Open Source Banned

I got the saddest email today from a fellow librarian. In order to protect anonymity I’m not going to say anything about the librarian or the organization – but I do want to share this with you all. First an brief intro. In my open source talks I mention that you can try out many open source applications by using PortableApps on your jump drive. This installs mobile versions of software like Firefox and OpenOffice to your thumb drive allowing you to use it on any computer with a USB port.

One of the attendees at one of my many talks took this tip and decided to learn more about open source by using it risk free on a jump drive. This is awesome – I love it when people leave my talks and actually use what they learned and try to learn more – unfortunately this librarian’s enthusiasm was not greeted with praise for learning new things – instead it was greeted with a threat and USB port lockdown!!

Staff or patrons are not to install or use software that is not installed or approved by Automation/Administration. Per our earlier discussion you were notified that Firefox was not a permitted application. Using a portable version of the software or any other software from a USB thumb drive is only a way to try to circumvent the restrictions in place, very similar to using a proxy avoidance to get around our web filtering.

Technically portable applications are even a bigger concern due to the fact they are circumventing the security that blocking the installation of applications is used for. We understand that it can be frustrating for the staff and patrons due to their lack of expertise on these matters.

We have been installing IE 8 on machines and it is installed on the machines that you are currently using. There may be similar features or add-ons that will provide some of what you are looking for.

I have been lucky in my career to work in very open and enthusiastic libraries – with IT staff that were willing to learn new things and let us try new applications. When I read an email like this it makes me very very sad because there is such ignorance out there – and unfortunately huge roadblocks preventing librarians from learning – and finding ways to provide additional services to their patrons.

This librarian will be doing research to try and educate the IT staff – so if you have suggestions or comments, please share them here. I have already shared my resources and comments – but there is always more to learn!!!


  1. I wish there was a way to protect that librarian’s anonymity while at the same time giving the library’s IT staff a good public shaming. Firefox is dangerous, you can only use IE? Someone’s got it backwards.

  2. As an IT Librarian (are there any of those around anymore–used to be called Systems Librarians, or Automation?) I have to say this is definitely not the atmosphere of my Library–for the most part. Sure, we block some installations, but we’ve been leading the way on a lot of open source implementations. It’s a shame that end-users have to educate the network managers on open source applications. It just goes to show that certifications are no replacement for imagination.

  3. This stuff makes me crazy, especially because I have been using portable apps lately to get around these kinds of restrictions. Let’s put our muscle behind these folks. I know things are changing, but slowly.

  4. I experienced the same attitudes years ago at the publisher I worked for. Stupidity is a bountiful and renewable resource everywhere. The problem is that libraries, unlike companies, aren’t responsive to the usual agents of change—competitive pressure and employee flight. Companies that don’t adapt get smaller or die; library funding is much more loosely correlated with success. And when my publisher told me I’ve had to use crappy software I told them they could either let me do my job or find someone new. Librarians can’t do that, for the most part. The job market is too tight and too based on non-performance factors.

    I wonder if there’s some way to change the system—to make libraries more responsive to getting technology right.

  5. I think the best way to make the kind of change we want shouldn’t be negative. I agree with you all, but being dismissive of your IT department will only make everyone unhappy. I would just smile, say you understand and tell them why using open source stuff is so cool.

  6. I’ve been a long time support of Open Source, but as someone who runs an IT department in a library, I agree with Dave, “being dismissive of your IT department will only make everyone unhappy.” Trying to circumvent whatever protections that are put in place, even if they appear unreasonable, will only cause problems. While I wouldn’t want to ban things like Firefox or other OSS applications (or for that matter any useful software), my staff has had to spend hours fixing computers because someone installed un-approved software (for the record, the software that has caused problems has never been OSS tp the best of my knowledge). With tight budgets and low staffing levels this can cause a huge problem not only for IT staff, but also for lost productive for other staff because machines are unavailable ans IT staff are unavailable to help other employees and patrons. Also, depending on the organization, individual IT employees may not be able to make exceptions for specific staff for a variety of reasons.

    If there is a reason to use a certain application that isn’t typically permitted, Open Source or not, it should be taken through the proper management channels and the reasons why you want to use a particular piece of software should be clearly articulated. What are the benefits in terms of staff time? How will it benefit patrons? How will it make employees more productive? If that doesn’t work, explain, in writing (esp. if you are working in a union shop or are on a tenure track), to your boss why you are unable to perform your job as well as you would like to because of IT restrictions. If that doesn’t work, either the explanation wasn’t sufficient, or you are in an organization that is not open and you need to accept that and decide what that means for you. That is not to say you shouldn’t still try to educate people, but you don’t educate people by circumventing them.

  7. Edward, I understand that and agree – but if the librarian didn’t know that using a USB device was considered circumventing the rules – he/she can’t really be labeled as a rule breaker.

    To be honest – I wouldn’t have thought there was any harm – since it’s installed on my own personal device – not the work computers.

  8. To all – I am not trying to be negative about IT staffs – I’m being negative about ignorance and the lack of desire to learn or promote learning. When you say something like “We understand that it can be frustrating for the staff and patrons due to their lack of expertise on these matters.” that is dismissive – that’s saying we know best and you don’t know what you’re talking about.

    In the case of this librarian – there will be a presentation this week for the administration regarding the value of the products that were on the thumb drive.

    The moral of this story – is never stop learning and never stop educating others!!

    I will keep everyone posted!!

  9. Computer lockdowns are there for security. If the library system is large enough to hire an IT team to manage then the computer network must be large enough that the introduction of a virus would be disastrous.

    This is not about preventing freedom, it has more to do with the cost of repair if a worm or virus were ever introduced into the ecosystem. Once a virus has been introduced it spreads very quickly throughout the network.

    Essentially the issue is not about her but about protecting everyone.

  10. Nicole, I agree with you that the language of the note the IT people sent was not what the IT department should have used. They should have re-stated the policy and not been, as you say “dismissive” about it. Not that this is an excuse for their language, but this librarian and the IT department have, according to the excerpt, had a conversation about this before and it is very dismissive for someone to go behind someone’s back and do something they know or should have known was not permitted. This can be very frustrating for IT staff. Work computers are just that, work computers not personal computers. If this librarian wants to experiment with these tools it can be done so on a personal computer at home. As Donv69 says, the issue is not about one person but about protecting everyone.

    All that said, Firefox not being a permitted application is silly. Without knowing more about the IT setup, it is hard to say why this is the case, but it doesn’t make a lot of sense to me. I would hope the IT department has procedures on adding applications to the permitted list, and if so they should be explored. If not, this librarian should go to management and suggest that a procedure be implemented so that applications that improve service and productivity can be added to the list.

  11. Regarding Firefox – I have more information on why that policy was set:

    “Concerning Firefox, we do not install any open source software programs on the library computers. Most Open source software solutions introduce security, incompatibility, and increased automation maintenance issues. Firefox is not compatible with many web pages and has known issues with many of our databases we offer to the patrons. Not to mention Firefox cannot be managed by our windows group policies. We will be testing Internet explorer 8 and when it has been released, we will then plan a deployment schedule.”

    Regarding experimenting – if our patrons are using it – we should at least know what it’s about – and therefore be able to experiment at work in order to provide better services. If a patron calls the reference desk from home asking how to access a certain resource using Firefox – then the librarian cannot just say – you should use IE instead – they should be able to answer the question at hand.

    My opinion!

  12. Getting threatened with a smackdown is never pleasant. A few suggestions:

    1. Talk with your IT department as much as possible to clarify what things they perceive as ok vs things that freak them out. The more you know about their position/experiences, the easier it will be to avoid stepping on toes. If they see you as someone who makes a great effort to understand and respect their concerns, they will be less likely to overreact to an accidental violation.

    2. Find out the availability/policies for connecting personal equipment and also whether or not there is wireless available. If you have access to wireless and an inexpensive laptop, you may be able to experiment on a machine they are not responsible for at work.

    3. Whenever your IT department’s concern is one of mucking a machine up, rather than network security, you may be able to negotiate a compromise. They may be willing to let you experiment a bit if you agree that the fix for any problems will be wiping the machine and doing an image reload. That way they won’t worry about you asking them to untangle problems caused by software that they’ve never seen.

    Good luck.

  13. I just can’t understand the fear, uncertainty and doubt associated with Open Source. People are SO brainwashed into believing that anything unsanctioned by proprietary pay-for software companies must be suspect.

    Portable apps such as the GIMP, Firefox, Thunderbird, and 30 others empower me to have a familiar environment (almost) anywhere I go.

    This kind of unsupported proprietary software rhetoric is disgusting. Thanks, as always, Nicole, for fighting the good fight.

    John, fellow Open Source Evangelist.

  14. It’s a poor explanation. Often the explanation causes more problems than the actual reasoning. Do open source applications introduce problems? They can much like closed source applications. The real issue is what is the cost of letting anyone install anything on a computer that IT is responsible for maintaining. On that basis it is reasonable to have approved applications and have the requirement that they will be installed by the IT department. I’ve seen extremes of both sides of this argument and all I can say is each situation is unique and unique situations requir flexibility. The IT department gave a poor answer. Politely ask for a clarification.

  15. More context would be helpful. Is this an academic or public library? Is it a corporate library?

  16. Wilfred, I promised to keep it completely anonymous – so I can’t give more details.

    Erik, the librarian didn’t install anything on the computer – it was all on a personal USB key – that’s the part that bugged me so much. I agree – we need to follow rules set out by IT – but the rules were not broken by installing software on a personal device!

  17. Maybe the library enforces filtering or some other proxy using the proxy setting in the browser, so that running portable FF would circumvent that. Maybe the library’s network security isn’t set up so that they’re comfortable with patrons running just any piece of software. Even if you used a run-only list, someone could come in with a port scanner or something worse renamed to firefox.exe and possibly do bad things to the computer or to other computers on the network.

  18. There should only be a policy against viewing objectionable material, not bypassing proxies. Proxies can’t filter everything anyway. Furthermore if the machines are properly locked down there should be no harm from running apps off an external storage medium. Ironically, OSS in the form of Linux could be their solution if they weren’t against it. Set the appropriate permissions and use give the USB drive mountpoint the noexec option in /etc/fstab

  19. Sorry to revive an old discussion.

    This does not sound like open source FUD to me. Open source is literally a red herring in the discussion regardless of IT’s stated reasons.

    Your IT department has decided to meet the needs for web browsing, office functions, etc. via the Microsoft solution. For all of its negatives, the advantage for IT departments is the manageability of this solution via Active Directory and Group Policy. There is no similar Open Source “Free” solution (though there are numerous partial and partially inter-workable workarounds that are used in some shops…).

    The advantage for you is that there needs to be less IT staff than there otherwise might be to accomplish this management, meaning more media budget for your library. Yay! The disadvantage is that they want things to run as they intend – which may not meet your need to experiment at whim.

    Bypassing proxies is only one concern. Unapproved applications can do unapproved things. Yes, they can surf porn, but they can also sniff network packets, scan ports, copy files, grab passwords, and more. They use the CPU and memory resources that IT maintains and that you depend on. Of course you intended no harmful things.

    They forbid these applications because of the harm that they might do as a class. Some shops forbid the use of flash drives altogether because of the threat.

    In a managed environment, it is advisable to let IT know, even to seek permission, before you start “testing” applications. Yes it is a pain. Yes you should be the boss of ALL! Yes, they’ll sometimes say no before they even hear why. And yes, if they were the boss of ALL, your library would have a whole wing devoted to “Lord of the Rings” and a correspondingly smaller number of other books.

Leave a Reply

Your email address will not be published. Required fields are marked *