Edmodo (In)Security

Jun 22, 2013

EDMODO (IN)SECURITY: Los Altos parent and Cisco engineer, Tony Porterfield, checked out Edmodo's security features when his sons' elementary school starts to use it and found--not much. Edmodo was not encrypting the user sessions with standard Secure Sockets Layer (SSL) protection, wrote the New York Times. Edmodo told the Times that schools have been able choose to use an encrypted version of Edmodo since 2011. Other sites have similar issues; apparently Mr. Porterfield discovered Shutterfly's site wasn't fully encrypted. (It will be by the end of July.) He also found that student sessions on Schoology were also not protected. (They are now.) Note to development teams: If you are building a product that exchanges student data, go for full session encryption.

Edmodo (In)Security

Jun 22, 2013

EDMODO (IN)SECURITY: Los Altos parent and Cisco engineer, Tony Porterfield, checked out Edmodo's security features when his sons' elementary school starts to use it and found--not much. Edmodo was not encrypting the user sessions with standard Secure Sockets Layer (SSL) protection, wrote the New York Times. Edmodo told the Times that schools have been able choose to use an encrypted version of Edmodo since 2011. Other sites have similar issues; apparently Mr. Porterfield discovered Shutterfly's site wasn't fully encrypted. (It will be by the end of July.) He also found that student sessions on Schoology were also not protected. (They are now.) Note to development teams: If you are building a product that exchanges student data, go for full session encryption.

Next In

Next in

STAY UP TO DATE ON EDTECH
News, research, and opportunities - sent weekly.
STAY UP TO DATE ON EDTECH
News, research, and opportunities - sent weekly.