and Staff PCs are a different story because we have to have a lot of them. When you consider the cost of hardware and software, going to a Manufacturer such as Dell makes things easier and cheaper. If something breaks, we can have it replaced under warranty, which saves us money. We also stick with the same make and model range so that if there are any problems, we can apply the same solution to any other computer. Or, if we need to redeploy a computer for another use, it can be done as easily as swapping a hard drive and turning it on.
25. What do you do with your old hardware?
a. We have a process where we have an auction that sells off the equipment as surplus. The public is welcome to bid on whatever is up for auction. If nothing is sold, we may consider putting it up on eBay. We did this during late 2004 for our old 56k routers, which no one wanted to buy locally, yet we earned income from selling them online.
If we can't sell it on eBay, such as something that would be too costly to ship, then we'll recycle it. We don't throw old hardware away (such as motherboards or monitors) because they contain heavy metals and chemicals that can be bad for the environment and illegal to dump.
26. Can you tell us anything about the new PCs coming this year?
a. What we're specifically getting will depend on whether we get a grant or not. However, even without a grant, we are planning to replace the remaining Patron-use Gates PCs this late Summer. We're going with Dell's Optiplex GX520 series, small form-factor. They will have the same RAM, hard disk, and DVD combo drive as the GX280, but will be a little smaller and sleeker. The CPU will actually be placed behind the 17” LCD monitor, instead of to the side or underneath, for increased desktop space. We're also going to be buying the latest version of Microsoft Office for all Patron PCs. Encarta, which has seen little or no use, will be removed. We're also planning to buy more comprehensive CD burning software.
27. What about the printers? I heard you were planning to buy new ones but it's just the same old black and white LaserJet 2100s. What's going on here?
a. Believe it or not, we almost forgot about adding the purchase of new laser printers to our tech plan (it's on there now, trust us).
Simply put, cost and reliability-wise, laser printers are the best when it comes to needing to print a lot of pages. They are very reliable, fast, cheap to operate and offer excellent text quality. They are so reliable, in fact, that we've had maybe one problem with one printer in past few years. The problem we had, by the way, was with its network card, not the printer itself. However, we know that they're getting old and some of you would like to do color printing. We already have some makes and models in mind.