iLearn Upgrade

Moodle (iLearn) 3.3 is now available.

This is great news for us. We have been looking forward to the update since the beta was released. We will be upgrading immediately after school is dismissed in June.

Impact

So how does this impact teachers and students? iLearn will look very different than in the past. It will be more user friendly, but it will be different for those who have used iLearn in the past. If you are teaching summer school, the course work will be provided through the newer interface. (You can get more information from a previous post – The Gift that isn’t quite ready – or head over to the Moodle Sandbox to start to get comfortable.

Of course, the upcoming Moodle Moot (with ICE CREAM) will cover the new look and feel for iLearn as well.

Free PD – Free SCECH

The 4T conference will be held this May 20th through May 22nd. This is a virtual conference.

4T Virtual Conference Logo

There is zero cost for K-16 educators to register for the conference (or to receive archives of the webinars).  There is also no cost for K-12 educators to earn up to 19 SCECHs from the State of Michigan (the 4T will pay for you!).  If teachers would like an official attendance certificate (usually teachers outside of Michigan are interested in this option), there is a small cost, please see the link here.

I’ve presented for and attended this conference in the past. This can be a great way to learn something new and receive some SCECHs from the State of Michigan.

Head over the 4T web site for more information and to register.

Phishing Attack Follow Up

On Wednesday, May 3, Google identified, investigated, and resolved an email phishing campaign that affected some accounts in our domain. This issue was addressed within approximately one hour from when Google became aware of it. Please note that we have already taken action to protect all users, and no further action is necessary. To assist you in understanding what happened and providing all users with information on the importance of  email security, we are sharing details on how the campaign worked and how we addressed it.

What happened:

The affected users received an email that appeared to be from a contact offering to share a Google doc. Clicking the link in the attacker’s email directed the user to the attacker’s application, which falsely claimed to be Google Docs and asked for access to the user’s account. If the user authorized the application, it accessed the user’s contacts for the purpose of sending the same message to those contacts. This access only retrieved contacts and sent the message onward—customer data such as the contents of emails and documents were not exposed.

Upon detecting this issue, we immediately responded with a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems.

Google has taken the following steps to protect all users:

  • Disabled the offending Google Accounts that generated the phishing link
  • Revoked any access that the affected users authorized to the attacker
  • Disabled the malicious projects and apps that sought access

In addition, Google is taking multiple actions to combat this type of attack in the future such as updating our policies and enforcement on OAuth applications, updating our email filters to help prevent campaigns like this one, and augmenting the monitoring of suspiciously behaving third-party apps that request consent from our users.

Dearborn’s Response:

Immediately upon notification that there was an issue (we received the phishing attempt as well), we began taking steps to limit the access and impact. We started by addressing the email itself. We began controlling that email so that it did not go to everyone (even though we were on the quickly by human standards, it takes only microseconds for email to be sent). We also began addressing the accounts that we knew were affected. (*Please note that for security purposes, we don’t share all of the details of actions that we take).

Take away:

Technology has become an essential part of our lives. We all rely on email, shared documents and lots of electronic resources. It is up to all of us to be careful and mindful of what we do on the Internet. We should always think twice before granting access to Applications (many users did think twice and did NOT grant access). Unfortunately, we will probably see more attempts to steal our information. Please be mindful and follow good password policies.

You may have seen this attack on your personal (or other) Google accounts. There is no action that you need to take at this point. However, it is a good idea to occasionally change your password. It is also important not to use the same password on multiple sites.

Phishing Attack

There was a major phishing attack today. This one was particularly well done. In short, here is what was happening:

Users would receive an email that someone had shared a document with them. This document was a “real” person. When the user clicked on a link, there was a prompt to allow “Google Docs” access to your data. This was an App that was masquerading as “Google Docs”.  If the user clicked “Allow”, the App now had access to contacts and would further propagate itself by sending out more emails.

This phishing attempt was well crafted in several ways. Everything was spelled correctly. The link looked perfectly legitimate. Lots of people clicked the link and allowed access.

As soon as the Technology Department saw this attack, we immediately began taking steps to intervene. Our intervention included many steps with an “all hands on deck” mentality. We were able to very quickly stem the flow of phishing attacks. However, email moves very quickly and there were some people who received the emails. Again, we took many steps to mitigate the damage (which we don’t lay out here for security reasons).

This attack was not limited to Dearborn Public Schools. Thus, your personal Google account may also have been compromised.

Google has revoked the access that this App had. Thus, everything should be fine now. However, if you want to be double-triple sure, you can go to your Google settings and remove access (the App should no longer be there, but you can confirm that):

  1. Go to google.com.
  2. Click on your picture in the upper right hand corner and select “My account”
  3. Click on “Connected apps & sites”
  4. Click on “Manage Apps”
  5. Find the app called “Google Docs” (you may have a legitimate one – click on the name to check the date installed. If today, May 3, 2017, it could be a problem).
  6. Revoke all permissions

 

Again, it appears as though Google has responded in a method that completely remediates this issue. You shouldn’t have to do anything in particular.

This is a good time to remind ourselves to be careful when we approve others having access to our stuff though. Think twice, click once.

May Free PD

Free PD

Here are some professional learning opportunities:

Click Here to Register

Peer Assessment

Julie Wooton wanted her students to do meaningful peer assessment. In working with some other teachers in her building and the Tech Coaches, she implemented an effective peer assessment activity for her students. I was struck by a couple of her comments (quoted from my memory):

The students really focused on the writing at a much deeper level.

 

I liked that I could easily control which students were editing the other students. Thus, I could assign the paper from a newer student to a student who is a good writer and very caring.

Don’t take my memory of my visit to her classroom, listen to Ms. Wooton herself. The Tech Coaches interviewed her about using Peer Assessment in her classroom.

*Special thanks to Chris Kenniburg for putting together the video. 

 

Dearborn Moodle Moot 2017

This year, Dearborn will be hosting two Dearborn Moodle Moots. The Dearborn Moodle Moots focus on actual implementation for YOUR classroom. The first day is instructional. Lots of choice, models and tools are shared. The second day is all about implementation – YOU will be creating and/or installing resources into YOUR course. There will be experts on hand to assist.

If you are interested in learning more about iLearn, consider signing up. You can find more information at our Moodle Moot site. Watch your email for a discount code.

See the Dearborn Moodle Moot page for more information or to register.

4T Conference (Free PD)

This is a great learning opportunity for educators along with the option of getting between 3-19 SCECHs for free.
4T Conference Logo

About the 4T Conference

The 4T Virtual Conference began as a grassroots effort in 2011 as an opportunity for educators from across the globe to connect, network, and learn from each other about issues in technology education.  The 4T conference is unique from other virtual conferences because all the lead presenters (all K-12 teachers) go through 15 hours of  professional development training on how to instructionally design an interactive and engaging virtual classroom (eg…webinar)!  We use a the Triple E Framework as our conceptual frame and measurement of quality of technology integration.  ALL of our sessions will be interactive, engaging and informative.

http://www.4tvirtualcon.com/schedule.html

Refreshing the Google Accounts login page

Google will be updating the look of the log in page.

Starting April 5, 2017, we’re rolling out an update to the Google Accounts sign-in page to give users an improved experience to securely sign in to their accounts. This new design will make browser sign-in flows consistent across computers, phones and tablets.

Example of new Google Log in page

What will stay the same

  • The steps to sign in won’t change. You’ll enter the same information you usually do, like your email address and password.
  • You can use your account to sign in securely to the same Google services as before.

Why the page is changing

The new sign-in page will:

  • Have a cleaner, simpler look.
  • Make the sign-in process faster.
  • Be consistent across computers, phones, and tablets.
Follow

Follow this blog

Get every new post delivered right to your inbox.

Email address

Skip to toolbar