Nerd How

At our library, we have around 20 or so of these computers, running Windows XP pro with some kind of pcLocker program set up to manage users’ time limits. (~45 minutes I believe. ) All of the computers are hooked up to a main server at the frontdesk, where , upon request, oneself can ask for the librarian to unlock ‘Internet Computer #N’  for an hour of Internet usage. At the end of the session, or when the time limit runs out, all downloaded files ( Including the cache, AFAIK ) are deleted, other changes to the disk are reversed, and the computer goes back into its dormant ‘ugly screen-saver’ stage until the dude at the frontdesk enables it again. The system seems to work pretty well for both sides; the employee just slides the library card  through the reader and the visitor is all set for 45 minutes of censored, un-anonymous, monitored Internet usage.

Many libraries these days have similar Internet access points.  Many of these computers also have about as many security holes as swiss cheese in a colander cap.

Today I had the personal pleasure (; of finding one of these flaws and reporting it. While my workaround did not get me Admin privileges or the ability to save to disk, it did take away the time limit and you didn’t have to go ask someone to activate a computer or anything. Rather simple, really:

Push ctrl+alt+del to get into the Windows XP Pro management applet thing, then log off and wait for the profile to reload. While it reloads, quickly double click on the firefox icon while the computer lock program loads (the desktop is still showing during that time.) and let it run until the lock program is up and you can’t do anything again. Do ctrl+alt+del again, and this time hit shutdown. Firefox pops up asking if you want to save tabs on next init. Hit cancel, exit firefox, and you’re in.

Of course, it is highly unlikely that your library is uing the same software as mine is, so these instructions are probably void.

Anyway, I broke into 3 of these terminals (just to let them know that this really did work on ALL of their computers ) and punched in the above instructions into notepad, along with a few links to some Ubuntu websites, lest they consider using a less trashy operating system. I decided to do it anonymously, and just leave the message on an open notepad for some hapless employee to notice  later. (After all, I still couldn’t save files, and I didn’t take the time to get the admin password either. ) But of COURSE some hapless worker bee HAD to walk up JUST when I was about half way done with the note, so I had to scramble so I wouldn’t get ratted. The way it was, the note made me look like I was some black hat trying to give the info to other kids. In order to escape conforontation, I staked out in the darkest corner of the library with my laptop and lvl’d ++ in Runescape until we left for home.

While I was over there, I overheard the employee make a loud personal phonecall to the IT guy, trying to explain what had happened ( the staff must have hired him. He seemed pretty clueless. )  Evidently the employee took it the right way ( He called me a ‘patriot’ (; ) but the IT guy seemed to disagree. To him I was a so called ’spammer.’  When she hung up they both decided that it was a toss up whether I was on their side or not, so I guess it’s pretty good that I did it incoginito.

Later she made another phonecall to try and solve the actual problem.

We all await my next visit to the library. I used this same method at my old library in Oregon, and they started using Ubuntu, so why shouldn’t these people? I guess we will just have to wait and see…

To be cont. O_o