|
09-16-03 or 1216 |
|
From: "PUBYAC: PUBlic librarians serving Young Adults and Children" <pubyac@prairienet.org> To: "PUBYAC: PUBlic librarians serving Young Adults and Children" <pubyac@prairienet.org> Sent: Tuesday, September 16, 2003 11:01 PM Subject: PUBYAC digest 1216 PUBYAC Digest 1216 Topics covered in this issue include: 1) Crafts from CDs by "Margaret Keefe" <mkeefe@midhudson.org> 2) RE: FCUK perfume by Lora Morgaine <loraeileen@yahoo.com> 3) CIPA and Teen Staff by Susan Engelmann <suengelm@yahoo.com> 4) Stumper: Yesterday-tomorrow by Mary Gilbert <m.gilbert@gomail.sjcpl.lib.in.us> 5) Stumper: Toy Makers contest in the Woods by Teresa Salatino <teresas@wccls.lib.or.us> 6) Re: Book Discussion Group - Name? by Sue <sabraham@mail.owls.lib.wi.us> 7) RE: parachute ideas by melissa.carr@kanawha.lib.wv.us 8) Re: Upset parent - child checking out non-children's material by Margaret Siebert <psiebert12508@yahoo.com> 9) RE: Hawafena/Singing ad by "Tobin, Renee" <Rtobin@ci.rancho-cucamonga.ca.us> 10) Re: YA Teen Read Week Program by "Wanda Jones" <wjones98@hotmail.com> 11) Re: Upset parent - child checking out non-children's material by Inge Saczkowski <isaczkow@niagarafalls.library.on.ca> 12) Re: Paperback vs. Hardback by "Melissa MacLeod" <mmacleod@sailsinc.org> 13) RE: HP read-alikes for non-fantasy fans by Peggy Odom <podom@ci.waco.tx.us> 14) Re: Upset parent - child checking out non-children's material by "Paula J. Lopatic" <paulal@rpls.lib.il.us> 15) Re: Computer hours and inappropriate pop-ups--Googletoolbar by j b <jhsampson991@yahoo.com> 16) Online Workshops by "GSLISCE" <gslisce2@simmons.edu> ---------------------------------- Can any of you share some good crafts you have made from CDs? Thanks--From: Margaret Keefe [SMTP:mkeefe@midhudson.org] Margaret M. Keefe Coordinator of Youth Services Mid-Hudson Library System 103 Market Street Poughkeepsie, NY 12601 Phone: 845-471-6060 X35 FAX: 845-454-5940 E-mail: mkeefe@midhudson.org URL: midhudson.org ---------------------------------- FCUK has stores throughout the world (I first saw one in Egypt!), includingFrom: Lora Morgaine [SMTP:loraeileen@yahoo.com] the US. It is a little surprising the first time you see the acronym (pronounced F-C-Uk), but now I just think it's funny. The brand definitely has a lot of fun with their name, but I never heard too much of an uproar about it...they've been around for a while I think. They have a website www.fcuk.com that lists lots more provocative ways they use their name...I'm sure the more shocking it is, the more teens will love it. ; ) Lora ---------------------------------- We have just hired a 16 year old to work evenings andFrom: Susan Engelmann [SMTP:suengelm@yahoo.com] Saturdays in our Children's area. He will be the only staff member at that desk. I am curious about how CIPA plays into this. My director feels that since he is not on a public computer,we are ok. I worry that we are not because we are providing a minor with unrestricted Internet access. Has anyone else had this situation occur? I am interested in thoughts, comments. etc. Susan Engelmann North Kansas City Public Library ---------------------------------- Here's a patron request that stumped me: A mother wants a picture bookFrom: Mary Gilbert [SMTP:m.gilbert@gomail.sjcpl.lib.in.us] that explains the concept of yesterday, today and tomorrow. All our time books are about clocks, days of the weeks, months, and seasons. I've checked A-to-Zoo, Best books for Children, and Adventuring with Books, none of which has anything recognizable on this specific concept. You'd think someone has written about this basic idea! Let me know if you've come across one, or have ideas for further searching. Thanks! Mary Gilbert Children's Librarian St. Joseph Co. Public library South Bend, IN. ---------------------------------- Dear All:From: Teresa Salatino [SMTP:teresas@wccls.lib.or.us] I have a stumper that I'm hoping someone can help me solve. Patron remembers this book from her childhood, published sometime before 1970. The plot goes something like this: a contest is held in the woods between a good toy maker and a bad toy maker. The bad toy maker made puppets, while the good toy maker made a doll house. The doll house was then broken up and the pieces were used to throw at wolves who were threatening the contest. If this rings a bell with anyone, please respond to me at "teresas@wccls.lib.or.us". Thanks, Teresa ************* Teresa Salatino Youth Services Librarian Cedar Mill Community Library 12505 NW Cornell Road Portland, OR 97229 (503) 644-0043 x126 ---------------------------------- We meet at lunch time and call ourselve "Book Munchers"From: Sue [SMTP:sabraham@mail.owls.lib.wi.us] The students bring their lunch, and I provide cookies for dessert. Sue Abrahamson Director of Youth Services Waupaca Area Public Library Waupaca, Wisconsin Diane Rebertus wrote: >I'm looking for a catchy name for a book discussion group - children in >grades 3-5. Thanks. ---------------------------------- We usually play popcorn using styrofoam balls as the popcorn. TheyFrom: melissa.carr@kanawha.lib.wv.us [SMTP:melissa.carr@kanawha.lib.wv.us] have to listen to instruction on whether to go slow or fast. The kids always have a "ball" when they play ;-) Missy ---------------------------------- Teresa,From: Margaret Siebert [SMTP:psiebert12508@yahoo.com] Our software allows us to put notes on people's cards. The notes pop up when the patron's card is scanned for checkouts. Could you put a note on this child's card that says her mother has made this request? I grant that the mother should come with the child, but that isn't always practicable. If the mother shows the child which section of the library is acceptable to her and you back the mother up that should solve the problem. Peg Siebert Blodgett Library Fishkill, NY Teresa J Oliver <tjo2@u.washington.edu> wrote: I recently had a parent request that her child not be allowed to check out any adult material. I told her that our system tries to ensure that all material is available for any patron who needs it and that our circulation system was not set up to handle material specific blocks. I then encouraged her to view a trip to the library as family time, that she be present to make decisions about material with her child. Anyway, that's what I tried to tell her, but she left very upset. Does anyone know a good way to explain this situation that leaves everyone happy (or at least happier?) Thanks, Teresa Oliver ---------------------------------- Sounds like a "howler" to me.From: Tobin, Renee [SMTP:Rtobin@ci.rancho-cucamonga.ca.us] Renee Tobin ---------------------------------- Hi,From: Wanda Jones [SMTP:wjones98@hotmail.com] We are planning to have a local author, NeAnni Ife, come perform a dramatic interpretation of her autobiography, Blue Popsicles. It's a new YA book and a very touching story. www.bluepopsicles.com Wanda Jones Children's Librarian Georgetown Neighborhood Library Washington, DC 20007 wjones98@hotmail.com >From: Jeannie Kunzinger <jkunzing@leaguecitylibrary.org> >Reply-To: pubyac@prairienet.org >To: pubyac@prairienet.org >Subject: Re: YA Teen Read Week Program >Date: Mon, 15 Sep 2003 14:08:29 CDT > >In addition to a Poetry Slam we are Slammin' Sports with a cafe type >evening of; a sports trivia contest, games, and sports related readers >theater with athletes from two of the local universities. > >I would also like to hear what other people are doing. > >Jeannie Kunzinger >Youth Services Coordinator >Helen Hall Library >League City, TX > ---------------------------------- Can't you just enter some sort of block or message against the child's cardFrom: Inge Saczkowski [SMTP:isaczkow@niagarafalls.library.on.ca] " No adult material without parental consent". We have lots of parents that have special requests, if you have an automated system, it's pretty easy to put a message on the child's card. Teresa J Oliver wrote: > I recently had a parent request that her child not be allowed to check out > any adult material. I told her that our system tries to ensure that all > material is available for any patron who needs it and that our circulation > system was not set up to handle material specific blocks. I then encouraged > her to view a trip to the library as family time, that she be present to > make decisions about material with her child. Anyway, that's what I tried > to tell her, but she left very upset. Does anyone know a good way to > explain this situation that leaves everyone happy (or at least happier?) > > Thanks, > > Teresa Oliver ---------------------------------- Actually, I am not too bothered by this. I buy popular titles in hard andFrom: Melissa MacLeod [SMTP:mmacleod@sailsinc.org] soft - and as for the rest, at least I don't feel bad as bad when a title is not circulating if I only spent $5 instead of $15. Also, I can get more books for my budget. I won't buy many YA titles until they come out in paper, and if it's really popular I have the option to repurchase in hard or soft. It takes a little more work in ordering, but I would much rather see a beat-up copy of something I have to reorder than a pristine copy nobody ever touches (and I can order a book up to three times in soft and pay what I would have once in hard - which is nice when titles don't come back from a borrower too). I imagine ten years down the road it will make it easier on the person weeding as well, I just feel so horrible going through YA and J fiction and having a cart full of books with a purchase value nearing $1000 that nobody has touched in 10 years. Hope some of these things make you feel a little better about paperback trends. Take care, Melissa MacLeod, Carver Public Library ----- Original Message ----- From: "Clara Eustis" <cceustis@elltel.net> To: <PUBYAC@prairienet.org> Sent: Monday, September 15, 2003 3:44 PM Subject: Paperback vs. Hardback > Is anyone else bothered by the decline in the usage of hardback juvenile > fiction? It seems I am constantly replacing paperback editions of titles > which are read to death while the hardback editions sit on the shelf in > pristine condition. I understand the appeal of the paperbacks to our young > readers but I get the feeling our collections are becoming very transitory. > Maybe I should just go with the flow but I am a little bothered by spending > so much of my book budget on flimsy bound books that are constantly needing > replacement. > > > Clara Eustis > Children's Services Manager > Yakima Valley Regional Library ---------------------------------- In Everyday Graces by Marianne Williamson, she refers to the magic of HarryFrom: Peggy Odom [SMTP:podom@ci.waco.tx.us] Potter for children and how magic can be in everyone's lives through spirituality. It is a good description of the joy it holds for children. It is in the introduction or first chapter. Thanks, Peggy Odom ---------------------------------- Teresa,From: Paula J. Lopatic [SMTP:paulal@rpls.lib.il.us] We respect a parent's right to limit what his/her child may check out of our library. I don't know which circulation software your library uses, so the following may not be possible in your situation. Our software allows us to attach a "note" to a patron's record. At circulation the computer screen displays the patron's name, address, any overdues or fines, and any note that we've added. The note automatically appears in bold type. Of course, the circulation clerk needs to be paying attention to the screen to have this all work well! If this isn't possible, perhaps your circulation staff will become familiar with this child and remember her parent's wishes. What size population do you serve? I only ask because circulation staff members often become quite familiar with regular patrons. Is it possible that your staff just needs to be told of the parent's request, perhaps in a written memo, to be able to accomodate the family? Yes, it would be wonderful if every child was accompanied to the library by an interested and involved parent. But there are lots of reasons why a parent can't always be a child's companion and we all just do our best. Best of luck. Paula ---------------------------------- Hi,From: j b [SMTP:jhsampson991@yahoo.com] There is the following warrning that goes with the Google toolbar. I'm passing it along, in case you haven't seen it. The following info is on the google toolbar. The google toolbar is a feature that can be downloaded and added to Google. But proceed with caution. Read below. ============================================ We found multiple security flaws in the Google toolbar; we will first list them all (sorted by severity) and then supply details. Without any user interaction, an attacker can use the Google toolbar to: 1. Tap to key presses in the toolbar's search box. 2. Control all visual configuration options. 3. Enable features with privacy implications. 4. Clear the toolbar's history. *5. Completely uninstall the toolbar. *6. Hijack the toolbar and reroute searches. *7. Execute arbitrary commands. *8. Read local files. *9. Script in the "My Computer" zone. #1. Tap to key presses in the toolbar's search box. --------------------------------------------------- When typing to the Google toolbar, the currently loaded document still receives all the keyboard events. This flaw is trivial to exploit, by setting a simple "onkeydown" event handler in the document level and waiting for input. This method is hardly perfect for the attacker since there's no way to know where the cursor is or even whether the user is actually in the Google toolbar. But by analyzing the information grabbed from the keyboard it is quite easy to make an educated guess. In addition, the attacker can only tap to the toolbar when the user is in his web site, there's no way to use this method outside of it. #2. Control all visual configuration options. --------------------------------------------- The method of registering changes in options to the Google toolbar is very insecure. The toolbar is using a special URL to inflict the changes, "http://toolbar.google.com/command? here>". However, it doesn't let the changes occur if the current document is outside of google.com or the special res:// protocol. That little restriction can be easily circumvented by opening a window that points to google.com or any res:// URL and then, with scripting, change the URL to the toolbar's configuration URL. The problem described above is the main issue of this advisory and all the other flaws are actually implications of it. For example, to hide the "Search" button, all an attacker needs to do is follow the steps above and then change the URL to "http://toolbar.google.com/command?Search=0". This can be done with all the other buttons and features. #3. Enable features with privacy implications. ---------------------------------------------- The toolbar comes with two features that have privacy implications; these are the "PageRank" feature and the "Category" feature. By following the steps described in #2 and then changing the URL to "http://toolbar.google.com/command?PageRank=1" and "http://toolbar.google.com/command?Category=1" an attacker can enable these features, regardless of their initial setup. #4. Clear the toolbar's history. -------------------------------- The toolbar has an option to save searches made by it. An attacker can enable this feature by following the steps described in #2 and then changing the URL to "http://toolbar.google.com/command?StoreHist=1" and "http://toolbar.google.com/command?ShowHist=1". An attacker can remove all searches from history by following the steps in #2 and then changing the URL to "http://toolbar.google.com/command?clearhist". #5. Completely uninstall the toolbar. ------------------------------------- An attacker can uninstall the Google toolbar by following the steps in #2 and then changing the URL to "http://toolbar.google.com/command?uninstall". #6. Hijack the toolbar and reroute searches. -------------------------------------------- To search, the toolbar uses a special option called "GoogleHome". An attacker can change the value of the "GoogleHome" option by following the steps in #2 and then changing the URL to "http://toolbar.google.com/command?GoogleHome='s search handler>". Starting from that moment on, all web searches would be routed through the attacker's web site. The attacker would be able to log the searches and uniquely identify users. The attacker will then be able to brand the user and offer him services according to the searches made. After logging the search information, the attacker can simply forward the request to Google to remove any suspicions the user may have. #7. Execute arbitrary commands. ------------------------------- The toolbar command mechanism exposes a very dangerous feature, when called with "http://toolbar.google.com/command?script= script>" the script passed to the command will run in the same context as the current document. As mentioned in #2, the toolbar command mechanism accepts two kinds of URLs, any URL in the google.com domain and any res:// URL. When ran on the google.com domain, the result is a simple domain XSS in google.com. But when ran on any res:// URL the result is full access to the "My Computer" zone. Once the attacker can access the "My Computer" zone, executing commands is trivial, all an attacker needs to do is follow the steps in #2 and then change the URL to "http://toolbar.google.com/command?script=document.body.insertAdjacentHTML(' beforeEnd','<object classid=clsid:10101010-1111-1111-1111-111111111111 codebase=c:/winnt/system32/calc.exe style=display:none></object>')". #8. Read local files. --------------------- Using the same logic described in #7, an attacker can read local files from the client. By following the steps described in #2 and then changing the URL to "http://toolbar.google.com/command?script=document.body.insertAdjacentHTML(' beforeEnd','<iframe id=oFileRead src=file://c:/test.txt></iframe>'); setTimeout(function () { alert(oFileRead.document.documentElement.innerText) },1000)" an attacker can read any local file that is loadable by IE. #9. Script in the "My Computer" zone. ------------------------------------- #7 and #8 are just two examples of the abilities of the "My Computer" zone. It is a very unrestrictive zone and other implications may apply when an attacker is able to inject script into it Sam Maskell <jmaskell@sover.net> wrote: Hi, Tara~ I had a similar experience recently. A woman and her child came in, the child touched the mouse, and up popped something horrible. She hasn't gone as far as your patron, however she did call members of the board and I received a personal visit. She also refused our explanation of why we will not filter the computers and has said that she will never drop her son off and leave him alone at the library again as it's not safe (apparently the fact that he also wasn't old enough - 6 years - didn't bother her?). My point: allow me to recommend the Google toolbar. It has a fabulous pop-up killer. If you go to Google.com and click on the Services link at the bottom you can download it. You would need to get the toolbar with enhanced features. I would recommend that if you get it, turn off the PageRank feature (you can do that by going to 'options') as this falls under the Spy Ware category. Since I applied the toolbar to all of our public access computers I have not had one complaint about inappropriate pop-ups. In fact, I've had more positive comments about computer use as patrons really appreciate not being subjected to pop-ups. ~Sam Rockingham Free Public Library ----- Original Message -----=20 From: Tara Mendez=20 To: pubyac@prairienet.org=20 Sent: Friday, September 12, 2003 12:02 PM Subject: RE: Computer hours Let me add my story. We recently had this lady in a froth she was waiting for our photocopier and there was a vacant internet station in front of her apparently all of a sudden a "porographic picture" popped up and she was agasp!!! I was not in the building so I could not deal with her. I did call her when I returned and we had a long talk. She wanted us to put the internet stations in a seperate room with a locked door. ( I mentally added with Sani wipes too?) I explained the whole public access yada yada. She wrote tothe mayor telling him how afraid she was to allow her children into the library ever again that if they had seen this it would have scarred them for life. Her children are 16 and 14. I hate to break it to her but I am sure it would not have had any impact on their lives. She is insisting on filtering and right now we are sided stepping it. She is not willing to return to the library until I can garantee that there will be no more pop ups. Or that we can hide the monitors by placing them to face the wall so that noone can see them, but againthis approaches the Sani wipe situation and is not something we will practise. It is unfortunate how one vocal minority can cause such havoc.=20 Tara Mendez Pembroke Public Library J.H.Brown, Evening LibrarianECC, Rocky Mount CampusRocky Mount, NC ---------------------------------- Innovation - Continuing Education Workshops Fall 2003From: GSLISCE [SMTP:gslisce2@simmons.edu] Simmons College - Graduate School of Library and Information Science - Office of Continuing Education is offering the following ONLINE workshops for Fall 2003: Anime & Manga Cascading Style Sheets Dreamweaver 101 Education: Reference Sources Job Hunting and Career Management Keeping Up with YA Reading Power Google Teaching & Learning Online The Newbery Award For a preview of these workshops: http://www.simmons.edu/gslis/ce/online_preview.html For information about all our workshops: http://www.simmons.edu/gslis/ce/index.html (click on pdf version of the brochure and the registration material for pricing information) or contact: Jody Walker GSLISCE Simmons College 300 The Fenway Boston, MA 02115-5898 tel: (617) 521-2803 gslisce@simmons.edu font FACE="Arial">End of PUBYAC Digest |
|
|