Public Use Computers FAQ

 

1.  Why can't I download -insert name here- instant messenger and install it?

a.  We do not allow anyone to install software on our PCs, nor do we want to install and maintain every instant messaging program in existence.  This is by design to prevent problems related to unneeded, unauthorized or illegal software.  If you want to use an instant messenger, you can use a web-based version, which is typically accessible through your web mail account..

2.  When I try to download a file, I get a blocked page. Why?

a.  The file might be a type that the filter catches, though we keep the restrictions loose. The following file types should not be blocked:

DOC - Microsoft Word Document

XLS - Microsoft Excel Document

PDF - Adobe's Portable Document Format

ZIP - Compressed Zip file

3.  A site that I've visited in the past without any problems is now being blocked.  What's wrong?

a.  As you know, we are required by CIPA (Children's Internet Protection Act) to use content filtering software to block objectionable content.  Unfortunately, no filter is perfect and can block perfectly legitimate web pages.  Also, at times, a web page you've visited without any problems before might have some content on it that could trigger the filter.  Try refreshing your web browser after a few minutes.  If you believe the site is legitimate and shouldn't be blocked, please inform the staff.

4.  So, you can bypass the filter?

a.  Yes, but this is only under very specific circumstances.  First, you must be 18 and older;  that is the law.  Second, it must be for research purposes.  You will be allowed to view an unfiltered page for twenty minutes.

5.  So you use filtering software.  What is it?

a.  We use a dedicated server that runs the Linux operating system.  The filtering software used is called DansGuardian.  This software filters content based on banned words, phrase lists, sites, and file types.  To help speed up content that is commonly served, we also run Squid. 

Squid is a web caching program that stores commonly accessed content.  This means that instead of, for example, thirty computers accessing CNN.com and downloading the same page from the Internet, one computer makes a request to the server.  The server downloads the content, stores it locally, and allows the computer that requested the page to download the page from the server.  From that point on, any other computer that requests the same page will download it from the server.

6.  So if you are caching content that we access, does that mean you also store personal information?

a.  Absolutely not.  We do not store any personal information.  We do not log who accesses what site.  We do log pages that are blocked so that we can refine our filtering software, and though this shows the specific computer that the page was accessed from, it doesn't show who.  Furthermore, the patron computers are setup to wipe any activity after they are shutdown. 

We do respect your privacy and, by design, our computers are setup to minimize the possibility of any private information being viewed, stored, or stolen.

7.  So, my personal data is safe if I use your computers?

a.  Nothing is foolproof.  We do what we can, but that's no guarantee against a computer crime being committed.  Please remember to practice common sense when using the Internet on any computer

8.  Does this mean I'm not totally anonymous when surfing the web?

a.  Nope, sorry.  There is a degree of anonymity, but when it comes down to it, given time and resources, any activity can be traced.  You can, however, use Tor Browser Bundle, either as a portable application on a public PC or on your own computer. For more information, go to

https://www.torproject.org/projects/torbrowser.html.en

9.  What do you do to prevent things like viruses, malware, and spyware from getting on your patron PCs?

a.  We use a combination of software and settings.  Besides our content filtering and caching server, we have Anti-Virus and Anti-Malware software to scan and catch any threats.

On top of that, the desktop you use is what Microsoft calls a "Limited Account."  This means that you can not install software or make system wide changes.  In addition, we use other tools to lock down certain parts of a computer. 

Finally, we use a product from Faronics called Deep Freeze Professional.  This software is what wipes any change, viruses, malware program, or user activity off the computer after it's rebooted.  Naturally, we also use AVG Antivirus for Networks from Grisoft.

10.  Sometimes, near closing time, the computer will restart and I see a message that says "Maintenance Mode, mouse and keyboard are disabled."  What is this?

a.  This is a feature of Deep Freeze Professional called "Maintenance mode" that allows the computers to make permanent changes. 

Instead of having to manually update certain software, the computers are set to reboot, update appropriate programs and then shutdown for the day.  The keyboard and mouse are disabled to prevent tampering.  This also simplifies getting things ready for our staff.  All they have to do to get a computer ready for a given day is to push one button: the power button!  Unless there is a problem, there's no other intervention required.

11.  I notice, in the lower right hand corner, a small square icon with an eye that says VNC. What is this?

a.  This is the VNC server; Virtual Network Computing.  We use TightVNC on all patron and staff computers running Windows 7 as a diagnostic aid.  It allows us to remotely control a PC as if we were at the keyboard in person. 

This is a very valuable time-and-money saving tool because, instead of driving forty miles or more one way to fix a five minute problem, we can just connect to that PC from our office, fix the problem, and then disconnect from it.  It's also very handy as a teaching aid when a patron or staff member is having trouble and would like help walking through something.

12.  Are you connected to my computer right now and watching me?

a.  Absolutely not.  Like the filtering server and safeguards against malware and wiping activity, VNC is setup by design so that if someone is connected to a computer, the user is aware of it.  Furthermore, we have a strict policy governing its use. 

Library staff are not allowed to use VNC, only the Director and Technical Coordinator are allowed to use it under the following conditions:  either a staff or patron user requests assistance and/or prior notice and permission is asked for before connecting.  Please remember that we have this installed as a diagnostic tool, not as a spy program. 

If that doesn't sway you, please remember that we are a public library, not the NSA.  We've neither the resources, nor the staff, to monitor every single computer in the District.

12.  I get to a website that doesn't seem to work. What's wrong?

a.  Sometimes, a website being viewed on IE might work in FireFox or vice versa.  Try using a different web browser first; all public comptuers have Mozilla Firefox, Internet Explorer, Comodo Dragon and Google Chrome.  Some sites require specialized software that has to be installed.  If you have a special need or request that's for educational purposes only, please speak with your librarian and we will consider it.  Please keep in mind that this is not a practice we encourage, so we will reserve the right to refuse any requests.

13.  So, what and where is this filtering/caching server and what else do you run?

a.  As there are security issues with this question, I'm not about to give you all the details.  But I can tell you that we keep everything locked up in cabinets, protected from surges and power outages with Uninterruptible Power Supplies and surge protectors, and locked down from outside intrusions from hackers by various means.

 We used to have a single conent filtering server hosting all eight branches from Headquarters. Today, every branch now has their own dedicated content fitlering, web caching, and network gateway server. These servers provide a secure portal to the Internet and allow secure remote connectivity for troubleshooting and maintenance work.

14.  Do you have WiFi?

a. Yes, we certainly do. For the past several years, we have been running hotspots that run 24/7 at most of our branches. They are free to use, do not require registration and have no usage limits. However, due to state law, we require that the connection be filtered. Port 80, HTTP, is filtered using DansGuardian. Since you are using your own devices, we can not stop you from bypassing it on your own.

As of May, 2014, we are replacing are old access points running WiFiDog with new ones from UBiQUiTi Networks http://www.ubnt.com/unifi UniFi 802.11n PoE wireless access points. The process for accessing the Internet via Public Wifi is a simple three-step process:

1. Connect to a wireless hotspot: IADL_LIBRARY

2. Open a web browser and go to any site.

3. You should then see a splash screen that says “Welcome to Iosco-Arenac District Library” with a check-mark next to “I accept the Terms of Use” and a “Connect” button. You can click on the “Terms of Use” link to see them. Click Connect and you are now connected to the Internet.

15.  What the heck is Linux?

a.  Linux is an open source operating system that was created by Linus Torvalds in the early 90s as a hobby based on Minix.  Through the collaborative work if countless volunteer developers and engineers, it grew to become a very powerful, flexible, and increasingly easy-to-use operating system.  It's free to download, distribute, install and use.  It's more stable, memory efficient, and less vulnerable than Windows.  Did I mention it's free?  We use Ubuntu 64-bit Server Long Term Service release on all our servers.

16.  How do you know what software needs to be patched or updated?

a.  We regularly monitor three sites for technology news and any software vulnerabilities.  These sites are:

http://secunia.org/ - Daily news about software vulnerabilities

http://www.geek.com/ - Technology news site

http://news.google.com/ - Google.com news site

Windows and AVG are automatically updated daily.  Monthly visits to each computer are made for any other updates and to check up on everything else.

17.  I noticed that on some of the new Dell slim PCs with flat panel monitors that the Children's programs and Microsoft Office are not installed. Why not?

a.  This is due to licensing with the Gates Foundation, who originally supplied the Gates computers.  Though we're phasing out the older PCs, some branches have requested to retain them as non-Internet Children-only PCs. Since we can't buy additional licenses, we have to keep the software with the computer.  For PCs that are replaced, we simply transfer the software

18.  What is LibreOffice?

a.  LibreOffice is an open-source office productivity suite with a similar look-and-feel to Microsoft Office.  It has a word processor, spreadsheet, presentation and drawing programs that are compatible with Microsoft Office, with all the same features.  Like Linux, it's free to download, distribute, install and use.  Try it out.

19.  What is FireFox?

a.  FireFox is a web browser that is considered to be faster and more secure than Internet Explorer.  It's based on Internet Standards that Microsoft either has yet to adopt or seems to ignore in lieu of their own standards.  We provide FireFox as an alternative to Internet Explorer.

http://www.mozilla.com

20.  Can I play DVDs or audio CDs on the new PCs?

a.  Obviously, other than not allowing Adult films, you are welcome to play DVDs on the computers that support them;  namely the Dell PCs with flat panel monitors.  Audio CDs can be played on all our PCs.

21.  Can I bring in my USB drive and use it?

a.  Yes.  You can use USB flash or external hard drives on any computer with front-mounted USB ports.  However, you are responsible for bringing any adapters needed to plug your USB flash drive in.  Though the Gates PCs have USB ports, we can not allow them to be used because the ports are located at the back of the PC.

22.  I have a flash drive with software on it but it won't run on the PC. What's going on?

a.  We do not allow any executable files to run on USB flash drives, and we prevent any copying onto the local drive.  Again, we don't want unauthorized software running on our equipment.

23.  What about bringing in a digital camera and copying the images onto a USB flash drive?

a.  You can do that if you want as it's a drag-and-drop affair; "dragging" the files from the camera and "dropping" them into the USB drive.  But you are responsible for bringing in any adapters and drives needed.  There is no software provided for retrieving the images from a camera, so it's up to you to find where on the camera or disk they are located

24.  Why are you using only Dell PCs?  Isn't it cheaper to build them yourself?

a.  There are at least two good reasons:  First, Dell is an established manufacturer with an dedicated government support.  Second is that their costs are relatively low per PC.

As for building them ourselves, though we did build our own content and development servers, these are just two computers running software that is free and on hardware that is rock-solid reliable.  In other words, we don't expect it to break, and if it did, we can fix it on our own.

Patron and Staff PCs are a different story because we have to have a lot of them.  When you consider the cost of hardware and software, going to a Manufacturer such as Dell makes things easier and cheaper.  If something breaks, we can have it replaced under warranty, which saves us money.  We also stick with the same make and model range so that if there are any problems, we can apply the same solution to any other computer.  Or, if we need to redeploy a computer for another use, it can be done as easily as swapping a hard drive and turning it on.

25.  What do you do with your old hardware?

a.  We have a process where we have a surplus sale that sells off the equipment.  The public is welcome to submit a sealed bid on whatever is up for sale.  If something doesn't sell, we may consider putting it up on eBay, but  our usual procedure is to give it to an approved non-profit organization or recycle it.  We don't throw old hardware away (such as motherboards or monitors) because they contain heavy metals and chemicals that can be bad for the environment.