A brief history of library technology in the South Pacific

Lately, I have been thinking about library technology in the South Pacific region. This is mainly due to the fact that I was supposed to have submitted a paper on the subject to the new CODE4LIB journal about a week ago (don't worry editors, I'm still writing!). I though it might help to think aloud and to give anyone out there a chance to correct my facts or put me onto new ones. Feedback is appreciated - please leave a comment below.

While the details are lost to history, libraries arrived to stay in the South Pacific along with the first missionaries. These early libraries in the region existed solely to support mission activities, especially education in mission schools. In 1909, the Carnegie Foundation built what is now the Suva City Library (no website, sigh), marking the first permanent presence of public libraries in the region. Towards the end of the colonial period larger libraries were established to support the work of large academic institutions such as the University of Papua New Guinea (found in 1965) and the University of the South Pacific (USP) (founded in 1968). More recently, international development funds have invested in the establishment of national libraries in the South Pacific such as the Cook Islands National Library (founded in 1993) and older national libraries in countries such as the Solomon Islands, Tuvalu, and Kiribati. It is worth noting that in some South Pacific countries, one large institution may serve as the de facto national library - for example, the Nelson Memorial Public Library in Samoa or the USP Library in Fiji.

But what of library technology? The few academic libraries in the region that predate the digital era certainly had the experience of card catalogues and all of the related trappings (In fact, many of the automated libraries in the region maintain these venerable artifacts after years of success with their system) and most small libraries in the region rely on the card or other manual instruments as the key tool for library operations. Computers came to the larger South Pacific libraries quite early - USP library went live with their first system in 1988. This was a VAX based Urika system similar to many employed throughout the developed world. Library automation eventually reached a substantial proportion of small and medium libraries in the region through UNESCO's promotion of the free CDS/ISIS library management system in the 1990s.

Around the turn of the millennium a very successful sales and marketing drive took advantage of the frustration with CDS/ISIS in the region - many countries lacked the required expertise to keep it operating - and replaced many CDS/ISIS installs with the commercial DB/TextWorks system running on Windows PCs. However, this approach also soon began to show weaknesses. While DB/TextWorks is reliable and easy to use, most South Pacific libraries lack the funding to purchase support and upgrades for the system. In addition, most libraries in the region purchased versions of DB/TextWorks that do not provide what are now seen as fundamental library system features such as the ability to import/export MARC, Z39.50/SRU support, and provision of web search (a.k.a. web OPAC). This has lead UNESCO to begin seeding the free open source Koha library system into major regional libraries in 2006. I have been fortunate to be involved in the two UNESCO funded Koha installations to date.

Of course, the world of library technology now extends far beyond the main systems that run our libraries, variously called library management systems (LMSs) or integrated library systems (ILSs). Library technology now gets into everything from remote database and Internet access, printing and photocopying, security technologies, self-checkout, online reference services (synchronous or asynchronous), meta-searching, link resolution, and too many more to name. It is safe to generalize that in the South Pacific, only the largest libraries utilize significant technologies beyond cards and an LMS; and even the largest libraries in the region are significantly behind comparable institutions in Australia and New Zealand when it comes to library technology beyond the core system.

Photo by: libraryman

Internet safety in Islands Business magazine

The October issue of Islands Business carries a very good cover story on Internet safety in the Pacific. There are some excellent comments from Rajnesh Singh, president of PICISOC:

"What is required in the Pacific is a structured user-education and awareness programme," said Rajnesh Singh, parent, IT specialist and chairman of the Pacific Islands Chapter of the Internet Society (PICISOC), a network of individuals interested in the development of the Internet in the Pacific islands. "At the PICISOC annual conference, PacINET, we have run Internet safety sessions in the past and these continue to be a common theme in recent conferences."

"Many (non-Pacific) countries have set up rather successful Internet safety groups which have done much to educate users on the dangers that exist and actions that can be followed to counter them. With the continuing proliferation of the Internet in the Pacific, we perhaps need to do the same, not as governmental 'control' but as a multi-stakeholder group initiative supported by governments."

Singh further suggested the review of computer/ICT curriculum in schools in the early stages so Internet safety issues can be covered.
[Cover story: the net and children, Islands Business, October, 2007]

There are also a few quotes from my recent Internet safety post such as the steps to creating an Internet safe home:

On dfiji.blogspot.com, the blogger Hammond-Thrasher offered a simple programme for Pacific parents to follow to help them supervise their children’s online activities—

• Step One: Choose a location for the family computer where you spend a lot of time, such as the kitchen or the TV room. Face the computer screen so that you can keep an eye on what is going on.
• Step Two: Spend time online with your child. Find a few minutes every day to sit down with your children and surf a sports website, see what’s new on Hi5, type a letter to a relative, organise family photographs online, or update the family blog.
• Step Three: Talk to your children about their online activities. Talk about the dangers they need to watch out for—use foreign news reports of online crimes involving children.

Credit to Dionisia Tabureguci and Islands Business for dragging this important issue into the light. Now I ask this question, how can we create a long-lasting Internet safety program in Fiji?
Photo by: djringer

Security and Pacific technology policy

The following is derived from my workshop on Information Security at PacINET 2007. My slides are available on SlideShare.

Historically speaking, information security is not new. There is evidence of people protecting and, of course, attacking information, information systems, and the flow of information in all cultures as far back as there is a written record. If we take early missionary accounts in Fiji, for example, we find that access to spiritual information was a closely protected monopoly of a priestly class. The confidentiality, integrity, and availability of information from the world beyond – which included extremely valuable information about the weather, the future, the correct course of action, the afterlife, and many other things – was strictly limited to established priests who held a close relationship with the local chief.

However, even pre-European-contact Fiji had its hackers. Living at the fringes of Vitian society were (and still are in remote areas) medicine men and witches who could also tap into spiritual information. Their status as relative social outsiders made them either an enemy or a counter-balance to the priestly information monopoly. Some witches and medicine men could even hack (I mean, influence) the spiritual world and alter the confidentiality, integrity, or availability of information available to priests by counteracting the priestly influence on the divine or by uttering counter-prophecies.

In European culture, information security has a solidly military origin dating back, at least, to Julius Caesar's encrypted military communications. What is commonly termed information security today is really the defensive aspect of information warfare – that is, the part of information warfare that is concerned with protecting information assets.

Of course, with the rise of the personal computer and the Internet in more recent history, information security has become much more than a military concern. With the growth of the so-called information economy has come an equal and predicable growth of information crime, leading to some staggering statistics including a 2005 estimate that the cost of computer crime in the USA exceeded the size of the combined economies of all the nations in the South Pacific.

I have been quoted in the past as saying that despite all of the fascinating mathematics and technology that underly modern infosec, information security is fundamentally about people. Certainly no one likes to have money stolen from them, but increasingly information security is about our privacy, our public personae, our collective identities, and even our fundamental rights. Fiji's anti-government bloggers are only able to voice their opinions due to the security mechanisms provided by their blog hosts which assure their anonymity. Whatever you think of their opinions, they are one of the few voices of opposition to Fiji's interim regime and are undoubtedly playing a role in shaping the future of Fiji and the region. Only time will tell how large or small that role is.

Still, anonymous political activists everywhere should carefully follow the recent behavior of America's Internet giants, as they are not always on your side. The most striking example is the case of the activist Shi Tao who was essentially handed over to Chinese authorities by US-based Yahoo. Yahoo, and many other international firms, have agreed to cooperate with Chinese authorities – even at the expense of their individual customers – in order to gain access to the immense Chinese market.

Information security even has a role in protecting the function of entire nations. Take the case of Estonia, a small former Soviet republic on the coast of the Baltic Sea with a population of around 1.3 million people. In May this year, Estonia moved a certain Russian war memorial to a location more desirable to Estonians, which enraged many Russian nationals living both in and out of Estonia. Soon, blogs were posting instructions on how to wage a denial of service attack against Estonian institutions, and a little while later, this attack was in full swing. Numerous government and financial sector systems across the tiny maritime nation were brought to a stand still and international experts had to be flown in to curb what some described as an Internet riot. Should this story concern other, perhaps more tropical, small maritime nations who are rushing to get their citizens and institutions online? The answer is absolutely “yes”.

Still, one of the largest challenges facing information security today is the heady combination of social engineering and user ignorance. Many computer criminals have discovered that hacking just does not pay off as well as simply fooling people into giving up either their money (to help move funds out of Nigeria to help a poor window, for example) or enough information to get to their money. Wide spread user naiveté is widespread in the South Pacific. I have never received so many chain emails from friends and acquaintances since I came to Fiji – and I was part of the first wave of naive Internet users in Canada!

Technology policy makers in the South Pacific should indeed be worried by all of this. By joining the global information economy, the region is embarking on an enterprise that is as fraught with danger and as ripe with rewards as the great Pacific migrations of days past. Fortunately, it is not necessary to sail the seas blind – technology policy navigators need only look across the ocean to the experiences of other more wired nations to see what problems to expect and which solutions will be effective.

Photo by: bhikku

Vista too costly for the Pacific?

As we teeter at the threshold of Microsoft's release of Windows Vista, I ask, what does this mean for Fiji and other South Pacific nations?

The biggest question is, what is the total cost of Vista? Aside from its list price (does anyone know if Microsoft offers preferential pricing for developing nations?) and the obvious requirement for newer more powerful hardware, what will Vista cost us and what might we be giving up vs. what we will gain? Peter Gutmann of the University of Auckland Department of Computing Science has published a carefully researched paper on the risks and total cost of Windows Vista. Some of Gutmann's observations about Vista include:

• Disabled functionality for some high end video equipment
  
• Decreased playback quality for some video (display devices over 800 by 600 pixels may have output degraded)
  
• No more open source drivers
• No more unified drivers - we will have to step back into the bygone age of one driver file per device variant
• If Vista suspects tampering with either a hardware component or its driver, it will lose its ability to play premium content until a fix is applied
• Potentially reduced system stability due to the requirement for something called tilt bits. These tilt bits render the system more sensitive to random events, events which could be malicious or simply the result of environmental factors or buggy code.
  
• Slower computers due to DRM processing overhead
  

Some have commented that Gutmann's paper is biased against Vista and based on flawed information. Gutmann's primary sources are four documents from Microsoft and one from ATI (see his sources section). Microsoft has also responded to Gutmann's paper on the Vista team blog, which Gutmann rebuts in the Microsoft's Response section of his paper. If you have the time and the inclination, it is well worth reviewing these.

A Canadian legal scholar, Michael Geist, has also written about Vista's legal fine print recently in the Toronto Star. This quote from a related blog post summarizes Geist's legal concerns,

Vista's legal fine print includes extensive provisions granting Microsoft the right to regularly check the legitimacy of the software and holds the prospect of deleting certain programs without the user's knowledge. During the installation process, users "activate" Vista by associating it with a particular computer or device and transmitting certain hardware information directly to Microsoft.

Even after installation, the legal agreement grants Microsoft the right to revalidate the software or to require users to reactivate it should they make changes to their computer components. In addition, it sets significant limits on the ability to copy or transfer the software, prohibiting anything more than a single backup copy and setting strict limits on transferring the software to different devices or users.

Vista also incorporates Windows Defender, an anti-virus program that actively scans computers for "spyware, adware, and other potentially unwanted software." The agreement does not define any of these terms, leaving it to Microsoft to determine what constitutes unwanted software. Once operational, the agreement warns that Windows Defender will, by default, automatically remove software rated "high" or "severe,"even though that may result in other software ceasing to work or mistakenly result in the removal of software that is not unwanted.

For greater certainty, the terms and conditions remove any doubt about who is in control by providing that "this agreement only gives you some rights to use the software. Microsoft reserves all other rights." For those users frustrated by the software's limitations, Microsoft cautions that "you may not work around any technical limitations in the software."
[Vista's fine print, michaelgeist.ca]

It is nice to have "some rights" after paying a lot of money for something.

Returning to my original question, what does this mean for Fiji and the South Pacific? Windows Vista does have a great deal to offer, as many independent reviews and numerous Microsoft web sites will confirm, but it is clear that there is some bad to go along with the good. There is no question that there is an overall cost - both hardware and software - involved in moving to Vista - which is never a good thing for cash strapped South Pacific nations. The failure to deliver truly high definition output from HD media is probably a tolerable irritant in this part of the world. After all, HDTV is not due in the South Pacific for some time - I'm still waiting for Fiji to get a second TV channel! While Microsoft contradicts some of Gutmann's conclusions about drivers and stability, one thing is clear, there will be an increased support burden on the ICT professionals supporting Vista and the hardware on which it runs. For example, whenever new hardware is installed on a machine, not only does a suitable driver have to be located and installed - and it must be a Vista-friendly version of the driver - but the device and driver must be blessed by Microsoft and Vista before they are fully functional. Windows Defender's capability to remove suspicious software without user interaction and regardless of the impact is a recipe for trouble unless Microsoft is extremely careful with its malware profiles. As a result of all of these factors, increased contact with Microsoft support seems inevitable. I hope that Microsoft provides a toll-free phone number to their South Pacific customers.

Of course, researchers are now beginning to announce methods of undermining Vista's built in technical controls. As there is no USA DMCA anti-circumvention law in the South Pacific, Vista users in the region may be legally able to take advantage of these methods and take back control of their own computers. As for myself, I will not be installing Vista at home in the near future as I am happy with Windows XP and Linux. Professionally, I will not be able to recommend Vista to my employer in good conscience until the impact of the upgrade is better understood.

P.S. Here is another chilling discovery that I found in a blog post - assuming that this is not just anti-Microsoft story telling. Some digital content that you have purchased in the past to play on your Windows XP system will not play on your Windows Vista system. You have to go and buy another Vista-friendly copy. And what's more, in some cases, your original copy may be destroyed by Vista in the process! This is a disturbing possibility not only for individual computer and media owners, but especially for libraries and archives tasked with collecting and preserving access to an increasing volume of digital media.

P.P.S. Bruce Schneier has published a scathing review of Vista with some interesting thoughts about Microsoft's motives for Vista DRM.

Photo by Brajeshwar