Telnet to circ module?

Bill Jenkins wcj1 at cornell.edu
Tue Jul 14 21:40:22 EDT 1998


At 6:16 PM -0700 7/14/98, Karen G. Schneider wrote:
>The concerns raised were
>specifically about security of the circulation data.  The concern was
>expressed that if we are connecting to the circ module via telnet, people
>could, if they wanted to, spy on the data passing to and fro.  Needless to
>say, we wouldn't want that.

	Actually, I am interested in the philosophical side of this.
Libraries want (and, for example, in NY have to) protect patron privacy. I
see that as not giving out patron information to anyone who comes along
asking.

	But does that cover mode of transmission? If I am in line at the
library, a person could see the books in my hand. If I am calling via the
telephone to renew a book, someone could have tapped the line. Or since I
have one of those cheaper cordless phones, they could just tune me in on a
receiver.

	So telnet and IP packets can be sniffed under certain circumstances
(with some effort put forth on the sniffer's part), but is it that
different from the telephone example and how much effort should a library
put into making a transmission method 'secure.' (I still remember when I
was a bank teller one summer, and my trainer said I should be careful not
to count out the money too loudly...)

	I hope no one gets overly defensive; I'm just curious. (I'm getting
ready to begin my Master's degree in LIS next month, can you tell? :)

BillJ

~~~~~
Bill Jenkins     wcj1 at cornell.edu
Training Instructor, Academic Technology Services, Cornell University




More information about the Web4lib mailing list