What Good is Your Privacy Commitment If Your System is Insecure?

HONOR THY PLEDGE: How can your company ensure any modicum of privacy when your product lacks basic security protocols? Of the 121 signatories for the Student Privacy Pledge, eight still don't "do not encrypt the transmission of their users’ login credentials," according to the latest count from Tony Porterfield, the former Cisco engineer who's previously called out companies like Edmodo and Raz-Kids. A wag of the finger to the following companies for not encrypting logins, "one of the most elementary security measures a web service can implement:"

  • brainhive
  • code.org
  • edgenuity
  • writerkey
  • myon
  • orglib
  • readorium
  • raz-kids (Cambium Learning Group)

Editor's note: Tony Porterfield has noted that writerkey, myon, orglib, readorium and raz-kids have added encrypted logins since the time of this post.

News, research, and opportunities - sent weekly.