security

You are currently browsing articles tagged security.

With the recent acquisition of microblogging giant, Twitter, by the apartheid-emerald-mine heir, over one million users have fled the platform and hundreds of thousands of people have started joining Mastodon. Being a tied into various online academic circles, I’ve been seeing discourse about moving the academic conversations that happen(ed) on Twitter to Mastodon, and how universities and scholarly groups can leverage the new platform. It’s neat that these conversations are happening, and people are moving away from corporate-owned walled gardens, but the proposed use-cases look so much to me like trying to squeeze a square peg through a round hole. When all you have is a hammer, everything looks like a nail, and I’m here to show you some different tools you can use.

This blog post is an extension to a short thread I made on Mastodon inspired by some of the more… interesting… ideas for how academics and academic institutions can use the platform.

In the first section of this post, I’m give give a lay-overview of how web-based communication works, how megacorporations have segemented the internet, how Mastodon and other federated social media platforms work, and how they’re different from current social media. In section 2, I discuss the reasons behind choosing specific internet publishing channels, including whether you really need two-way communication, whether you need to chase virality on a public platform, and the merits of creating more intentional communities. In the third section, I propose some solutions for leveraging these technologies especially for scholars conducting academic work, including maintaining an online presence, hosting conferences with equitable access in mind, and organizing communities of scholars to support the people excluded from and exploited by professional academia. Finally, I conclude with a summary and call to action. I encourage and challenge you to stick with it and learn a bit more about the affordances and restrictions of these different platforms.

Read the rest of this entry »

Tags: , , , , , , ,

https://www.xkcd.com/327/

Turns out that Learning Management Systems aren’t as secure as they want you to believe–SQL injection vulnerability is a pretty grievous, novice error to make for company like Blackboard.

The US Department of Education has several online resources regarding the collection of students’ personally identifiable information, and even discusses how online education platforms might collect usage metadata from all of our students–but this doesn’t violate FERPA as long as any shared metadata is not directly linked to identifiable information. So there shouldn’t be any issue with that, unless tech companies start using these data and metadata to create a profile of you, even if you don’t have an account with them.

It’s not a stretch to say that a company like Google could take all of these data and metadata from schools’ Google Apps for Education accounts and match them to personal accounts of people whose personal data match. As long as Google keeps the data for themselves (because only disclosing it would violate FERPA), there are no legal protections for any of us, especially our children, from a company that decides to use these metadata to create psychographic profiles for targeted advertising.

“Oh, so Google can show my A-student ads for colleges, and the C-student can get ads for tutoring? What’s the big deal?” The big deal is that an unscrupulous advertising firm might target students based on psychological traits rather than grades alone (which would be Huxleyan enough). Students whose schoolwork shows a lack of critical thinking, or a reactionary mindset–students who are quick to jump to conclusions just by seeing a headline without reading the whole article (or who don’t bother to read the instructions)–they might be susceptible to the kinds of propagandistic voting campaigns that a company like Cambridge Analytica boasted about.

This doesn’t even touch special education plans, disciplinary records, medical records, or even family information (some of my students’ files have had notes about their parents’ divorce arrangements). We need to start taking students’ data more seriously, otherwise they’ll have to worry about their “permanent records” for the rest of their lives.

Tags: , , , , , , , , ,