Coursera's Security Potholes

Coursera's Security Potholes

COURSER-OOPS? "A funny thing happened on the way to Coursera," writes computer scientist and Stanford law professor, Jonathan Mayer, as he prepared to teach Stanford Law's first Coursera course. Mayer uncovered some surprising security loopholes as he poked around the platform, such as: "Any teacher can dump the entire user database, including over nine million names and email addresses." The post may be a tad technical for some but is a must-read for developers. It's humbling (and disturbing) to see a company with so much clout (and funding) slip up on security protocols that EdSurge engineers say are fairly standard.

Also worthy of note: Mayer shares that "Coursera and partner institutions have taken the position that offerings on the platform are not covered by the Family Educational Rights and Privacy Act (FERPA). Online courses do not have 'students,' they have 'participants.'"

UPDATE (9/5/14): Coursera Information Security Officer, Brennan Saeta, issued a statement following Mayer's post, saying the "security gaps have already been fully addressed" and finding "no reason to believe that our learners' personal information has been abused."

Stay up to date on edtech. Sign up to have top stories delivered weekly.

Who we are

EdSurge helps schools find, select and use the right technology to support all learners.
© 2011-2016 EdSurge Inc. All rights reserved. Every student succeeds.