/usr/lib/info -- hacker/librarian haven
Front Page News Features
Software Events Standards
Ask Anything Opinion Diaries
Reviews . MLP . Everything
EFF Creates Usage Log Privacy Tool

By kcoyle, Section Software
Posted on Mon Aug 11th, 2003 at 12:26:57 PM EST

From an announcement:

The EFF is developing a Usage Log Management Tool (ULMT) that will help web site owners manage the configuration and retention of server logs in ways that help ensure end user privacy and reduce legal risks associated with log file data.

The design is based on ideas developed at the Usage Log Data Management Working Group (see http://www.cfp2003.org/cfp2003/program_info/usage_log_working_group.html) at the Computers, Freedom, and Privacy Conference in New York City in April. Background on that meeting is available at http://www.securityfocus.com/news/3711.

The UMLT is desgined to work with Apache servers, but also serves as a reference implementation of policy recommendations by the EFF and the working group. The design documents are available at http://www.eff.org/projects/logmanagement/, and suggestions for improvement would be much appreciated.

Sverker Hogberg
Dan Moniz
Jeff Ubois

It seems like it would be interesting to try this out in some libraries. Any volunteers?


< Very Small Library System for LUG (3 comments) | Call for Digital Library Preservation Program (0 comments) >

submit story
create account
recommended reading
editorial guide

Make a new account

Related Links
More on
Also by kcoyle

View: Display: Sort:
EFF Creates Usage Log Privacy Tool | 1 comment (1 topical, 0 editorial, 0 pending) | Post A Comment
Log locations (none / 0) (#1)
by art on Tue Aug 19th, 2003 at 02:32:05 PM EST
(User Info) http://www.uwindsor.ca/library/leddy/people/art

We once had inquiries about someone who had used one of our stations to try to hack into a US federal site. I suspect the problem with log files is that they cause the problem on the wrong end, i.e., the logs with the offending IP address are on the server with the offending content. Libraries should probably follow approach used in Shibboleth and do more with hiding identity when providing authentication. It's the subpoena for the library's circulation system records that would scare me the most.

[ Reply to This ]

EFF Creates Usage Log Privacy Tool | 1 comment (1 topical, 0 editorial, 0 pending) | Post A Comment
View: Display: Sort:

Powered by Scoop
All trademarks and copyrights on this page are owned by their respective companies. Comments are owned by the Poster. The Rest 2002 The Management

front page | submit story | create account | faq | search