Welcome


This blog is dedicated to the topics of Course materials, Innovation, and Technology in Education. it is intended as an information source for the college store industry, or anyone interested in how course materials are changing. Suggestions for discussion topics or news stories are welcome.

The site uses Google's cookies to provide services and analyze traffic. Your IP address and user agent are shared with Google, along with performance and security statistics to ensure service quality, generate usage statistics, detect abuse and take action.

Friday, September 12, 2014

Coursera Is Quick to Fix Possible Breach

While preparing to teach Stanford Law’s first Coursera class, the instructor stumbled across a potential breach that could have knocked Apple’s issues with a hack of iCloud security and compromising photos of entertainers out of the headlines. Jonathan Mayer, a computer scientist and lawyer, while setting up his massive open online course, was able to gain access to nine million Coursera names and email addresses.

In a blog post, Mayer wrote that: 
  • Any teacher can dump the entire user database, including over nine million names and email addresses.
  • Once logged into your Coursera account, any website that you visit can list your course enrollments.
  • Coursera’s privacy-protecting user IDs don’t protect much. 

Mayer alerted Coursera, which addressed the issues immediately and sent an apology to its users. Once the patches were completed, Mayer found plenty of improvements, but problems still exist.

“The bad news is that anyone with teacher access can still look up any individual student’s contact information, so long as he or she either knows the student’s internal ID (it’s embedded in many pages) or can guess a distinctive part of the student’s email address (maybe try first initial last name?),” he said. “That’s a questionable security model, and it’s potentially inconsistent with Coursera’s privacy policy.”