Remove These Chrome Extensions

Google has removed 500+ Chrome Extensions that Cisco’s Duo Security team identified as Malware. While Google has removed them from the store for download, they did NOT uninstall them from user accounts.

This means that if you downloaded one of the extensions, it may still be running. You should delete the extensions immediately. *These are NOT installed on Dearborn Public School Accounts.

To delete an extension:

  • Open Chrome
  • At the top right, click on the 3 buttons
  • Select More Tools
  • Select Extensions from the pop out window
  • Click the “Remove” button under any extension that you want to delete
  • Click the “Remove” button that pops up in the confirmation window

Here are SOME of the chrome extensions that were removed (and thus, you’ll want to remove as well). *Note that I didn’t list the random gibberish extensions. ** For a Full List, go to Duo Security and look at Section 9.

  • Ad offers by Froovr
  • Ads by MapsVoyage
  • Advertisement Offers by QuizKicks
  • Advertisements by ArcadeYum
  • Advertisements by MapsScout
  • Advertisements by QuizDiamond
  • Advertising by MapsFrontier
  • Advertising by MapsPilot
  • Advertising Offers by FreeWeatherApp
  • Advertising Offers by MapsPilot
  • Advertising Offers by MapsVoyage
  • Advertisment Offers by GameDaddio
  • ArcadeCookie Offers
  • ArcadeFrontier Ads
  • Arcadeyum.com
  • ClassifiedsNearMe Promos
  • ClassifiedsNearMe Promos
  • classifiedsnearme.com
  • CouponRockstar Offers
  • CrushArcade Ads
  • crusharcade.com
  • DearQuiz Advertising
  • DeluxeQuiz Advertising
  • Deluxequiz.com
  • EarthViewDirections Promotions
  • EasyToolOnline Promos
  • EasyToolOnline Promos
  • easytoolonline.com
  • ExpressDirections Ads
  • ExpressDirections Promos
  • ExpressDirections Promos
  • expressdirections.com
  • FreeWeatherApp Advertisement Offers
  • FreeWeatherApp Promos
  • FreeWeatherApp Promotions
  • freeweatherapp.com
  • Froovr
  • gamedaddio
  • GameDaddio Marketing
  • GamesChill Ads
  • Gameschill.com
  • GameZooks Advertisements
  • gamezooks.com
  • GoFreeRadio Promos
  • gofreeradio.com
  • GreatArcadeHits Ads
  • greatarcadehits.com
  • hometailer.com
  • JumboQuiz Advertising
  • jumboquiz.com
  • LoveTestPro Ad Offers
  • lovetestpro.com
  • MapsFrontier Advertisement Offers
  • MapsFrontier Advertisements
  • MapsFrontier Advertising
  • MapsFrontier Advertising Offers
  • MapsFrontier Promos
  • Mapsfrontier.com
  • MapsPilot Ad Offers
  • mapspilot.com
  • MapsScout Advertising Offers
  • Mapsscout.com
  • MapsTrek Offers
  • MapsTrek Promos
  • MapsTrek Promos
  • MapsTrek Promotions
  • Mapstrek.com
  • MapsVoyage Ads
  • MapsVoyage Advertising
  • MapsVoyage Promotions
  • Mapsvoyage.com
  • Marketing
  • Multiext.com
  • Offers by MapsFrontier
  • Offers by MapsScout
  • PackageTrak Promos
  • PackageTrak Promos
  • PackageTrak Promos
  • packagetrak.com
  • PackTrackPlus Promos
  • PackTrackPlus Promotions
  • PackTrackPlus Promotions
  • PackTrackPlus Promotions
  • Packtrackplus.com
  • PlayPopGames Ads
  • playpopgames.com
  • PlayThunder Offers
  • playthunder.com
  • PlayZiz Advertisements
  • playziz.com
  • ProMediaConverter Promotions
  • promediaconverter.com
  • QuickNewsPlus Promos
  • quicknewsplus.com
  • QuizFlavor Advertising
  • quizflavor.com
  • QuizPremium Advertisements
  • RecipeAlly Promos
  • Recipeally.com
  • rewardsecure.com
  • securedgift.com
  • sponsergift.pro
  • SuperSimpleTools Promos
  • SuperSimpleTools Promos
  • Supersimpletools.com
  • usaclub.vip
  • usaconsumerperks.com
  • usagiftscenter.com
  • usaperkscenter.com
  • usapremiumclub.com
  • usasecureconsumer.com
  • usavisitorcenter.com
  • usavisitorco.com
  • usavisitorrewards.com
  • usavisitors.org
  • wrrpam.com
  • YoYoQuiz Advertisements
  • YoYoQuiz Promotions
  • Yoyoquiz.com

A Banner Year

Chart showing the statistics of breaches. Education has 113 breaches, 2 million 252 thousand and 439 sensitive records exposed.

Well, it’s been a banner year. Unfortunately, the banner year is in identity theft and breaches. The number of reported breaches in Education rose from 1,257 in 2018 to 1,473 in 2019. The number of sensitive records exposed in the Education field tallies up to 3,606,114 (an increase from 1,414,624 in 2018). Non-sensitive records exposed tallies up to 22,747 (which is down slightly from 39,690 in 2018). Thus, breaches in the Education sector are mostly increasing. These are the reported breaches.

This is not surprising as more and more of our life is conducted online. More and more of our information is housed online as well.

For us, this information falls into two camps: work and home. We take security very seriously here at work. We also want to help inform you about what this means for you at home.

Work

We have taken many steps to help promote safety and security at work. Here are just a few examples:

  • changed password requirements so that users would be encouraged to create more secure passwords
  • removed local Admin rights to computers to protect against malware installation
  • added banners on emails that come from unverified domains
  • updated settings for security issues

Please remember that many of our staff have access to important data for students and staff. It is staff responsibility and legal obligation to protect that data.

Phishing is one area where we see attempts to collect user information. We regularly block phishing attempts. However, it is up to end-users to help us identify some of these. It only takes one incident to put all of us at risk.

Home

We’ve published tips (like “Password Management“, “Password Tips“, “Phishing Attempts Continue“, “Can You Spot the Phishing Attempt” and even a Comic to explain Phishing).

These are all still valid. Remember, it only takes a second to give up information that can compromise your security. I have a friend who basically spent two solid months of his life trying to recover from an identity thief situation.

Generally, more and more people are using their phones to conduct business and their online life. Phones are a bit unique. Our defenses tend to be at the lowest while on a phone (frequently we are doing something else, rushing to do something else, etc).

Tips

  1. Think before you Click – Remember links are how many problems start. You should always know why you are clicking a link. When in doubt, you should type the URL in the URL box yourself instead of clicking on a link.
  2. Never share your credentials – This is illegal (like Federal law illegal) while at work. It is a really bad idea everywhere.
  3. Update – Updates generally fix security issues. Do be aware of pop-ups that purport to be an update though.
  4. Password Management – Utilize strong passwords. Do NOT reuse passwords. A password manager is the best way to make that happen.
  5. Be aware of Phishing – Know the hallmarks of a phishing attempt. Be critical of requests and links that require you to sign in.
  6. Back up your Data – Back up your valuable data using the 3-2-1 method.
  7. Be wise – Do NOT fall into the “it can’t happen to me” camp. Everyone is a target. Cybercriminals don’t know their targets. Your data is probably already out there and available from one of the data breaches. Check out “Have I Been Pwned” to see if your email address was part of a breach. This will show you where and what was accessed. (*Note that 1Password now owns this site so there is a “soft” sales pitch for 1Password).

Spotlight on Tech

Do you ever want to create a quick formative assessment? With E-Voting in iLearn, this is quick and easy. You don’t have to worry about creating accounts for students. You don’t have to worry about whether the site is FERPA compliant. You can post a QR code* or a link* for students to access the assessment (*Pro tip: QR codes and links can be reused).

E-Voting

Setting up e-Voting is simply a matter of going to your iLearn course and adding an activity called E-Voting.

On the next screen:

  • Add a “poll” name
  • Type your question
  • Type in possible answers (*optionally identify correct answers)
  • *Optionally: Add another question(s) and repeat the steps above
  • Save

Students can access the questions through a QR code or a web link. They do NOT need to sign in to iLearn. You “start” the poll when you are ready. Click on the QR code to expand it. If projected, the students can easily scan it. (Students can also log into iLearn and click on the link. Or, you can copy the URL and get it to the students – paste a link on a shared document, on your blog or email it).

*Note that student names are not associated with answers. iLearn has the ability to associate student names with assessments, but not with this module.

Pro tip: It is possible to create a “generic” question and answers. Then you can create questions “on the fly”. Just create a question that says, “Answer the question I just asked”. Then create answers of 1, 2, 3, 4. You will need to then tell the students what each answer stands for (1=”xxxx”, 2=”yyyyy, 3=”zzzzz”, 4=”I don’t know”).

Naturally, if you would like some assistance, please reach out to our Tech Coach or the Technology Department. We love to help with instruction.

Chrome OS Update

The next update of Chrome OS is scheduled to be released next week. In this update are several security changes.

DRC has discovered that these changes block testing in INSIGHT. This is bad since it would impact WIDA testing.

As a result, we are limiting all Chromebooks to update to version 79. Thus, you can feel free to update Chromebooks as they will only update to version 79. Chromebooks must be on at least version 74 in order to test. All Chromebooks that are used for WIDA testing must be on a Chrome OS version between 74-79 (inclusive).

Students can update Chromebooks using these steps.

Exemplary Media Center

We are proud that our very own Salina Elementary Media Center has received exemplary status!

Ms. Cindy Alvarado was instrumental in achieving this status. It is always wonderful when our talented staff and schools are recognized externally. Keep up the great work.

Too Smart?

Annotation panel with "getting started" directions.

Technology is always fun. Recently we implemented Hypothesis within iLearn (Moodle). Hypothesis is a great open-source project that allows for annotation and bookmarking on the web (and PDF’s within Google Drive).

Recently, we’ve discovered an issue. Hypothesis is so smart that it knows a document is a document even if you’ve made a copy of it.

In K-12, we want to teach students good annotation skills. Frequently, teachers may have 150 students. In order to make things manageable, the teacher certainly doesn’t want all 150 students annotating the same document. So, teachers generally create groups. Thus, a teacher may have a First Hour group, Second Hour, etc. We discovered that Hypothesis doesn’t respect groups. Not a surprise since this is a limitation within the LTI process between iLearn (Moodle) and other programs. So, we created our PDF in Google Drive and used the “Make a copy” feature to create five different versions of the document. We then shared the “first hour copy” with, and this will not be a surprise, our “First Hour” group. We shared our “second hour copy” with our “Second Hour” group. To our surprise, first hour can see the annotations of second hour. Second hour can see the annotations of the First Hour group.

This is apparently a known issue (and now we know too). See. Hypothesis uses a digital fingerprint, not the document meta-data.

Right, for better and worse, Hypothesis is too smart for that. Better, because those annotations are deeply anchored to the specific text and document and could potentially be resurfaced to the user in various contexts. For example, if the student was to use H after the class and came back to the same story/article, we could technically surface their annotations for them. Worse, because you can’t do what you are trying to do which is completely pedagogically sound and necessary.

– Hypothesis Guru

There is a workaround. “Printing” a document to a PDF multiple times will create different fingerprints. This obviously adds quite a few “clicks” to the process.

There are some exciting opportunities with this as well. Students can share multiple annotations across documents.

The Hypothesis Group is aware of the issue and working on it. We look forward to continuing this exciting work.

Annotation Pilot

Annotation panel with "getting started" directions.

We have a wonderful opportunity to teach students to Annotate digitally. This pilot is used through iLearn. It is very simple to set up. Basically, you just add an activity in iLearn. See full instructions below:

This will create a gradable activity in iLearn. Remember that grades can be synced over to Mi-Star.

Here are a few general Hypothesis resources that might be useful to students as well:

Since this is a pilot project, there are still pieces under development. There are a few more neat features that are planned.

Room booking Change

A change to Google Calendar has taken place. This moves booked rooms from the location field to the Guest area.

In the example above, which is heavily redacted, the room being booked is at ASC. Notice that the location field is empty, but ASC-1-Room 8 (30) shows up under the Guests.

Phishing Attempts Continue

fishing hook with "Phishing Avoid the hook" text.

We continue to see phishing attempts. Please note that you should always look at the FULL return email address. This is especially true if an email seems oddly worded.

These phishing attempts will have some “real” information, the name of a principal, the name of the school, the phone number of the school. However, the return email address will be different.

Previously, we posted tips on avoiding phishing scams. Those tips are still good.

Some reminders (if you didn’t read above), of what you can do to help protect yourself:

  • NEVER enter your user name and password into a Google Form
  • Always look at the actual email address the email comes from
  • Hover over a link, without clicking on it, to see what the URL is (hint: https://www.imrippingyouoff.com) is probably not a link that you want to follow.

Free SCECHs through Edupaths

Check out the newly published courses linked below…

Starting January 24, 2020 – EduPaths MOOC for 26+ FREE SCECHs

The EduPaths MOOC is completely online. It includes short modules, videos, discussion forums, individual reflections and an opportunity to put into practice what you have learned! The MOOC can be accessed from anywhere, anytime, with any device.

MOOC allows you to participate at your comfort level. We have the following participant levels:

  • Discover – I just want to observe; check things out and see how they go.
  • Explore – I want to participate some; I want to learn and familiarize myself with the content in the course.
  • Apply – I see the benefit and will participate; I want to learn and make use of content within my own learning environment.
  • Model – I want to learn, demonstrate use of and show others how to apply the content within their own learning environment.

The EduPaths MOOC Focus: Technology Integration Models – SAMR, Triple E Framework, and T-Pack

Edupaths has many other courses that you might be interested in. Check them out.

Follow this blog

Get every new post delivered right to your inbox.