A few months ago, I gave a talk at BSidesLV on the state of security in education technology. My talk, #edsec: Hacking for Education isn’t a hacker talk in the truest of senses— I had no l33t, sophisticated hacks to show off, no beautiful backdoors into well-maintained code to make my point. Instead, I went the route of discussing the lack of security standards, the dire state of security awareness among educators, the deplorable state of school infrastructure, and the security-averse attitude of developers within education technology .
I should have written this post months ago— I am thankful for alot of people who helped me get through my first-ever talk at a national conference— but I’ve been struggling to overcome an awful, awful feeling that in the pit of my stomach after I finished my week away at hacker summer camp. After being surrounded by people who discussed securing the critical infrastructures that make our web work, protecting medical devices from attack, and preparing for the Internet of Things that is to come, I realized that I didn’t go far enough. Continue reading “On #edsec: Education’s massive security problem”