July 17, 2010

2600 piece on the Voyager ILS

As technology is more and more the means of surveillance and control and not just information access and interaction, the role of the Hacker has become central to new scenarios of freedom and rebellion. That’s why I’ve always loved 2600: The Hacker Quarterly. I recently saw the Spring 2010 issue and was glad to see the journal is still being published.

I bring it to your attention now because that issue contains a one-page article (in print only) about the potential to hack Endeavor’s Voyager Library Information System. The article describes some of the data that should be accessible to a hacker with moderate skill. (The point of this article and many articles in 2600, and to a lot of what hackers do, is to point out security holes to the public, rather than to exploit them for private purposes, but it is conceivable that an ILS could be used by the state, and the PATRIOT Act certainly pushed in that direction.)

5 Comments »

  1. Interesting. Who wrote it?

    Comment by jessamyn — July 21, 2010 @ 2:01 pm

  2. It was written by someone using the pseudonym Decora.

    Comment by Rory Litwin — July 21, 2010 @ 4:37 pm

  3. The ILS is probably already being used by the state, and any librarian who even talked about it could be thrown in jail. That was one of the many points of the article.

    Look at the way Homeland Security is collecting data about the public now, in these ‘Fusion Centers’. The Electronic Frontier Foundation has already released Freedom of Information Act results detailing some of the programs, like MiTAP and ViTap, which continually scour various government databases for information, but also ‘open source’ sources such as websites. I’m sure they are on facebook, wouldn’t they look bad if a terrorist had a facebook page and they didn’t catch it ahead of time?

    So what about ILS? ILS contain info like I pointed out in the article, about what you check out, but also about what you search for, and when. And they dont tell you. Why -wouldn’t- the government want that info? They could get it easily, with nobody knowing, all they do is download a database file once a month or whatever. The vendors probably have ‘maintenance’ doors into the systems and the feds dont even have to go to the libraries, just go to the vendors and go through them.

    Some of the info in the article is out of date, but then again I didn’t think 2600 would publish it as an article, it was more a midnight ‘letter to the editor’ rant when I first wrote it.

    Comment by Decora — July 22, 2010 @ 3:48 pm

  4. Sorry, Decora. Akismet filtered your comment as spam. I just dug it up.

    Comment by Rory Litwin — August 4, 2010 @ 6:08 pm

  5. lol story of my life. filtered out as spam.

    thank you.

    i only wish more librarians gave a ####. apparently they are taught in librarian school to bow down and worship at the idol of the inscrutable tech sector, be amazed at ‘what is possible’, so when they get old and promoted they will be willing to sign $10,000 checks for ‘maintenance contracts’ or whatever. it’s all bull%$#@. computers are not magic. librarians should take to them with baseball bats and break them apart, see how they work, and then put them back together to serve -library interests- not the FBI and not the ‘shareholders’ of IT companies.

    Comment by Decora — December 4, 2010 @ 2:14 pm

RSS feed for comments on this post. | TrackBack URI
You can also bookmark this on del.icio.us or check the cosmos

Leave a comment

XHTML ( You can use these tags): <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> .