On #edsec: Education’s massive security problem

Dinosaurs are a very important part of the security conference experience.
Dinosaurs: a very important part of the security conference experience.

A few months ago, I gave a talk at BSidesLV on the state of security in education technology. My talk, #edsec: Hacking for Education isn’t a hacker talk in the truest of senses— I had no l33t, sophisticated hacks to show off, no beautiful backdoors into well-maintained code to make my point. Instead, I went the route of discussing the lack of security standards, the dire state of security awareness among educators, the deplorable state of school infrastructure, and the security-averse attitude of developers within education technology .

I should have written this post months ago— I am thankful for alot of people who helped me get through my first-ever talk at a national conference— but I’ve been struggling to overcome an awful, awful feeling that in the pit of my stomach after I finished my week away at hacker summer camp. After being surrounded by people who discussed securing the critical infrastructures that make our web work, protecting medical devices from attack, and preparing for the Internet of Things that is to come, I realized that I didn’t go far enough.  Continue reading “On #edsec: Education’s massive security problem”


What To Do When You’re a Teacher Being Cyberbullied #edsec #edtech #edchat


A few days ago, a good friend approached me about a difficult situation taking place in her classroom. After noticing that a student had given her a disparaging nickname in an email, she was devastated when she came across numerous mean-spirited, false comments made about her by that student on a social network.

This wasn’t the first time it had happened in her school– but it was the first time it had happened to her, and she wasn’t sure how to bounce back from something that has marred the last few weeks she had with her students this year. What should she do to protect herself from this in the future? Continue reading “What To Do When You’re a Teacher Being Cyberbullied #edsec #edtech #edchat”

Does edtech need a cheerleader?


Over the past few years, I’ve noticed a worrisome trend in the education community– the rise of the edtech cheerleader. I’m not talking about the teacherbloggers who are the first to integrate the trendiest of tech tools into their lesson plans (that’s another post.) I’m not talking about the teachers who champion technology in ways that extend archaic, ineffective practices in the classroom. I’m not even talking about the teachers pre-writing blog posts about how their tech-infused lessons before the lesson ever takes place (that’s another post). And in case you’re wondering, I’m not even talking about a few recent Techcrunch-y additions to the edtech blogging market. (That one’s a shocker, I know!)

Continue reading “Does edtech need a cheerleader?”

Edmodo: Securing user data, ur doin’ it wrong #edtech

Awhile ago, I mentioned in an epic rant post that a certain ridiculously well-funded education technology company *coughEdmodocough* should spend more money on its security and less money on, say, things that don’t serve to actually make its product better for its users.

The original article that has inspired hours of passionate ranting can be found here, but its main takeaway from it is this: the biggest K12 LMS out there doesn’t secure its user data. Edmodo (and Schoology’s*) user data can be intercepted and viewed by someone other than its intended audience (students, parents, teachers). While the chances of an actual hacker being out there just waiting to prey on some kid’s homework data are slim, this lack of encryption is deplorable—absolutely unacceptable.

Edmodo’s spokeswoman attempted to quash the issue by saying SSL encryption has been available to schools for some time— and that all they have to do to get it is to “opt-in.”

Instead of doing what is right for all of their users and securing their data with industry-standard encryption, Edmodo is making their users opt into something that should just be standard in their platform. 

Let that sink in for a moment, and then, think about it again.

Instead of protecting their user data, instead of taking the time to build out faster and more efficient ways to do right by their userbase, they’re only offering it on an opt-in basis. In essence, your Facebook, Twitter and Pinterest accounts are more secure than a network you use professionally meant to house assignments and sensitive communications among teachers, students and parents.

Are you mad yet?

Education technology news rarely ever makes the New York Times— this was kind of a big deal, a majorly, majorly big deal— and I’m sad to see that  so many people in edtech dropped the ball on pitching an absolute fit. In the case of education and student data, using SSL or any other method of encryption (pick one, there are many!) is the right thing to do… and that anyone would make it an opt-in feature, not a standard feature that protects all of the users on their platform is absolutely unacceptable

Education technology gets a day in the New York Times, and the usual edtech players fail to point out the obvious. How many four-line stubs of this article did you come across during Edmodo/Schoology/edtechencryptiongate?

An edtech rant — “For Low-Income Kids, Access to Devices Could Be the Equalizer”

Is it me, or does this absolutely reek of the silver-bullet fallacy? Yes, yes, I know that those words appear in the first sentence, but having come from a low-income background… I’m not buying it.

Technology isn’t going to make up for the lost opportunities and inequities that low-income and predominately minorities face, no matter how well-implemented a particular program is. An iPhone, iPad or any other device isn’t the answer, y’all, and it’s sure as hell not the answer to racism– and you’ve read about that whole correllation/causation thing, yes? You can’t just say that the digital divide has been closed because you hand a kid a device and VOILA, the kid can access the web and all is righting itself in the world.  The device doesn’t fix the effects of being a child in a single-parent family, it doesn’t make up for not having enough food to go on the table, it doesn’t suddenly fufill Maslow’s heirarchy of needs because the kid is participating in school. It takes people– teachers, community leaders, administrators, parents– to help right the wrongs that are constantly perpetuated in our schools and in our society, and the voices we need to listen to the most are not always heard because they’re not predominately white, affluent or suburban.

Oh, and while I’m at it, can we get some info on the research methodology? Qualcomm and Cisco– when they did their research, was it conducted by a third party or did they do it all by themselves? You know, because data and research can’t at all be co-opted to tell anything but the truth or anything. Numbers don’t lie or anything.

via For Low-Income Kids, Access to Devices Could Be the Equalizer | MindShift.

Reflections on Kickstarting for Education

Screen Shot 2013-01-19 at 1.54.59 PM

Of all of the crowdfunding sites, Kickstarter is the leader of the pack– it’s the biggest, most visible, most successful platform out there, and it because of it, a plethora of incredible projects have come to life. In 2012 alone, over two million people successfully funded 18,109 projects. For many, Kickstarter is to crowdfunding what Kleenex is to “tissue,” though there are many other platforms that have popped up to support the crowdfunding model.

Over the past few months, I’ve contributed time, money, and insight to two specific Kickstarter projects, both of which were funded with only hours to spare. The first, an interactive comic book app, the brainchild of John Boyer and Katie Pritchard, was built for the Plaid Avenger’s unforgettable World Regions class (and the community built around it) at Virginia Tech. The second project of which I was part was Outthink Inc’s “Tornado Maker,” an educational app that, upon completion, would be the only app in the entire Apple App Store designed for preteens.

Continue reading “Reflections on Kickstarting for Education”