[tor-relays] Feedback wanted: letter to my university's library

Scott Bennett bennett at sdf.org
Wed Oct 4 05:31:40 UTC 2017 

Alison Macrina <alison at torproject.org> wrote:

> Scott Bennet> If he discovers that neither his campus library nor the
> university as a
> > whole is already officially running at least one relay, this may be a better
> > way to teach them.  If, rather than going for a relay, which is quite likely
> > to scare them until they understand more and better about tor, AJ were
> > instead to campaign to get the library to install the tor browser bundle
> > onto its publicly available computers, that alone would be a terrific
> > coup and might engender a great deal of student support for tor on campus
> > over time.  (The library would, of course, need to find a way to lock down
> > the settings of the installed bundle, so that it couldn't be turned into
> > a relay by users, but that should not be difficult to do.)  If he succeeded
> > in getting the tor browser bundle added to the library's most likely tightly
> > limited list of applications available on its public machines, he could then
> > wait a while to see what the staff members thought of it.  If they decided
> > after watching it in use for a while that it was a good thing to have made
> > available to their users, you might then approach another department that
> > operates a student computer lab to try to get TBB installed there.  If the
> > library employees liked it, they might give the prospective department a
> > positive recommendation.  If AJ played it right and it usually turned out
> > well, he might eventually cover much of the campus with TBB installations.
> > In any case, getting the TBB installed would educate far more people about
> > anonymity and privacy issues than merely getting a relay installed that most
> > people would never be aware of.
>
> This is a great idea, and the slides I shared in my last email could
> help get this conversation started (the slides cover Tor Browser as well
> as relays and other Tor stuff). If AJ is interested I can connect him
> with other libraries I've worked with that have installed Tor Browser on
> all of their public computers.
>
     I, for one, am very happy to know that Alison and her organization are
making those materials available.  They have the potential to assist many
people like AJ in making the public more aware of the issues and of the tools
available to help it protect/recover its privacy and anonymity.
     Alison, do you also have materials on using HTTPS where available
instead of HTTP?  The dangers inherent in allowing Java or JavaScript to be
enabled in one's web browser?  Cookies?  Tools like the HTTPSeverywhere and
NoScript plug-ins for Firefox?  The reasons for avoiding the use of telnet
clients and which tools to use instead for remote logins?  If not, they would
make great additions, particularly pages that explain how to convince
librarians about these matters?
     Let me give an example.  I have for at least ten years asked my local
public library to provide a) a secure shell client, b) a secure web browser
for ordinary use where anonymity is not a concern, c) a secure FTP client,
and d) the TBB for use by those who desire anonymity.  They have always
refused to budge.  They run an unsecurable OS on their public computers.  They
provide only Internet Explorer for web access.  I'm unsure whether they still
allow any FTP access at all.  As you can imagine, they have severely limited
the usefulness of their computers to the library patrons they claim to serve.
I could not, for example, submit my on-line application to renew my flight
instructor certificate via the library's computers.
     They have refused to let me speak with those making the decisions about
what is provided on their public computers, much less to make an organized
presentation to them.  I was told that the decisions about software on the
computers are made by the library board, not even by the IT staff.  What is
a good approach to get better results?  I am at a loss as to how to get the
library to emerge from the stone age into the age of the Cheka, much less
that of the NSA, FSB, search engine profilers, botnets, packet sniffers,
spyware, etc.
     Disclaimer:  I confess that I have no idea how prevalent my public
library's attitudes and policies are among public libraries in the U.S. today,
so I can't make any claims about widespread need for the sort of materials
I'm asking about.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:   bennett at sdf.org   *xor*   bennett at freeshell.org  *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

More information about the tor-relays mailing list