iLearn Question Tagging

Standards disclosed in the tag section.

We are excited to offer the ability to tag your Quiz questions in iLearn with Common Core Standards. The standards (Language Arts, Math and Science) are available under Tags in each question. You can either scroll to find the one that you want (there are an awful lot of them), or enter part of the standard (to filter) and then select. This will allow you to create quizzes with certain standards. This will also allow us to better create questions that are identified as meeting certain standards.

Standards disclosed in the tag section.

Required badges

Happy Summer!

Every summer, our current required badges expire on June 30th. We are currently reviewing the courses with a variety of groups to determine updates. We expect the courses will once again be available at the beginning of August.

All of us need to complete the required courses (currently there are four such courses ADA, Bloodborne Pathogens, OCR, and Response to Bullying Behavior). These courses will be available on the MyPD site in August.

Potential SPAM email

Several people received an email that they thought was SPAM. They reached out to me to check. Here is my response:
Thank you for reaching out to me with a suspicious email. In this day and age, it is extremely important to make sure that you don’t fall for phishing attempts.
My Dad taught me long ago to “measure twice, cut once”. That advice is relevant here, check twice and make sure before you click on the link.
I thought that I would share what I look for in evaluating this email:
1. The From email address does seem legitimate. However, this is incredibly easy to mask, so not a very strong indicator of legitimacy (hover your mouse over the name on a computer)
2. a “recent change in your work status”. I haven’t had a “recent change in my work status, so my spidey sense is starting to activate.
3. “in the Company’s benefits plans”. Wait a minute, they don’t know which Company that I work for? Spidey sense is tingling.
4. Hm. The link seems familiar. I’ll type this into a browser (NOT CLICK on the link in the email. when I do, I get an error message (This site can’t be reached…) Spidey sense is buzzing like crazy now.
5. The phone number. Hm.

6. “Your Benefits Manager”. Not a real person. I know people who work in the Benefits Department.

Inbox (51) - pattert@dearbornschools.org - Dearborn Public Schools Mail 2018-06-18 07-42-09.png
Given all this information, this is either an incredibly badly written email from a contractor or a Phishing Attempt (a special type of SPAM designed to steal your information).
I would mark this as SPAM and move on.

Security on the Internet

Security on the Internet is a bit like Baskin Robbins, there are 31 flavors. Only, on the Internet, there are way more than 31 flavors. One of those flavors are certificates. (This is designated by https as opposed to http.) Certificates try to make sure that you are going to the site that you think that you are going to. They do this by issuing a certificate that is installed on the web server AND registered.

Unfortunately, Symantec played a bit fast and loose with certificates. Thus, Symantec certificates are no longer “Trusted”. Any web site that uses Symantec for their certificates will now show up with the scary message that “Your connection is not private”. There will be a big button that may say “Back to safety”. (There is also an ADVANCED button (not highlighted), that will allow you to continue to the site.)

Privacy Error Message screenshot

Unfortunately, some of these are legitimate. For example, the screen shot above is from our Destiny system (Library service from RESA). This is a completely legitimate site. It is safe to visit. However, given the message above, I’m sure that most people would not go on.

We have contacted RESA to update their certificate.

Although you should not automatically trust every site that presents this message, some are OK. It is crucial to know which sites are which. Generally, if there is a concern, don’t move on.

COPPA

COPPA is a federal law that impacts Dearborn Public Schools. We must follow COPPA.

COPPA imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.

So, how does COPPA impact us? Well, let’s take a look at a free resource that teachers might find useful with students. PowToon is used to create “awesome videos and presentations”. (Naturally, there is also a paid version).

However, we need to take a look at their Privacy Policy. They will note that they are COPPA compliant, because:

Our website, products, and services are all directed to people who are at least 13 years or older.

This means that students must be at least 13 years old in order to use this service, unless the school and the parents sign off on the creation of that account. Since the district would be responsible for tracking and monitoring that permission, we do not allow students under the age of thirteen to create accounts. (PowToon is one of just thousands of websites that have this requirement).

So, if you work with students who are under the age of thirteen, you need to make sure that any web services that you use are COPPA compliant. (The Department of Technology & Media Services regularly vets sites for compliance).

Online Safety and Security

Jim Fisher has a really nice write up about a potential scam. There are several good tips in his post. This also highlights the importance of being vigilant.

I recently received an email from Netflix which nearly caused me to add my card details to someone else’s Netflix account.

He did the right thing in checking the source of the email, but even that was legitimate.

“Odd,” I thought, “but OK, I’ll check.” The email is genuinely from netflix.com, so I clicked the authenticated link to an “Update your credit or debit card” page, which is genuinely hosted on netflix.com. No phishing here. But hang on, the “Update” page showed my declined card as **** 2745. A card number I don’t recognize. Checking my records, I’ve never seen this card number. What’s going on?

The crux of the scam is to create an account on Netflix and hope that the “real” owner of the account doesn’t notice the billing. However, this is just one way to potentially scam folks. This kind of information could be used in a variety of ways to scam individuals.

I don’t necessarily agree with everything that he says, (Netflix really should do a better job of confirming that you actually have control of the email account), but the message is important.

Just another reminder that in today’s world, it is truly important that you understand what is happening and why.

(*By the way, although the “dot” trick will work with generic Gmail addresses, it will NOT work with our work set up).

Subscribe by email CAPTCHA

Beginning today, we’ve implemented a captcha for our subscribe by email on blogs. First of all, we realize that no one really likes captchas. So, we’ve implemented the most elegant one that we could (more about that in a minute).

As a large school district, we are constantly targeted. It is crucial that we take steps to protect our users and our identity. Thus, we need to make sure that the subscribers are real.

The captcha that we’ve implemented won’t be seen by everyone. Any user within our district network won’t be presented with a captcha (thus, it may most effective to have parents sign up while within a building). Most people appropriately signed into a Google account will not be presented with a captcha either. However, if the user is off campus (not on our network) AND not signed into a trusted Google account, that user will need to complete a picture captcha in order to complete the enrollment process.

Implementing captcha this way will help reduce the number of spammers trying to use our information. This will assist with keeping our emails properly being delivered to parents.

Follow

Follow this blog

Get every new post delivered right to your inbox.

Email address

Skip to toolbar