Effective December 1, you will need to make a change to the URL that you use to access the Issues and Controversies database.
The Account ID that is part of that URL must be changed to match the Account ID that is currently used as part of your Science Online URL.
The only change required is to replace the ID in your Issues and Controversies URL with the ID that appears in your Science Online URL.
In the example below, the "ID=00000" in the Issues and Controversies URLs is changed to "ID=11111" as found in the Science Online URL:
Current Science Online URL:
http://www.fofweb.com/Direct2.asp?ID=11111&ItemID=WE40
Current Issues and Controversies URL:
http://www.2facts.com/Direct2.asp?ID=00000&ItemID=WE57
NEW Issues and Controversies URL:
http://www.2facts.com/Direct2.asp?ID=11111&ItemID=WE57
If you have any questions concerning this change, or need help implementing it, please contact me any time (rlevine@cmrls.org, 508.757.4110 x308).
(Note: If your database page is "hosted" on the CMRLS server, it will be updated on the morning of December 1. No action on your part is required.)
Monday, November 24, 2008
Wednesday, November 19, 2008
Vista security: lighten up!
Of the many (and mostly ill-deserved) knocks against Windows Vista, the User Account Control (UAC) feature is perhaps the most commonly cited. Under UAC, all users - even administrators - operate under a tightened set of security restrictions intended to prevent malicious programs from running and unwanted changes from being made. When a suspect event occurs, user approval is required before execution is allowed to continue. For a "standard" user, this means entering an administrator's username and password. Administrators need only to approve the action, but the prompts are frequent enough that they can quickly become a major annoyance.
If you are the sole user of the computer and find UAC unecessarily intrusive, it's easy enough to disable the feature altogether:
- Go to Control Panel
- Double-click User Accounts
- Click Turn User Account Control on or off
However, UAC does provide a high level of security against malicious attacks and the misadventures of hapless users, so if you share your computer with others, turning off UAC altogether may be unwise. An alternative is to allow UAC to run, but disable its warnings for administrators:
- Go to Control Panel
- Double-click Administrative Tools
- Double-click Local Security Policy
- In the left pane, click the "spinner" (triangle) next to Local Policies
- Click Security Options
- In the right pane, scroll to near the bottom and double-click User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
- Change from Prompt for consent to Elevate without prompting.
Of course, the above procedure effectively disables UAC altogether for any administrator login, so you are unprotected from certain malicious attacks, however rare they may be. A compromise is to disable "secure desktop." Secure desktop essentially freezes the computer (though programs continue to run) at a UAC prompt to prevent other processes or applications from providing the required permissions or consent. With secure desktop disabled, the simple prompt for permission to continue is far less disruptive:
- Go to Control Panel
- Double-click Administrative Tools
- Double-click Local Security Policy
- In the left pane, click the "spinner" (triangle) next to Local Policies
- Click Security Options
- In the right pane, scroll to near the bottom and double-click User Account Control: Switch to the secure desktop when prompting for elevation
- Change from Enabled to Disabled
If you are the sole user of the computer and find UAC unecessarily intrusive, it's easy enough to disable the feature altogether:
- Go to Control Panel
- Double-click User Accounts
- Click Turn User Account Control on or off
However, UAC does provide a high level of security against malicious attacks and the misadventures of hapless users, so if you share your computer with others, turning off UAC altogether may be unwise. An alternative is to allow UAC to run, but disable its warnings for administrators:
- Go to Control Panel
- Double-click Administrative Tools
- Double-click Local Security Policy
- In the left pane, click the "spinner" (triangle) next to Local Policies
- Click Security Options
- In the right pane, scroll to near the bottom and double-click User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
- Change from Prompt for consent to Elevate without prompting.
Of course, the above procedure effectively disables UAC altogether for any administrator login, so you are unprotected from certain malicious attacks, however rare they may be. A compromise is to disable "secure desktop." Secure desktop essentially freezes the computer (though programs continue to run) at a UAC prompt to prevent other processes or applications from providing the required permissions or consent. With secure desktop disabled, the simple prompt for permission to continue is far less disruptive:
- Go to Control Panel
- Double-click Administrative Tools
- Double-click Local Security Policy
- In the left pane, click the "spinner" (triangle) next to Local Policies
- Click Security Options
- In the right pane, scroll to near the bottom and double-click User Account Control: Switch to the secure desktop when prompting for elevation
- Change from Enabled to Disabled
Monday, August 4, 2008
Should computers be shut off during a thunderstorm?
Just shutting down your computers offers little protection from a lightning-induced power surge. As in most modern electronic devices, power is supplied to the circuitry of a PC as long as it is plugged in, so an electrical surge of sufficient intensity can still run through the machine even when it appears to be off. Some PCs do have a mechanical on/off switch on the power supply (in the back, near where the power cord plugs in) and this would in fact break the circuit. Even so, if lightning were to actually strike your power lines (as opposed to inducing a surge) the current would easily jump that small mechanical gap and electrify the PC.
Lightning can also strike and travel through your phone wiring, which is why you are warned to stay off the phone during a storm. The danger is somewhat mitigated in a non-residential setting, where the switching equipment may be equipped with a suppression device, or otherwise act as a very expensive circuit breaker between the outside line and the phones. Even so, it's a good idea to stay off the phone during a storm. (It is safe to use a cordless phone. A spike may travel into the base unit, but it can't "jump" to the phone without a physical connection.)
Do you need more to worry about? Even a distant lightning strike can produce an electromagnetic pulse sufficient to induce a significant current in your phone or network wiring. While not a safety concern, such a surge can "fry" components such as network cards, routers, switches, and modems (i.e., fax machines).
So, to absolutely protect your equipment, you would not only have to shut down all your electronic devices, but unplug every power, network and phone cable going into them. This is clearly impractical, if
The best protection against these threats is to install surge suppression on all potentially affected devices. An all-purpose suppressor will accommodate your phone and network connections as well as the power circuit. Realize too that not all suppressors are created equal. Among other things, better quality (i.e., more expensive) units react to spikes and surges more quickly in situations where just a few milliseconds can make a difference. Also, these suppressors have higher-end components that tend not to degrade over time as do the "supermarket" variety power strips.
With high-quality surge suppression as a standard feature, uninterruptable power supplies (UPS) provide additional protection for some equipment. A power outage can be as damaging as a surge, especially to computer hard drives. If power is lost while the hard drive is writing data to disk, not only is unsaved data lost, but open system files can be damaged, and in some cases the entire file system can be permanently corrupted, rendering the system unbootable. This sort of damage can occur merely with a sufficient drop in voltage as well as a total power loss. When any such voltage fluctuation occurs, a UPS will instantly switch to battery power to keep the equipment running.
Providing a UPS for every device in your library may not be economically feasible. For printers, fax machines, copiers, and even public access computers, surge suppressors should be sufficient protection. UPSs are advisable on staff PCs and network switches (hubs). During an outage, the UPSs will keep the PCs running and connected to the network long enough to save work, close programs, and perform "proper" shutdowns. Many UPSs now have "smart" USB connections to the computer; using either the manufacturer's utility or Windows' built-in UPS service, the UPS can "talk" to the computer, and initiate an automatic shut down after some pre-specified time, or at some percentage of remaining battery life.
Lightning can also strike and travel through your phone wiring, which is why you are warned to stay off the phone during a storm. The danger is somewhat mitigated in a non-residential setting, where the switching equipment may be equipped with a suppression device, or otherwise act as a very expensive circuit breaker between the outside line and the phones. Even so, it's a good idea to stay off the phone during a storm. (It is safe to use a cordless phone. A spike may travel into the base unit, but it can't "jump" to the phone without a physical connection.)
Do you need more to worry about? Even a distant lightning strike can produce an electromagnetic pulse sufficient to induce a significant current in your phone or network wiring. While not a safety concern, such a surge can "fry" components such as network cards, routers, switches, and modems (i.e., fax machines).
So, to absolutely protect your equipment, you would not only have to shut down all your electronic devices, but unplug every power, network and phone cable going into them. This is clearly impractical, if
The best protection against these threats is to install surge suppression on all potentially affected devices. An all-purpose suppressor will accommodate your phone and network connections as well as the power circuit. Realize too that not all suppressors are created equal. Among other things, better quality (i.e., more expensive) units react to spikes and surges more quickly in situations where just a few milliseconds can make a difference. Also, these suppressors have higher-end components that tend not to degrade over time as do the "supermarket" variety power strips.
With high-quality surge suppression as a standard feature, uninterruptable power supplies (UPS) provide additional protection for some equipment. A power outage can be as damaging as a surge, especially to computer hard drives. If power is lost while the hard drive is writing data to disk, not only is unsaved data lost, but open system files can be damaged, and in some cases the entire file system can be permanently corrupted, rendering the system unbootable. This sort of damage can occur merely with a sufficient drop in voltage as well as a total power loss. When any such voltage fluctuation occurs, a UPS will instantly switch to battery power to keep the equipment running.
Providing a UPS for every device in your library may not be economically feasible. For printers, fax machines, copiers, and even public access computers, surge suppressors should be sufficient protection. UPSs are advisable on staff PCs and network switches (hubs). During an outage, the UPSs will keep the PCs running and connected to the network long enough to save work, close programs, and perform "proper" shutdowns. Many UPSs now have "smart" USB connections to the computer; using either the manufacturer's utility or Windows' built-in UPS service, the UPS can "talk" to the computer, and initiate an automatic shut down after some pre-specified time, or at some percentage of remaining battery life.
Wednesday, May 14, 2008
Wake up and go to sleep!
.
At a recent CMRLS Techie Roundtable, Sal Genovese, Director at the Marlborough Public Library, demonstrated his implementation of Wake-on-LAN in his library. Wake-on-LAN (WOL or WoL) is an Ethernet computer networking standard that allows a computer to be turned on remotely by a network message. In Marlborough, staff arrives each morning to find all their PCs started up and ready to go, sparing them daily trek to every corner of the building to press all those on/off buttons. Using the Magic Packets WoL utility, all the computers receive a "wake up" command from a single PC, on a schedule that accommodates for the varying hours and days that the library is open. To find out more about setting up WoL in your library, see Sal's presentation at http://www.cmrls.org/pdf_documents/ce_materials/Wake-on-LAN.pdf, and download Magic Packets from http://www.cmrls.org/downloads/wol/magic_pkt.zip.
The ensuing roundtable discussion quickly turned to the obvious question: If I can automatically turn on my computers in the morning, can I also make them shut down at the end of the day? Indeed, this can be accomplished using Windows Task Scheduler and the shutdown.exe command. Here's how:
First, experiment at the command prompt (Start > Run > cmd) to determine the appropriate "arguments" for shutdown. The relevant parameters are
-s Shutdown the computer
-t xx Set timeout for shutdown to xx seconds
-c "comment" Shutdown comment (maximum of 127 characters)
-f Forces running applications to close without warning
A typical shutdown command might look like this:
shutdown -s -t 300 -c "The library closes at 5:00 PM." -f
The resultant shutdown window will display a message warning the user to save any work, a countdown timer showing time remaining before shutdown, and your own message (comment). When the specified time has elapsed, Windows will close any running programs (whether or not work has been saved) and initiate the shutdown process. NOTE: Since you don't want to actually shut the computer down during this testing, be sure to leave the command prompt window open; at any time during the countdown, type shutdown -ato cancel the operation.
Once you're satisfied with the command line you have fashioned, incorporate it into a batch file:
- Start Windows Notepad (Start > All Programs > Accessories > Notepad).
- Type the command exactly as you had at the command prompt.
- Save the file with a .bat extension. Important: Notepad normally saves files as text (.txt). To override this behavior, enclose the full file name and extension in double quotes when saving, e.g, "shutdown.bat" .
- Test the batch file by double-clicking it. Don't forget to have the command prompt window open to cancel the shutdown.)
With your working batch file saved to disk, use the Task Scheduler to run it at the appropriate time(s):
- Go to Control Panel
- Double-click Scheduled Tasks
- Double-click Add Scheduled Task
- Step through the Wizard to point to your batch file and select the days and times as required.
You can create multiple tasks to account for varying library hours. For example, one task may be set to run at 4:50 PM on Mondays, Wednesdays and Fridays, another at 6:50 PM on Tuesdays and Thursdays. Alternatively, you can create multiple schedules within the same task: Double-click the task for editing; on the Schedule tab, click "Show multiple schedules," then click "New."
Important: When you create a task, you will be prompted for a user account under which the task will run. This account must be a member of the Administrators group, and it must not have a blank password. The Scheduler will warn you if the user is not an administrator; however, it will accept a blank password, but it just won't run.
Note too that unlike the wakeup feature, your shutdown schedule will have to be set up separately on each computer in the library. While the shutdown utility does allow for one computer to issue the shutdown command to multiple PCs, configuring your network to allow such an operation is quite time consuming, not to mention fraught with unrelated perils.
Questions? Need help? Contact Rick Levine at CMRLS (rlevine@cmrls.org, x308)
At a recent CMRLS Techie Roundtable, Sal Genovese, Director at the Marlborough Public Library, demonstrated his implementation of Wake-on-LAN in his library. Wake-on-LAN (WOL or WoL) is an Ethernet computer networking standard that allows a computer to be turned on remotely by a network message. In Marlborough, staff arrives each morning to find all their PCs started up and ready to go, sparing them daily trek to every corner of the building to press all those on/off buttons. Using the Magic Packets WoL utility, all the computers receive a "wake up" command from a single PC, on a schedule that accommodates for the varying hours and days that the library is open. To find out more about setting up WoL in your library, see Sal's presentation at http://www.cmrls.org/pdf_documents/ce_materials/Wake-on-LAN.pdf, and download Magic Packets from http://www.cmrls.org/downloads/wol/magic_pkt.zip.
The ensuing roundtable discussion quickly turned to the obvious question: If I can automatically turn on my computers in the morning, can I also make them shut down at the end of the day? Indeed, this can be accomplished using Windows Task Scheduler and the shutdown.exe command. Here's how:
First, experiment at the command prompt (Start > Run > cmd) to determine the appropriate "arguments" for shutdown. The relevant parameters are
-s Shutdown the computer
-t xx Set timeout for shutdown to xx seconds
-c "comment" Shutdown comment (maximum of 127 characters)
-f Forces running applications to close without warning
A typical shutdown command might look like this:
shutdown -s -t 300 -c "The library closes at 5:00 PM." -f
The resultant shutdown window will display a message warning the user to save any work, a countdown timer showing time remaining before shutdown, and your own message (comment). When the specified time has elapsed, Windows will close any running programs (whether or not work has been saved) and initiate the shutdown process. NOTE: Since you don't want to actually shut the computer down during this testing, be sure to leave the command prompt window open; at any time during the countdown, type shutdown -a
Once you're satisfied with the command line you have fashioned, incorporate it into a batch file:
- Start Windows Notepad (Start > All Programs > Accessories > Notepad).
- Type the command exactly as you had at the command prompt.
- Save the file with a .bat extension. Important: Notepad normally saves files as text (.txt). To override this behavior, enclose the full file name and extension in double quotes when saving, e.g, "shutdown.bat" .
- Test the batch file by double-clicking it. Don't forget to have the command prompt window open to cancel the shutdown.)
With your working batch file saved to disk, use the Task Scheduler to run it at the appropriate time(s):
- Go to Control Panel
- Double-click Scheduled Tasks
- Double-click Add Scheduled Task
- Step through the Wizard to point to your batch file and select the days and times as required.
You can create multiple tasks to account for varying library hours. For example, one task may be set to run at 4:50 PM on Mondays, Wednesdays and Fridays, another at 6:50 PM on Tuesdays and Thursdays. Alternatively, you can create multiple schedules within the same task: Double-click the task for editing; on the Schedule tab, click "Show multiple schedules," then click "New."
Important: When you create a task, you will be prompted for a user account under which the task will run. This account must be a member of the Administrators group, and it must not have a blank password. The Scheduler will warn you if the user is not an administrator; however, it will accept a blank password, but it just won't run.
Note too that unlike the wakeup feature, your shutdown schedule will have to be set up separately on each computer in the library. While the shutdown utility does allow for one computer to issue the shutdown command to multiple PCs, configuring your network to allow such an operation is quite time consuming, not to mention fraught with unrelated perils.
Questions? Need help? Contact Rick Levine at CMRLS (rlevine@cmrls.org, x308)
Monday, March 3, 2008
Stale cookies: Accessing Issues and Controversies
Last Fall, Facts on File News Service (Issues and Controversies) was acquired by Facts on File (Science Online, et. al.). As a result, the Issues and Controversies "platform" was redesigned to conform to Facts On File's standards and conventions. This included a change in the URL used to access the site.
A few libraries have reported problems with "cookie" access to the new URL: in-library users are prompted for username and password every time the site is accessed. This is apparently caused by a mismatch between existing cookie data and the new URL. The problem can be corrected by forcing the existing cookies to be re-written with the proper information. To do so, go to http://www.2facts.com/default.asp?BID=7. Enter your username and password, and new cookies will be set. Subsequent access via the normal Issue and Controversies link should not prompt for any authentication.
Subscribe to:
Posts (Atom)