Troy Patterson

Security on the Internet

by

Security on the Internet is a bit like Baskin Robbins, there are 31 flavors. Only, on the Internet, there are way more than 31 flavors. One of those flavors are certificates. (This is designated by httpss as opposed to https.) Certificates try to make sure that you are going to the site that you think that you are going to. They do this by issuing a certificate that is installed on the web server AND registered.

Unfortunately, Symantec played a bit fast and loose with certificates. Thus, Symantec certificates are no longer “Trusted”. Any web site that uses Symantec for their certificates will now show up with the scary message that “Your connection is not private”. There will be a big button that may say “Back to safety”. (There is also an ADVANCED button (not highlighted), that will allow you to continue to the site.)

Privacy Error Message screenshot

Unfortunately, some of these are legitimate. For example, the screen shot above is from our Destiny system (Library service from RESA). This is a completely legitimate site. It is safe to visit. However, given the message above, I’m sure that most people would not go on.

We have contacted RESA to update their certificate.

Although you should not automatically trust every site that presents this message, some are OK. It is crucial to know which sites are which. Generally, if there is a concern, don’t move on.

COPPA

by

COPPA is a federal law that impacts Dearborn Public Schools. We must follow COPPA.

COPPA imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.

So, how does COPPA impact us? Well, let’s take a look at a free resource that teachers might find useful with students. PowToon is used to create “awesome videos and presentations”. (Naturally, there is also a paid version).

However, we need to take a look at their Privacy Policy. They will note that they are COPPA compliant, because:

Our website, products, and services are all directed to people who are at least 13 years or older.

This means that students must be at least 13 years old in order to use this service, unless the school and the parents sign off on the creation of that account. Since the district would be responsible for tracking and monitoring that permission, we do not allow students under the age of thirteen to create accounts. (PowToon is one of just thousands of websites that have this requirement).

So, if you work with students who are under the age of thirteen, you need to make sure that any web services that you use are COPPA compliant. (The Department of Technology & Media Services regularly vets sites for compliance).

Online Safety and Security

by

Jim Fisher has a really nice write up about a potential scam. There are several good tips in his post. This also highlights the importance of being vigilant.

I recently received an email from Netflix which nearly caused me to add my card details to someone else’s Netflix account.

He did the right thing in checking the source of the email, but even that was legitimate.

“Odd,” I thought, “but OK, I’ll check.” The email is genuinely from netflix.com, so I clicked the authenticated link to an “Update your credit or debit card” page, which is genuinely hosted on netflix.com. No phishing here. But hang on, the “Update” page showed my declined card as **** 2745. A card number I don’t recognize. Checking my records, I’ve never seen this card number. What’s going on?

The crux of the scam is to create an account on Netflix and hope that the “real” owner of the account doesn’t notice the billing. However, this is just one way to potentially scam folks. This kind of information could be used in a variety of ways to scam individuals.

I don’t necessarily agree with everything that he says, (Netflix really should do a better job of confirming that you actually have control of the email account), but the message is important.

Just another reminder that in today’s world, it is truly important that you understand what is happening and why.

(*By the way, although the “dot” trick will work with generic Gmail addresses, it will NOT work with our work set up).

Google Drive-Sync-Stream-Backup

by

Google provides some really great tools. One thing that they aren’t so good at is naming things. Google also isn’t afraid to learn from user experience and implement new things. Sometimes, this leads to confusion.

Some users may have received a notification that the Google Drive App is going away (note the word App, this is NOT Google Drive, but the Google Drive App – see what I mean about naming?). This was an application that the district did not install. However, we also didn’t block it. Some users may have installed it on their own (many may have installed it at home). What it did was to keep a “local” copy of documents on your Google Drive (again Google Drive is NOT going away). Google has removed the Google Drive App (but not Google Drive, Google Drive is still around).

*Note that the web version and the mobile version of Google Drive will not change. 

Google is actually replacing the Google Drive App with two different options:

  • Google Backup and Sync
  • Drive File Stream

Google Backup and Sync

This is the none Google Apps for Education version being rolled out to allow users to have a “local” copy of their Google Drive documents. This would be for your personal (non-Dearborn Public Schools) account. This will sync copies of your Google Drive documents to your computer.

Drive File Stream

This is the official Google answer for Education providers using Google Apps. We are still evaluating the implementation features and consequences of this.

Action

So, what do you need to do? Generally, nothing. You can keep going to the web view of your Google Drive and that will keep right on working.

  • If you have a personal Gmail account and have Google Drive installed on your home computer, you may want to install Google Backup and Sync.
  • At work with your Dearborn Account, there is nothing that you need to do.

ISTE Tech Coach 2018

by

I’m very happy to be supporting the nomination of Amy Gwizdz for the ISTE Tech Coach. My nomination is below:

ISTE Tech Coach Award

Here Ye, Here Ye.
Let it be known that the wonderful Mrs. Amy Gwizdz, Technology Coach for Dearborn Public Schools is being nominated for the 2018 Ed Tech Coaches PLN Award. Mrs. Gwizdz lives as an exemplar of the ISTE Standards for Coaching.

Dearborn Public Schools is the third largest district in the state of Michigan. We have a very diverse population. We have a large English Language Learner population and Economically disadvantaged population. However, even with those challenges, Dearborn Public Schools is recognized as one of the most successful districts in the state.

Herein, you shall find a few shining examples of the leadership Amy Gwizdz provides. Among those shining examples:

Visionary Leadership

WHEREAS: The ISTE coaching standards call for technology coaches to be a constructive part of a shared vision for the comprehensive use of technology to support all students. Mrs. Gwizdz starts that leadership with pre-school students. Mrs. Gwizdz helps pre-school students record themselves defining their goals. Then, she follows up to help them record their progress in meeting those goals.

WHEREAS: Mrs. Gwizdz persistently focuses teachers not on “shiny, trendy” technology, but technology that can truly help students learn. She leads teachers in best practices that not only include technology, but use technology to meet the larger issue of restructuring education to meet the needs of the learners.

Teaching, learning and assessments

WHEREAS: The ISTE standards also call for fundamentals of teaching and learning. Mrs. Gwizdz is dedicated to this day in and day out. She has helped teachers develop a wide range of learning and assessment opportunities.

Digital age learning environments

WHEREAS: Mrs. Gwizdz co-teaches in classrooms to model effective practices. These practices include (but are not limited to) technology and digital tools. Her co-taught classes allow her to work with teachers to deeply infuse technology into the classroom with cooperating teachers. The cooperating teachers then implement that same learning in other classes and help lead other teachers.

Mrs. Gwizdz is part of our focus team to make sure that the district stays on task. Instead of following the “thousand shiny tools of technology”, she works hard to keep the focus on evaluating and supporting those tools that make a difference in real classrooms. She then uses those same tools everyday to support teachers.

Take a look at just one example of a course that she helped develop in conjunction with a team of core teachers. The iLearn Spelling Course allows the process of the weekly spelling test to become student focused and controlled. Students don’t need to spend time on words that they already know. The students are free to move at their own pace. Teachers are freed up from reciting the words for the test. Teachers are also freed up from having to administer a wide range of retests. This allows teachers to spend more time as they need to improve student achievement. Or, how about Hanging Technology on the Wall? Mrs. Gwizdz came up with a terrific solution to a very real issue. Elementary teachers need to show off the work that students do. How can you put a digital assignment up on a bulletin board? Mrs. Gwizdz figured it out. Our School Improvement Site visit teams were WOW’d.

Professional development and program evaluation

WHEREAS: Mrs. Gwizdz takes time weekly to work on professional development and program implementation. She works as an integral part of a small team that makes a big difference. Weekly, she discusses the work that has been done and needs to be done yet. She has established processes that leverage digital communication to seek input and provide answers to questions as they come up. No question or concern goes unaddressed.

Furthermore, Mrs. Gwizdz has created an online portfolio utilizing Mahara. Here, she reflects about what has happened and with whom she has worked.

Mrs. Gwizdz is responsible for working with eighteen different schools. For a lesser technology coach, this may prove too overwhelming, too difficult. However, Amy goes all out. She prioritizes, schedules, and works so efficiently, that she is able to make a difference throughout all of her schools. She conduct needs assessments through groups, self-reflection and individual activities. She designs, plans and delivers professional development that is laser focused on what will make a difference in terms of student learning. She evaluates and re-evaluates professional development so that it truly meets the needs of all learners.

Digital citizenship

WHEREAS: Mrs. Gwizdz works directly with teachers and students to help the develop the necessary skills to be safe and aware in the digital environment in which we live. Beyond that, she has led the way in helping parents of pre-school and elementary students understand the new world that these students are growing up in. Her leadership and training with parents helps them understand how to manage and control screen time.

Content knowledge and professional growth

WHEREAS: Mrs. Gwizdz continually develops and shares her own professional development. She regularly reflects on her professional practice to continually strengthen her own abilities to model effective practice. As one example, please review the wonderful post, From Lawn Chairs to Finish Lines.

NOW, THEREFORE, I, Troy Patterson, Director of Technology & Media Services, do hereby proclaim Amy Gwizdz as officially nominated for the 2018 Ed Tech Coaches PLN Award.

Subscribe by email CAPTCHA

by

Beginning today, we’ve implemented a captcha for our subscribe by email on blogs. First of all, we realize that no one really likes captchas. So, we’ve implemented the most elegant one that we could (more about that in a minute).

As a large school district, we are constantly targeted. It is crucial that we take steps to protect our users and our identity. Thus, we need to make sure that the subscribers are real.

The captcha that we’ve implemented won’t be seen by everyone. Any user within our district network won’t be presented with a captcha (thus, it may most effective to have parents sign up while within a building). Most people appropriately signed into a Google account will not be presented with a captcha either. However, if the user is off campus (not on our network) AND not signed into a trusted Google account, that user will need to complete a picture captcha in order to complete the enrollment process.

Implementing captcha this way will help reduce the number of spammers trying to use our information. This will assist with keeping our emails properly being delivered to parents.

Google Updates

by

As you may know, Google constantly updates Google Docs, Sheets, Presentations and Drive. A couple of updates have recently occured.

Search within a folder

It is now possible to search within a folder on Google Drive. There are two ways to achieve this:

  1. Right click on a folder in Google Drive and select “Search within…..” (the name of the folder will occur after Search within
    Search within menu shown
  2. Use the ninja button (advanced search).
    1. Click the Ninja button (Advanced search – the triangle at the end of the search box.
    2. Click on “ANYWHERE”.
    3. Click on “My Drive” (if searching My Drive)
    4. Navigate to the folder that you want to search.
    5. Add in some text that you are looking for in the box after “Has the words”
    6. Click Search
      Advanced search menu example

Inserting Breaks

*This one has not rolled out yet, but will be coming soon. 

In Google Docs, Page and Column breaks are currently separate lines under the Insert menu. Soon, they will be combined into a “Break” menu. Page and Column break will be a sub-menu.

  • Before: Insert > Page break or Column break
  • After: Insert > Break > Page break or Column break

Alt Text

*We are really NOT happy about this one. This has not rolled out yet either, but is coming. 

Alt Text will be moving from the Menu to a right click only.

  • Before: Select shape > Format > Alt text. This option will be removed from the menu.
  • After: Right click on shape > Alt text. This is the new way to add alt text to a shape.

Meltdown and Spectre

by

You may have heard of two security issues that will impact everyone in the news lately. These are referred to as Meltdown and Spectre. These will actually impact everyone, just how is yet to be determined.

The short version of meltdown and spectre is that we want our computers to be fast. In order to make computers faster, they “guess” what you may want next and make that available. One way to think of this is the Boss from The Devil Wears Prada. The Boss is going to want coffee or tea first thing. The assistant (the computer for our analogy), doesn’t know which one the Boss will want, so the assistant gets both ready. Whichever one the Boss wants is delivered, the other discarded. (This is predictive computing. The computer “predicts” what you will want next and takes those actions. That way, you don’t have to wait for the actions to occur.) However, when the computer does this, it opens up a security vulnerability.

Let’s take a look what they are and how it will impact you.

Meltdown

Meltdown is a security issue at the processor level. Nearly all processors are affected. Basically, meltdown loads things into memory before containing how much memory it will use. This means that other applications can read that same memory. This is especially important to note on shared computers. (Since nearly all web site run on shared computers, this has the potential to be devastating for all of us).

Spectre

There are actually three different aspects for Spectre. Specter is named, in part, for speculative processing. Again, this is the result of trying to “speed things up” for end users. The scary thing about Spectre is that it is theoretically possible to implement from just visiting a web site. This would require the user (i.e. you) to do nothing special, it would not be necessary to click “install”, click “OK”, nothing, to start the process.

Impact

Many companies have known about this issue for a few months. Many have issued patches. (Although this is at the processor level, it appears as though it will need to be fixed at the application level). Unfortunately, the fix can slow your computer experience down. Some estimates indicate that the fix could slow your computer down by 5-30%.

Most major suppliers (Apple and MicroSoft) have already issued patches which address some of the issues. Future patches will address more of them.

Our Team

Our team is making sure that the district computers are patched and up to date. You may notice your computer taking a bit longer upon start up (this should only be once). We also take several other steps to keep the district safe (including limiting the installation of software). We have a lot of hardware to update (fortunately, we do this regularly). Some of the patches are not yet available.

You should…

You should make sure that all of your home and personal devices are up to date with the latest patches. These are crucial. Naturally, you should always follow good digital hygiene.

Also, be very aware of “phishing” scams. This may be an opportunity for the bad guys to try to get you to click on a link. Always think at least twice before clicking “Install” or “Accept”. Be extremely cautious with emails or web sites that ask you to enter your credentials (user name and password).

Interested in more  information?

Here are some resources if you want to know more:

Follow this blog

Get every new post delivered right to your inbox.