[Web4lib] Disable USB drives on public computers

[Andrew Mutch]

Michael,

As I stated before, I don't think a solution like DeepFreeze "solves" the
problem of users running or installing malicious programs on public
computers. It can greatly simply the clean-up after-the-fact but it
doesn't reduce the risk that could come from a malicious user running
"bad" software off their USB device or installing unwanted software on an
unsecured or less-than-secure computers.

There are ways to control applications from running off USB but I'm not
sure any of them could distinguish between the good, like your FireFox
browser, and the bad in a way that would allow one but not the other. In
any case, I see this as another example of measuring the risk and deciding
whether the positives (the convenience of patron access) outweight the
negatives (the protection of computer and network resources, and acting
accordingly.

In our case, we do allow patrons access to their USB devices as I feel
that we've taken the necessary steps to allow patron access while
minimizing any potential threats. But I don't think that decision is as
open-and-shut a case as it has been presented by some people. But I'm sure
this discussion has helped make more people aware of the potential
benefits and pitfalls of opening up their computers in this way and
they'll be able to make a more informed decision.

Andrew Mutch
Library Systems Technician
Waterford Township Public Library
Waterford, MI


> I blogged about this topic and I think I summarized the issues in a clear,
> but honestly opinionated, way. Those interested can read it at
> http://www.travelinlibrarian.info/2006/04/are-usb-drives-security-risk.html
>
>
> Michael Sauers
> BCR
> _______________________________________________
> Web4lib mailing list
> Web4lib at webjunction.org
> http://lists.webjunction.org/web4lib/
>