Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Privacy United States

Library to Require Fingerprint to Use PCs 507

Posted by Zonk from the who-doesn't-like-to-be-tracked? dept.
FearUncertaintyDoubt writes "Three libraries in Naperville, IL, soon will start requiring patrons who use the library's PCs to provide a fingerprint scan. The article says, ' Library officials say the added security is necessary to ensure people who are using the computers are who they say they are. Officials promise to protect the confidentiality of the fingerprint records.'"
This discussion has been archived. No new comments can be posted.

Library to Require Fingerprint to Use PCs More

Library to Require Fingerprint to Use PCs

Comments Filter:

  • Best. Mark of the Beast. Ever. (Score:5, Insightful)

    by Saint Aardvark ( 159009 ) * on Friday May 20, 2005 @01:56PM (#12591783) Homepage Journal
    From the non-fing erprint requiring version [belleville.com]:

    "Right now we give you a library card with a bar code attached to it. This is just a bar code, but it's built in," said Mark West, the library's deputy director.

    To be fair that does come after this paragraph:

    Naperville library officials said the technology cannot be used to reconstruct a person's actual fingerprint. The scanners, made by Naperville-based U.S. Biometrics Corp., use an algorithm to convert 15 or more specific points into a unique numeric sequence.

    But it's still shockingly cavalier to describe the technology as "just a bar code". I have difficulty understanding a) why this seems like a good idea to anyone, and b) why this gentleman seems incapable of understanding people's worries about a fucking library requiring fingerprints!

    • Re:Best. Mark of the Beast. Ever. (Score:5, Insightful)

      by Rei ( 128717 ) on Friday May 20, 2005 @02:09PM (#12591954) Homepage
      Sure, you can't get their *fingerprint* from the points, but you have a unique identifier. I.e., if someone is investigating messages sent from that computer and they round you up as a suspect, they can take your "15 point" fingerprint and ID you.

      • You know what they say... (Score:5, Funny)

        by the MaD HuNGaRIaN ( 311517 ) on Friday May 20, 2005 @02:20PM (#12592088)
        In Soviet Russia, the Library checks out YOU!!!

        In China, only old people go to the library to use computers.

        1. Make fingerprint scanner
        2. Con librarians into buying it
        3. ???
        4. PROFIT!

        They can get my fingerprint when they pull my finger out of Cowboy Neal's butt.

        Let's see.....Soviet Russia, Chinese old people, profit, Cowboy Neal reference. Now only if this would have been the first post....

    • Stupid (Score:5, Insightful)

      by autopr0n ( 534291 ) on Friday May 20, 2005 @02:17PM (#12592048) Homepage Journal
      Naperville library officials said the technology cannot be used to reconstruct a person's actual fingerprint. The scanners, made by Naperville-based U.S. Biometrics Corp., use an algorithm to convert 15 or more specific points into a unique numeric sequence. But there's nothing to prevent anyone from taking an actual fingerprint and converting it into one of these codes. Either from a crime scene or an old database.

      • Re:Stupid (Score:5, Insightful)

        by kfg ( 145172 ) on Friday May 20, 2005 @02:59PM (#12592600)
        And do you know why? Because it's an numeric encoding of your fucking fingerprint.

        "No, no sir. We don't require photo ID to take out a book. What we do is take a photograph and then convert that to a unique numeric code called a jpeg. So you see, your fears are completely ungrounded."

        KFG

    • Re:Best. Mark of the Beast. Ever. (Score:5, Interesting)

      by Kainaw ( 676073 ) on Friday May 20, 2005 @02:20PM (#12592087) Homepage Journal
      But it's still shockingly cavalier to describe the technology as "just a bar code".

      As he states - it is a one-way algorithm. If I have your barcode off your library card, I cannot reconstruct your name, SSN, birthdate, and all that without going into the library's database. With the number-sequence that this system creates, I cannot reconstruct your fingerprint at all. I cannot reconstruct any of the data previously mentioned without going into the database. So, instead of creating a random number with the unix timestamp as a seed, they are creating a random number with your fingerprint as a seed. What is so shocking about that?

      I have difficulty understanding why this seems like a good idea to anyone

      Hmmm... I guess someone needs to go to your library, tell them that they are you - they can even print a fake barcode on any old library card since barcode techology is open and freely available to anyone and everyone. Then, they can surf for child porn on your account. When the feds come to your door, you can explain to them that it is a terrible idea for the library to go to every measure to ensure that patrons are who they say they are.

      I have difficulty understanding why this gentleman seems incapable of understanding people's worries about a fucking library requiring fingerprints!

      There is a difference between requiring fingerprints on record (actually having your fingerprint in a database somewhere) and using your fingerprint to create a random sequence of numbers. If you cannot see that, then you are forcing yourself to be blind to it.

      • Re:Best. Mark of the Beast. Ever. (Score:4, Insightful)

        by srleffler ( 721400 ) on Friday May 20, 2005 @02:37PM (#12592288)
        It's not so much a random number seeded by the fingerprint, as it is a hash of the fingerprint. Security of hashed personal data is an issue, the same way that security of a hashed password file is an issue. Yes, you can't reconstruct the original passwords from the hashed values, but if an attacker has the hashed values there are ways to compromise the system's security. In particular, someone with access to a true fingerprint database (i.e. police/FBI) should be able to apply the same 15-point process to it and generate numbers that can be matched against the library 'bar codes'. The fact that the 'bar codes' do not encode the entire fingerprint does not really do much to increase privacy protection.
        • I'm missing your point completely. Your scenario is that I can decide to be a hacker. I hack into the FBI and get a list of everyone's fingerprint. I then hack into the library and get all the fingerprint hashes. I compare fingerprints to fingerprint hashes and I figure out who you are. And then...?

          Wouldn't it have been a hell of a lot easier to just grab your name and address off the library's server when I was hacking that? Why mess with all the fingerprint junk?

          As for concerns about 'hash securit
          • i would be much more concerned with what the gov and its agencies do "legitimately" with the information. information sharing and scope creep is the name of the game in the usa these days. just think "total information awareness" and so on...

            sum.zero

          • As for concerns about 'hash security', isn't that what john-the-ripper is used for? Just because you can brute-force a password algorithm doesn't make it insecure. From the data provided, this is the equivalent of a 15-character password hash. The best password crackers can take months to crack 10-character password hashes. Then, even if they do figure out that a certain sequence of fingerprint identities matches up a specific hash - what? They somehow clone a finger and alter the dna to create your finger

      • Re:Best. Mark of the Beast. Ever. (Score:4, Insightful)

        by CaymanIslandCarpedie ( 868408 ) on Friday May 20, 2005 @02:42PM (#12592362) Journal
        So, instead of creating a random number with the unix timestamp as a seed, they are creating a random number with your fingerprint as a seed. What is so shocking about that?....There is a difference between requiring fingerprints on record (actually having your fingerprint in a database somewhere) and using your fingerprint to create a random sequence of numbers.

        This sure sounds innocent and I'm sure its meant to be, but there is certainly possible abuses which could occur. They store those 15 or more fingerprint points (after converting to a number presumably with some crpyto algorithum). When you want to log into a computer a finger print reader takes your fingerprint again and the same process (converting to numbers) happens. These are then matched up to verify who you are.

        The problem is if each "encryption" of the "data" equals the same result then it CAN be used for otherthings. They don't need to actually store your fingerprint anywhere. Patriot-Act could let law enforcement use this database of numerical "fingerprints". All they have to do is feed thier database of fingerprints (or those from a crime scene etc) through the same software as was used to originally "encrypt" the library fingerprints, compare the numbers, and if the numbers match they got their guy. This doesn't require a REAL fingerprint. As long as everytime a fingerprint is put through the algorithim it gives the same result, having the ACTUAL fingerprint on file isn't much of an issue.
        • Patriot-Act could let law enforcement use this database of numerical "fingerprints".

          Read the USA PATRIOT Act before stating what it can and cannot do. The USA PATRIOT Act's provisions for public/small business records access comes from the USA Act, which comes from FISA (passed in 1978). In order to access those records, an investigator has to go to FISC and convince a panel of judges that you are suspected of espionage, terrorism, or drug smuggling AND you have not committed a crime that would allow fo

      • Re:Best. Mark of the Beast. Ever. (Score:5, Insightful)

        by Red Alastor ( 742410 ) on Friday May 20, 2005 @02:45PM (#12592399)
        As he states - it is a one-way algorithm. If I have your barcode off your library card, I cannot reconstruct your name, SSN, birthdate, and all that without going into the library's database. With the number-sequence that this system creates, I cannot reconstruct your fingerprint at all. I cannot reconstruct any of the data previously mentioned without going into the database. So, instead of creating a random number with the unix timestamp as a seed, they are creating a random number with your fingerprint as a seed. What is so shocking about that?

        What is so shocking about this is that I don't trust them. How can I be sure that they are telling me the truth and my entire fingerprint isn't stored in the system ?

        How can I be sure that the system haven't been cracked and someone hasn't intercepted the picture of my fingerprint before the 15 points were extracted and the rest discarded ?

        How can I be sure that they still only take 15 points or that another organization that jumped in the bandwaggon is also only using 15 points ? Read the fucking licensing agreemend before each time I put my thumb there ?

      • Re:Best. Mark of the Beast. Ever. (Score:5, Insightful)

        by joranbelar ( 567325 ) on Friday May 20, 2005 @04:18PM (#12593479)
        Hmmm... I guess someone needs to go to your library, tell them that they are you - they can even print a fake barcode on any old library card since barcode techology is open and freely available to anyone and everyone. Then, they can surf for child porn on your account. When the feds come to your door, you can explain to them that it is a terrible idea for the library to go to every measure to ensure that patrons are who they say they are.

        I think you're missing the point somewhat. Why is it so god damned necessary that the police be able to personally identify you based on library usage in the first place? I'd rather have that plausible deniability there - "It might not have been me, someone could easily have stolen my card." In fact, I'd much RATHER just have library access be completely and totally anonymous.

        Oh, and on another note - is it just me or is the invocation of Child Porn becoming a new Godwin's Law? Is there an epidemic of people stealing library cards to surf for child porn in public or something? ;)

    • I mean this is Naperville we're talking about here, hotbed of political intrigue. People could be reading *anything* on the internet, communists or even them tree hugger perverts objecting to another golf course or country club.

    • You scratch my back... (Score:5, Insightful)

      by Colol ( 35104 ) on Friday May 20, 2005 @02:45PM (#12592404)
      I think the article just explained this rather bizarre move.

      Naperville library officials [...]

      The scanners, made by Naperville-based U.S. Biometrics [...]

      Both in Naperville. How coincidental. I wouldn't be terribly surprised if U.S. Biometrics wandered into the library offices and said "y'know, if you buy our fingerprint scanners we might be willing to donate a fat wad of cash to the library. We'll even discount 'em for you."

      Why else would a library -- likely strapped for cash, as most are -- suddenly feel the need for (expensive) biometrics hardware out of the blue?

      • Re:You scratch my back... (Score:4, Insightful)

        by front ( 159719 ) on Friday May 20, 2005 @04:31PM (#12593599)
        "Why else would a library -- likely strapped for cash, as most are -- suddenly feel the need for (expensive) biometrics hardware out of the blue?"

        It is obviously Fascism. Let us check the 14 points (from Dr. Lawrence Britt) and see which ones the Naperville Library makes up the score on... [drum roll]

        1. Powerful and Continuing Nationalism -- Fascist regimes tend to make constant use of patriotic mottos, slogans, symbols, songs, and other paraphernalia. Flags are seen everywhere, as are flag symbols on clothing and in public displays.

        [I have not been to Naperville Library lately but I reckon I'll give that a +1 as they are a Library in a State of the USA and most likely have a Stars & Stripes flying on a pole outside the library... +1]

        2. Disdain for the Recognition of Human Rights -- Because of fear of enemies and the need for security, the people in fascist regimes are persuaded that human rights can be ignored in certain cases because of "need". The people tend to 'look the other way' or even approve of torture, summary executions, assassinations, long incarcerations of prisoners, etc.

        [Naperville Library, Score so far... +2]

        3. Identification of Enemies/Scapegoats as a Unifying Cause -- The people are rallied into a unifying patriotic frenzy over the need to eliminate a perceived common threat or foe: racial, ethnic or religious minorities; liberals; communists; socialists, terrorists, etc.

        [Naperville Library, Score so far... +3]

        6. Controlled Mass Media -- Sometimes the media is directly controlled by the government, but in other cases, the media is indirectly controlled by
        government regulation, or through sympathetic media spokespeople and executives. Censorship, especially in wartime, is very common.

        [Naperville Library, Score so far... +4]

        7. Obsession with National Security -- Fear is used as a motivational tool by the government over the masses.

        [Naperville Library, Score so far... +5]

        9. Corporate Power is Protected -- The industrial and business aristocracy of a fascist nation often are the ones who put the government leaders into power, creating a mutually beneficial business/government relationship and power elite.

        [Naperville Library, Score so far... +6]

        11. Disdain for Intellectuals and the Arts -- Fascist nations tend to promote and tolerate open hostility to higher education, and academia. It is not uncommon for professors and other academics to be censored or even arrested. Free expression in the arts is openly attacked, and governments often refuse to fund the arts.

        [Naperville Library, Score so far... +7]

        12. Obsession with Crime and Punishment -- Under fascist regimes, the police are given almost limitless power to enforce laws. The people are often willing to overlook police abuses, and even forego civil liberties, in the name of patriotism. There is often a national police force with virtually unlimited power in fascist nations.

        [Naperville Library, Score so far... +8]

        13. Rampant Cronyism and Corruption -- Fascist regimes almost always are governed by groups of friends and associates who appoint each other to
        government positions, and who use governmental power and authority to protect their friends from accountability. It is not uncommon in fascist regimes for national resources and even treasures to be appropriated or even outright stolen by government leaders.

        [Naperville Library, Score so far... +9]

        Naperville Library? You are not up to scratch here. You've only made a score of nine out of a possible fourteen on your Fascist Library+ exam. We expect a greater effort in the future.

        (And please... to dissuade the Liberals... please make sure that the Flag is properly lit at night (if you choose to fly it after the sunset) on the flagpole outside. The Libertarians and Veterans get upset if that is not taken care of.)

        cheers

        front
      • It's GOT to be a trial balloon. IIRC, the patriot act has a number of points or provisions which are to expire soon unless congress (the opposite of PROGress) extends or rewrites them.

        Maybe this is a trial, subterfuge vendetta against the librarians who stiffly resisted the initial patriot and other acts that were after library patron information. See, if Illinois approves of it, other states--particularly some of the bible-belt states-- might cause this to be mass-deployed around the US. I do realize that

  • Stop this while you can, REFUSE to use it! (Score:5, Insightful)

    by garcia ( 6573 ) * on Friday May 20, 2005 @01:57PM (#12591788)
    Officials promise to protect the confidentiality of the fingerprint records.

    What does that mean exactly? Doesn't the "Patriot" Act allow for law enforcement officials to easily obtain library records during investigations? I know that the ALA has spoken against the "Patriot" Act in the past but will they actually stop the LEOs from taking this information?

    The three-library system this week signed a $40,646 contract with a local company, U.S. Biometrics Corp., to install fingerprint scanners on 130 computers with Internet access or a time limit on usage.

    Library officials say the added security is necessary to ensure people who are using the computers are who they say they are.

    $313 a computer seems like an awful lot of money for this. I'm not sure what they are trying to accomplish other than wasting taxpayer dollars.

    Once a patron's fingerprint has been recorded, accessing a computer will require only the touch of a finger.

    "Right now we give you a library card with a bar code attached to it. This is just a bar code, but it's built in," West said.

    So patrons used to scan their library card and they could use the computer? There is no difference now except a database of information tied to a fingerprint that can easily be looked into by employees, LEOs, and possible thieves.

    West said the library is requiring a fingerprint to set up computer access, although patrons who object could ask a staff member to log them on to a computer.

    Are they going to make this perfectly clear to all patrons with a large sign in blinking neon? I doubt it. Make sure to give the staff a hassle. We need to hassle businesses (public and private) more so that these privacy intrusions cease. We will continue heading down the slope due to "ease" if people continue to stand down.

  • Consider before you judge... (Score:5, Interesting)

    by TripMaster Monkey ( 862126 ) * on Friday May 20, 2005 @01:58PM (#12591806)

    Initially, I was against this development, but after reading TFA, I actually feel al lot better aboout it, for a few reasons:

    From TFA:

    Last May, when Naperville police demanded the account information of a man who had fondled himself in front of teenagers while viewing pornography in the computer lab at Nichols Library, the library refused to release the information without a subpoena, citing the Illinois Library Records Confidentiality Act.


    The library taking a stand like this gives me slightly more confidence in trusting them with biometric data...at least they won't give it up without the proper authorization, but this doesn't address the issue of data theft. The following quote, however...

    Also from TFA:

    The stored numeric data cannot be used to reconstruct a fingerprint, West said, nor can it be cross-referenced with other fingerprint databases such as those kept by the FBI or the Illinois State Police.

    It's important to note that most biometric systems work in this fashion. If each organization who wished to use biometrics were required to use their own, distinctive algorithm, the danger of other organizations using that biometric data for its own purposes would be greatly reduced.

    Actually, there's just one thing in TFA that troubles me:

    "Confidentiality and privacy [are] my middle name," [Library Deputy Director Mark] West said.


    Come now, Mark...which is it...confidentiality or privacy? They can't both be your middle name...

    ^_^

    • They're one of the first groups to stand up to Government restrictions and any other horseshit that "they" want to impose on us citizens.

      When the PATRIOT act first came out, I remember seeing all these signs and posters around the local libraries, with quotes, explaining the abuses of that law. And, keep in mind, this is in Georgia!, on of the most Red states there is!!!
      Ya know, it's ironic that "Red" is now good in America now!

      For you youngsters, "red" Used to mean "Communist Fuckers".

    • Hi! My name is Mark Confidentiality Privacy West. Pleased to meet you. I'm one of the hundreds of millions of people who have more than one middle name.

      • "Confidentiality and privacy [are] my middle name," [Library Deputy Director Mark] West said.


        Hi! My name is Mark Confidentiality Privacy West. Pleased to meet you. I'm one of the hundreds of millions of people who have more than one middle name....and yet I'm rather unique in that I refer to them in the singular.

    • Initially, I was against this development, but after reading TFA, I actually feel al lot better aboout it, for a few reasons:

      A little bit of googling results in the fact that, while the library may be protecting the patrons, if it were up to the police, they would have no such ability.

      When someone spotted Blaszak's inappropriate library activities, they called the police. Unfortunately, by the time the Naperville PD arrived, Blaszak had left the library. Library officials refused to disclose the patron

  • Egh (Score:5, Insightful)

    by DarkHelmet ( 120004 ) * <mark&seventhcycle,net> on Friday May 20, 2005 @01:58PM (#12591814) Homepage
    The article says, ' Library officials say the added security is necessary to ensure people who are using the computers are who they say they are. Officials promise to protect the confidentiality of the fingerprint records.'"

    This really begs the question: Why do they need to know who that the person in front of the computer is who they say they are? What purpose does this serve?

    "We take people's fingerprints because we think they might be guilty of something, not because they want to use the library," said Ed Yohnka, spokesman for the American Civil Liberties Union of Illinois.

    A very apt response from the ACLU. The problem is that we're now into the notion that "everyone is suspect" and due to that, we're going in this direction. It seems like

    I could very well imagine this being linked into god-knows-what. Imagine, for instance, having $100 in parking tickets due, and the library terminal refusing you connection to their services before this due is paid.

    Finally, anyone who is really interested in doing something criminal will just subvert the system. It's not like it's particularly difficult to spoof a fingerprint scanner. Remember the stories about doing it with Jello? Also, remember the fingerprint scanner that could be defeated by blowing on it?

    Just like limitations on guns, just like airport security, just like locks on our doors and car alarms, and just like so many other things, this is used to punish the law abiding citizen, and does nothing to deter the hardened criminal or terrorist.

    • Re:Egh (Score:3, Interesting)

      by flood6 ( 852877 )
      I agree. I understand the need for security, but privacy about what you do in a library seems sacred to me. We keep shutting down liberties there.

      Freedom to read what you want without scrutiny seems like something Americans should hold dear. Using the public computers there seems like a natural extension.

      I would love to dismiss this story as alarmist, but I fear the threat is real. These liberties we keep surrendering are starting to stack up. It's time to start using your votes on these issues wh

    • This really begs the question: Why do they need to know who that the person in front of the computer is who they say they are? What purpose does this serve?

      To cover their asses legally when Hous bin Pharteen bombs the hell out of something and coordinates his efforts with other terrorists by logging in anonymously from public workstations.

      This whole thing comes down to legal/financial liability.

  • Alternate Suggestions (Score:4, Interesting)

    by bigtallmofo ( 695287 ) on Friday May 20, 2005 @02:00PM (#12591834)
    I'm sure there are going to be many cries of privacy invasion in regard to this. The library's published reason for taking this measure is:

    ...library officials discovered that many patrons logged onto library computers using library cards and passwords of friends or relatives. That realization, coupled with a new library policy that allows parents to install automatic Internet filters on their children's accounts, prompted the search for better computer security...

    So there's the problem. Please include your personal counter suggestion with any criticisms.

    • Re:Alternate Suggestions (Score:5, Insightful)

      by RealAlaskan ( 576404 ) on Friday May 20, 2005 @02:18PM (#12592056) Homepage Journal
      So there's the problem.

      I see a huge problem there, but this is not the solution. It's a parent's job to monitor his kids as needed. It's not acceptable to turn that over to a filter. The real problem is irresponsible parents. The secondary problem is a library staff which is enabling them, with a foolish technological non-solution to a social problem.

      Yes, I'm a parent, and yes, I give my kids the supervision they need, even in the library.

      Please include your personal counter suggestion with any criticisms.

      The solution is to tell those parents to watch their own stinking kids.

      How about making sure that the computers the kids use have big screens, clearly visible to all? That would go a long way to facilitate the parental monitoring.

    • Re:Alternate Suggestions (Score:5, Insightful)

      by 99BottlesOfBeerInMyF ( 813746 ) on Friday May 20, 2005 @02:23PM (#12592125)

      library officials discovered that many patrons logged onto library computers using library cards and passwords of friends or relatives... So there's the problem. Please include your personal counter suggestion with any criticisms.

      If it is illegal for children to view the restricted materials, charge the person who gave them access with contributing to the delinquency of a minor. If it is not illegal, there is no reason to waste public funds trying to restrict minor's access to the material. Do they also prevent minors from looking at nude pictures in art books somehow?

      Parents should not expect their children to be restricted unless they are present to enforce that restriction. There are always ways around these measures and many valid reasons to get around them. I have yet to see a filtering mechanism for the internet that does not block content that is both important for children to know and an unintended effect of the system.

      These libraries should rethink their policy. Kids will still be able to bypass this with a gummi bear, a cd-rom, or a latex copy of their parent's fingerprint. Parents will be given the false impression that their children are safe on the internet, which they won't be since filtering never works properly and can be bypassed.

      Here is the main problem with what the libraries are doing. They are asking patrons to trust them that the fingerprint data will not be saved or used against them. Even if all the patrons trust the people who work at the library now, this policy will sadly outlive them and they are being asked to trust all the people who will work at the library in future. Finally, they are being asked to trust that the federal government will not step in and start requiring this data at some point in the future. Basically, they are asking for a lot of people to entrust them and their technology and their policies to protect their freedom, all without a really really damn good reason to do so.

    • Require state issued picture ID's to use Library computers.

      Randomly audit the users of the system, verifying picture ID's. Anyone that is caught using someone else's access gets both their own and the person who "loaned" them access revoked.

      Problem solved.

  • Pure Evil (Score:3, Insightful)

    by prichardson ( 603676 ) on Friday May 20, 2005 @02:00PM (#12591835) Journal
    This is just ridiculous. Why do they even care who uses the computers at the library. Around here they don't ask you for anything. You just sit down and go.

    They do politely ask you to limit yourself to ten minutes if there's a line.

    There is absolutely no good reason for this and it's a clear step toward a totalitarian state.
    • This is just ridiculous. Why do they even care who uses the computers at the library. Around here they don't ask you for anything. You just sit down and go.

      Different libraries have different policies. Mine requires you to log in with your library card number.

      They do politely ask you to limit yourself to ten minutes if there's a line.

      See, at mine, we get an hour. Also, the floppy drives and USB ports are disabled to keep users from uploading and downloading

      There is absolutely no good reason fo

      • Re:Pure Evil (Score:3, Informative)

        by kelzer ( 83087 )

        Any library that requires a logon has a good reason for this. Considering most libraries operate autonomously from the government, what a library does has no bearing on the totalitarianism of a state.

        From personal experience, I have to disagree with you here. It wasn't until after the Patriot Act was passed that public libraries stopped allowing anonymous web access. Previously, I don't remember ever entering a single library (in a number of different cities and counties in different states) that requ

  • have started to give out police station cards in order for a person to check into and out of jail. An officer was quoted as saying "...we like how well the library system [the card] works....it should really help reduce the amount of dirty fingerprints on our walls...I think the biggest problem will be what to do when someone stays checked out to long"

  • Currently patrons use their library cards and personal identification numbers to access the computers.

    Whats wrong with this system? Its sounds like they are replacing one two-factor authentication system with another. What will biometrics provide that the current system does not?
    • The reason that many libraries have you log in at all is so that they can limit the amount of time that you use a computer. When you have a medium-sized library or larger, it's the only way to ensure that everyone has access to the computers. Sign-up sheets won't cut it, and lots of people would just sit there all day playing games if given the opportunity.

      The problem with library cards is that many families have a different library card for each family member. At the library I used to work at, there we

  • In other related news... (Score:3, Funny)

    by DarkHelmet ( 120004 ) * <mark&seventhcycle,net> on Friday May 20, 2005 @02:01PM (#12591844) Homepage
    Looks like Chancellor Palpatine has asked the American Senate to grant him more executive powers... Go Darthie!

    Wait a minute... Guess I'm confusing names in an otherwise similar reality.

  • Just some data points... (Score:3, Informative)

    by buckhead_buddy ( 186384 ) on Friday May 20, 2005 @02:01PM (#12591850)
    My sports center requires a hand scan to enter the facility. It gives false or unreadable scans so often that most of the guards just wave you through if you look even vaguely trustworthy.

    What about those with disabilities (severed limbs) or those with birth defects (extra fingers)? I bet the woman who started the whole "Finger found in Wendy's chili" scam won't be worried at all. She has an extra one she can use. (Okay, that's a bit too far. sorry)

  • Identify who someone is with a fingerprint? (Score:5, Interesting)

    by gorbachev ( 512743 ) on Friday May 20, 2005 @02:01PM (#12591852) Homepage
    So, if I go to this library with a fake ID and they take my fingerprints how are they going to make sure that I am who I claim I am, if they're not crossreferencing any other fingerprint databases?

    The whole idea is just completely absurd.

    • Re:Identify who someone is with a fingerprint? (Score:4, Insightful)

      by mcelrath ( 8027 ) on Friday May 20, 2005 @03:01PM (#12592633) Homepage
      Who cares if you are who you say you are?

      It's a library. It's an information resource for citizens. Free access to information is a cornerstone of democracy. People's behavior changes when they know they're being tracked, whether they're doing something nefarious or not. The implications for law-abiding citizens and democracy itself are dire.

      And what ever happened to that quaint phrase "presumed innocent until proven guilty". While the law on that has changed little, public attitude has turned 180 degrees. For hundreds of years municipalities and corporations have followed the principles and spirit of our founding fathers, even though they were not necessarily bound by them.

      I do not want to live in any place where I'm presumed a criminal until I demonstrate otherwise. That is not a free state. That is a police state.

  • It should go without saying that there will be creep with use of technology like this... This is such a bad idea. There are better ways to do this than biometrics, and really, does a library need to be that "secure"? What's next, are we going to require fingerprints to register at various websites? I'm sure that'll go over real well.

  • promise (Score:5, Insightful)

    by ltwally ( 313043 ) on Friday May 20, 2005 @02:02PM (#12591860) Homepage Journal
    "Officials promise to protect the confidentiality of the fingerprint records."
    Yeah, because public systems have wonderful track-records for protecting sensitive data like that, these days. Just like I'm sure that my Social Security number is safe floating around all these financial institutions. 'Cause you know that they'd never allow such information to be placed on an insecure server that is publically accessible.

    Oh... Wait.

    Yeah, I don't care if it's "ethical," I think I'd just download the book I wanted to read after my community pulled something like that.
  • This is just another of the many inputs for gathering fingerprints of every (soviet) American. For inclusion in the uberjoined database that BushCo will outsource to their old Iran/Contra IT wing, ChoicePoint and DataBase Technologies [answers.com].

    Securitized for Your Protection (TM) [216.105.53.41].

  • Forgetting basic rules of security.. mm.. (Score:3, Interesting)

    by Gopal.V ( 532678 ) on Friday May 20, 2005 @02:03PM (#12591877) Homepage Journal
    Secure authentication is based on Something _______
    • You know
    • You have
    • You are
    Theoretically fingerprints belong in #3 .. But the current detection schemes are easy to cheat so it turns into #2, and very weak one at that. You cannot reset/discard your fingerprint and you leave it everywhere you go on your surroundings.

    So explain to me again how having a library access card with PIN numbers don't work. Hell, I'm still signing on a register to take books out - which works pretty well for the library.

  • Now I have a reason to explain to my wife why I spend $1500 on hardware upgrades every 6 months. After all, we don't want to fall victim to the evil fingerprinting scheme, do we?! :)

  • "protect the confidentiality" Yeah right... (Score:5, Informative)

    by Anita Coney ( 648748 ) on Friday May 20, 2005 @02:04PM (#12591892) Homepage

    The Patriot Act requires libraries to turn over that sort of information [foxnews.com] to the feds when asked.

  • It's a freaking LIBRARY. How about authenticating people using their LIBRARY CARD NUMBER and verifying their ID at the time they sign up? In fact, I hear there's this new technology called a PRINTER...when coupled with a digital camera, you can even print someone's face on their ID card.

    I bet that's much cheaper, less confusing and less intrusive than a $40,000+ biometric ID system.

  • Clearing things up (Score:3, Insightful)

    by Shky ( 703024 ) <shkyoleary&gmail,com> on Friday May 20, 2005 @02:05PM (#12591907) Homepage Journal
    The stored numeric data cannot be used to reconstruct a fingerprint, West said, nor can it be cross-referenced with other fingerprint databases such as those kept by the FBI or the Illinois State Police.

    So before we get too many people who didn't RTFA saying that the government will be able to get people's fingerprints easily.. well, they won't. Before this a library card was required (it has your name on it), so essentially this will replace your library card as a method of keeping track of who is using the computer.

    The difference, however, is that any decent criminal could get a library card with a fake name, but with this system they would have to provide a finger print (though TFA does say that it isn't always necessary, as an employee could login for them). The feds could probably create a system that would interpret the library's data to get files that they could cross-reference with their database. That, really, is the only danger.

    So as it stands right now, this is pretty harmless. It's not really any different than using your library card. But, of course, they don't really make a case for why the finger print system is being implemented other than that it might be a bit easier to use.
    • The stored numeric data cannot be used to reconstruct a fingerprint, West said, nor can it be cross-referenced with other fingerprint databases such as those kept by the FBI or the Illinois State Police.

      If this is true, then it could actually give more privacy than logging in using your library card.

      Using the library card, there is a record with your name attached to it. Using the fingerprint, there wouldn't have to be a name attached to the login. The system could just take the hash from your fing

  • Oh, they promise. Well, that's good enough for me.

    Don't worry everybody, nothing to see here. They promised!

  • Necessary Evil (Score:2, Insightful)

    by Nytewynd ( 829901 )
    I am not usually a supporter of intrusive measures, but I can agree with this.

    Library PCs are still accessible, but you need to identify yourself before you use it. It could track where you've been, but considering you using the computer in a public place, in a location that is supposed to be for doing research and learning, most people shouldn't be accessing anything questionable.

    It is fairly common that library computers are used as tools for shady and illegal actions. Worried that the FBI might t
    • Actually - they didn't have records of everything you read - they had records of everything you borrowed and they could 'block' inappropriate contect by excluding it from their collections.

      Where you are going with this is toward the Thought Police run state. You know, as this progresses you might even be able to claim political asylum or refugee status in Canada in the near future!!

      How anyone could just shrug off such an obvious infringement on freedom in "The Land of the Free" is - well, utterly bafflin

    • Re:Necessary Evil (Score:3, Informative)

      by LoFat ByLine ( 321449 )
      Before the internet, people read books. If you got the book at the library, they had a record of everything you ever read.

      Not true. Most libraries only have records of what you currently have checked out. They don't keep those records after the books are returned. The historical exceptions have tended to be totalitarian regimes like Stalinist Russia.

      Fingerprinting library users is insanely over the top. If it was happening in my country, I'd be really worried.

      • Re:Necessary Evil (Score:3, Informative)

        by geoffspear ( 692508 ) *
        Yes, currently libraries only track what you currently have checked out. However, the "historical exceptions" include most American libraries. Many of them used to (and some probably still do) use Date Due cards that stay with the book while it's in the library and list everyone who's checked it out.

        I work in a library storage facility, and many of our materials have cards not only listing the names of the people who checked out books 30 years ago, but their social security numbers, too.

        For the record,

  • Easy workaround (Score:2, Funny)

    by lheal ( 86013 )
    [ob]
    1. Eat at Wendy's
    2. Order the Chili
    3. Use that thumb
    [/ob]
  • I assume that means you cant even look up a book title to read in the library without handing over your privacy?

    A library is a public resource. They don't need to know who you are unless you plan on checking out a resource to remove from the premises.

    "we see here that you were looking up a book about explosives, please come down to the station so we can talk"

  • biometrics are bad, m'kay? (Score:3, Informative)

    by fred fleenblat ( 463628 ) on Friday May 20, 2005 @02:08PM (#12591946) Homepage
    No one will ever use my fingerprint, retinal scan, or any body part for identification. Ever.

    engadget version of story [engadget.com]
    bbc version of story [bbc.co.uk]

  • How very convenient. I guess this means I will be able to watch those DVDs [slashdot.org] I check out from the library afterall...
  • First of all, that a library is the force behind this astounds me. My significant other is a librarian (don't laugh...she's actually pretty hot), and if I've seen anything, it's that librarians are very much fans of civil freedom. They're often the first to be confronted with issues of censorship and repression of knowledge, and it's been that way for hundreds of years.

    So, that said, I think I can accept their promise not to violate the confidentiality of their records, as long as they can accept the pro
  • Since wireless access is fast becoming ubiquitous, and since often you can connect at one place (the library) thru a different place (the nearby hotspot), how will the library react to personal computers connecting to the internet without going thru the library's network? Are they going to ban all personal laptops in libraries? Actually, a connection to the internet is not required to display your porn collection stored on your personal computer. Maybe they are going to require me to install fingerprint

  • The problem with this... (Score:3, Interesting)

    by Deep Fried Geekboy ( 807607 ) on Friday May 20, 2005 @02:26PM (#12592159)
    ... is not the specific case, which is troubling but relatively trivial, but the fact that it represents another step in creeping fingerprintization. I suspect that five years from now fingerprints will be the defacto form of ID in the US, like drivers licenses and SSIDs are now.

    Why is it a problem (especially for me, a Canadian resident and British citizen)? Well, simply because I do not trust your government. I currently have *no choice* but to be fingerprinted if I wish to enter the USA. I need to do that for my work, so I just assume the position.

    However, it literally makes me think twice about expressing my opinion freely on the net. Anyone who's had to deal with US immigration as a non-US Citizen knows exactly what the attitude is. It would come as no surprise whatever for me to be taken aside at immigration and questioned about opinions I had expressed.

    I and many people of my acquaintance have deliberately avoided going the the US since 9/11 simply because of the strange feeling of entering an authoritarian state. The 'new normal' is not normal.
  • Why not just install some cameras that record the people using the computers? Not only would this provide police with identification in the cases cited, it would also provide proof of the "fondling".

  • But I don't have any fingers! (Score:3, Insightful)

    by n6kuy ( 172098 ) on Friday May 20, 2005 @02:28PM (#12592192)
    ...because some thug cut them off to gain access to the internet at the library, you insensitive clod!

  • This is Naperville (Score:4, Informative)

    by idiot900 ( 166952 ) * on Friday May 20, 2005 @02:30PM (#12592216)
    I grew up in Naperville and spent my childhood using the Naperville Public Libraries, and I visit often still because my parents live there. Now that I've moved, I have some perspective I didn't have when I lived there. Naperville is an interesting town. It's a land of burgeoning housing developments and SUVs piloted by soccer moms where people come to raise their kids and shield them from the outside world, because it's a very safe and insulated place. The police department really does have nothing better to do than issue traffic tickets and harass partying high schoolers for violating curfew.

    Property values are high, and that keeps the riff-raff out. In the first Naperville neighborhood I lived in, the Chicago Housing Authority had a plan to build mixed-income housing. This was met with bitter resistance, under the guise of worry about gang activity and declining property values. This from a group of senior citizens for whom lower property values would save a lot of money in property taxes.

    It's about the last place I'd expect a public outcry against anything claimed to be "for the children," privacy be damned. But maybe things have changed since I left. I hope so, but I'm not optimistic. So should there be such an outcry, I'd gain back a lot of lost faith in Naperville.

    On the plus side for the Naperville Public Libraries, they were very receptive to my suggestion of installing Firefox on the same machines that will have the fingerprint scanners. Though that may have been because I said the popup blocking would suppress inappropriate popups, you know, for the children.
  • Yet, they'll let kids surf porn!?
    Librarian: "Excuse me, Timmy, but if you're planning on surfing SublimeDirectory, you'll have to scan your fingerprint!"
    Timmy: "But I'm afraid my mommy will find out!?"
    Librarian: "Don't be silly! Surfing porn is a freedom we value here at the public library. One we feel should not only be stifled by us, but your parents either! Rest assured, your activities will be strictly confidential!"
  • And in other local news, Jews are being asked by officials to wear a star. Officials said that there is nothing to worry about, and that no one will be put at risk. "You can trust us!" said one goose-stepping official, who wanted only to go by his first name, Adolph. "It's not like we've built gas chambers. Sheesh, people sure get uptight."

  • Scary Stuff (Score:4, Insightful)

    by PingXao ( 153057 ) on Friday May 20, 2005 @02:40PM (#12592341)
    That's nothing compared to what's right around the corner now. The gubmint has been fingerprinting foreign nationals entering the U.S. for some time now. In a short while they will also be fingerprinting them on the way out as well. In Iraq, the military routinely rounds up people in the streets and not only fingerprints them at the start of their detention, but does retinal scans on them too and takes pictures of them for entry into a database. This is happening on a large scale. The fact that none of these people actually has any connection to Al Qaida doesn't seem to matter.

    All it takes is for Congress to give the word and the fingerprint-the-foreigners policy could be used on American citizens as well at the nations airports. That will happen within a few years, I have no doubt about it. Congress has already mandated a national ID card for everyone. U.S. passports will contain biometric information starting later this year. The military is gaining a lot of experience and knowledge in how to round people up and get them into The System en masse.

    The price of freedom is eternal vigilance. Too bad Americans have been asleep at the switch for so long. We are already past the point of no return with respect to the loss of so many liberties we took for granted.

    • I NEVER thought I'd say this, but... (Score:5, Insightful)

      by foreverdisillusioned ( 763799 ) on Friday May 20, 2005 @03:31PM (#12592954) Journal
      [Seems OT, but it honestly isn't]The last Star Wars prequel is one of the most inspiring things I've seen out of Hollywood in a long, long time. It gave me hope. The dialog is mostly sub-par (as usual), but the plot and morals are dead-on relevant to modern America. I don't think that we're past the point of no return yet; not when a mainstream movie like this can get away with such blatant satire of democracy and patriotism.

      "We shall change into the first Galactic Empire for a safe and secure society."
      "So this is how freedom dies - to thunderous applause."


      ""You're either with me or against me."
      "Only a Sith deals in such absolutes."

      (Anyone with functioning brain should realize that Lucas is saying that Bush is no better than a Sith.)

      It's not that these sentiments are new or radical; it's that they're present in one of the best-hyped mass market franchises of all time. Joe Sixpack will watch this movie! With his kids! Hell, I almost wish that this movie was rated PG, so that more kids will see it. Sitheven puts it in the context of Judeo-Christian style morality, which should make it even easier for the unwashed masses to digest.

      I don't think it's too late for us. We who actually recognize and remember the true spirit of America (distrust of and freedom from our government) would do well to recomend this movie to our more trusting, sheep-like friends. It's like 1984, but with enough explosions to keep the audience interested.

      I still wish we could've seen Jar-Jar's bloody head was splattered against the camera, and I really wish Lucas would get someone else to do his dialog (Vader: "NOOOOOOOOOOOOOOOOOOOO!" *sounds of audience retching*), but if you can look past these flaws, it really is an awesome, insightful, RELEVANT movie.
      • Joe Sixpack will watch this movie! With his kids!

        Whether Lucas intended to make this satirical point or not, does anyone actually think that Joe Sixpack, much less his kids, will pick up on this?

        I don't, but that could just be the cynicism talking...

    • Re:Scary Stuff (Score:3, Insightful)

      by arkhan_jg ( 618674 )
      The gubmint has been fingerprinting foreign nationals entering the U.S. for some time now

      And you know what? This is precisely why I, a UK citizen, won't be visting the US again. I'm sure my tourist dollars won't mean much to the US government; but I'm certainly not alone in that decision.

  • Doesn't this violate professional standards? (Score:3, Interesting)

    by hey! ( 33014 ) on Friday May 20, 2005 @03:22PM (#12592851) Homepage Journal
    Years ago I borrowed a book from my local library and found a very personal letter tucked in it -- after scanning the first few lines it was clearly something the person who had used it as a bookmark would not want to lose or fall into other people's hands. A love letter. A guarded peak revealed no identifying data like an address or last name.

    So I put the letter in an envelope, sealed it, and hiked down to the library.

    I told the librarian what I had found, and asked her to contact the person who had borrowed the book and tell them they'd left something in it. She replied "Oh, no, I can't do that. We destroy the borrowing records as soon as the book is returned, so nobody can check up on what you are reading. Doing otherwise would be a breach of professional ethics."

    I was impressed. What a great country, I thought, where our public institutions protect our right of privacy.

    Maybe this is part of the "Everything" that our political leaders tell us has changed since 9/11.

  • It's a Library for Heaven's Sake! (Score:4, Insightful)

    by Nom du Keyboard ( 633989 ) on Friday May 20, 2005 @03:39PM (#12593039)
    Library officials say the added security is necessary to ensure people who are using the computers are who they say they are.

    And this is important to know because...

    Okay, they make the case that it identified the perp of a criminal act that included using the computer. A weak point, but I'll have to give them that one.

    The stored numeric data cannot be used to reconstruct a fingerprint, West said, nor can it be cross-referenced with other fingerprint databases such as those kept by the FBI or the Illinois State Police.

    Not unless the other police agencies start using the same system, in which case each should come up with the same unique identifying number, wouldn't you bet?

    Officials promise to protect the confidentiality of the fingerprint records.

    Don't know about you, but I'd feel a lot better if they stated just how long they planed to maintain these records, and how they would be destroyed afterwards. That is truly a missing piece of information in the original article.

Slashdot Top Deals

Get hold of portable property. -- Charles Dickens, "Great Expectations"

Close