Heartbleed – it’s the wake up call we all need.

The word on people’s lips at the moment is Heartbleed, and it is important that everyone who has an online account pauses to take stock.

Have you received an email  from a social media site urging you to change your password recently? Maybe you’ve seen this webcomic from XKCD, and wondered what it was all about…

According to the Heartbleed website, the Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. What does this mean? A great explanation can be found here; but essentially, the code that protects information which is sent back and forth from your computer to a website has an error in it, which enables a hacker to access not just the minimum amount of data that is usually sent, but possibly a lot more; like passwords and personal information. 

Another way of understanding it is by using an analogy like this:

You live in a high crime area. You return home one night and realise the garage lock is broken. It appears to have been broken for some time. You can’t tell if anyone has been in the house,  but you realise that you left a letter from your bank on the dining room table.  If someone had been in the house, they could have taken a copy of it, and may use it to rob you at a later date. You decide to contact your bank, just to be safe.

2014-04-14_1551Mashable has used their considerable reach to contact many of the most popular websites to see if their services may have been compromised, and published a list of sites which may be vulnerable to the Heartbleed bug; you will be surprised by how many you probably use every day.

Why is this a wake up call?

Let’s face it, we all have many online accounts these days, and we may not always take the best precautions when creating passwords, or managing them. Between email accounts, work intranets, social media accounts, online banking, online shopping and more, when you think about it,  you will probably be surprised by how many online accounts you actively manage.

Some people handle this by using the same password for every account. Others by writing every account down in a notebook. The worst way is by using sticky notes which attach to your computer screen. Not only do practices such as these put your own data at risk, if you are an educator or parent, it also models very poor security to your students or children.

While topics such as cyberbullying and internet addiction get a lot of media coverage, it is little things, like password management, which are so very important, and yet so easily overlooked. Practices such as the teacher openly sharing a password with students, or publicly consulting a written list of usernames and passwords do nothing to promote good security behaviours to students.

Using a password manager such as Keepass or  Lastpass or Dashlane, makes it easier to manage multiple passwords; teaching students about tools such as these is vital. With increasing numbers of services being delivered online, internet security, and having solid strategies for protecting personal information through the use of strong passwords is an absolutely necessary part of the knowledge set every individual needs.

One of the most important lessons students need to know; never enter your password anywhere except in a secure password manager and into the site which actually requires it; sites that allow you to enter your password to test its strength may not be secure – even Intel’s password checker site has been questioned. Tools which are installed on your computer, such as Keepass, allow you to test your password strength in a safer environment, and even better, will generate passwords randomly.

A terrific series of lessons on password security is available on the Common Sense Media website here: http://www.commonsensemedia.org/educators/lesson/strong-passwords-3-5
Although it links to the US Curriculum, the links to the Australian curriculum are clear: in the Information and Communication Technology (ICT) capability, it quite clearly states that by Year Four, students should be able to apply digital information security practices – making specific reference to the development of secure passwords.


creative commons licensed ( BY-SA ) flickr photo shared by The Daring Librarian

This content is no longer an optional extra for students today – and bugs like Heartbleed are reminders of this for all of us.

Just playing…why we need to let go and have fun!

When introducing teachers and other adults to using new technology, they often ask me how I learnt all of the tips and tricks that I know. My honest answer: I played with the technology. Yes, there are courses you can do, and tutorials you can complete; but the best way to become familiar with most types of new technology is to embrace your inner child and simply play.

The Highest Form of Research / http://creativecommons.org/licenses/by-nc/2.0/

There is irrefutable evidence that play-based learning is a key strategy for early years education.  Children learn through play because it allows them to practise skills, experiment, make mistakes and learn from them – all of things we need to do with technology.

Of course, playing with technology takes time. It requires time spent simply seeing what a tool or app does; entering dummy data, clicking on all of the buttons to see what they ‘do’ – discovering what makes the device or tool work most effectively, and what causes it to error or create less than pleasing results. Fortunately, the more we play, the less time it takes to familiarise ourselves as each new tool presents itself – it is amazing how many skills  developed simply through playing with technology are transferable across websites, devices and apps.

Fear is also another inhibitor. We have probably all heard horror stories of massive data loss and of hideous computer viruses that have infected machines via a seemingly innocent link. Ironically, it is through playing with technology that we will develop the familiarity and ‘savvy’ which will allow us to navigate these areas more confidently.

I do not believe that all those older than 25 are simply ‘digital immigrants’. This argument (which, by the way, is over 10 years old) implies we will never be completely at home with technology, and for many of us, this is patently untrue. I do believe that it is about having an open mind and a playful, creative and risk-taking attitude. This is the type of mindset we hope to develop in our students – how better to encourage it than to model it ourselves?

Why not set aside 30 minutes a week to simply ‘play’? Better yet, schedule your playtime into your class timetable, and allow your students this luxury also. Ask them to share one thing they learnt at the end of this time – and share your own learning too. You may find it is some of the richest learning time of your week.

Share your experiences of playing to learn below, or tweet me with the hashtag #playtolearn – I’d love to know what you discover!

Somebody’s watching me…Who’s viewing your digital footprint?

One of the most important things we must impress upon students is the responsibility that is a digital footprint. We all have one nowadays – every time we pay for something on credit card, use an automated toll payment system, walk in front of a security camera – our actions are recorded digitally, and a little part of our identity is stored online.

Our online identity is added to further by our internet use. Websites use cookies to track our search habits in order to more effectively target us with advertising, or to better ‘tailor’ their services to us. Google knows a lot more about us than we would like to think; as do other websites that we frequent regularly.

We bring this digital identity to life when we share our thoughts, photos and videos online using social media. Where we ate out, who we are friends with, which football team we support; as well as major life events, such as a marriage proposal, the birth of a child, the death of a loved one.

All of this information paints an incredibly detailed picture of who we are, what we do and how we live our lives.

Last week, an employee of the American intelligence agency known as the NSA (National Security Agency) leaked information that revealed they can access information belonging to non-US citizens.   If the servers are held on American soil – and this includes Facebook, Microsoft, Apple and Google, NSA can analyse this information for evidence of any activity that might lead to those planning criminal or terrorist acts. (You can read a thorough description of it here). Although these companies deny giving direct access to the American Government,  the evidence points to the fact that they have made it easier for this process to occur.

Why should this concern us? After all, if we haven’t committed a crime, we have nothing to hide, right?

The issue is not so much that we should fear the American Government. The issue is that with this data being collected, our digital identity which was once spread across many different servers is now possibly being stored on one server, altogether. The puzzle pieces that remain spread and give us some element of privacy are being placed together. This is powerful information – and although Barack Obama has said essentially ‘you can trust us‘, it is those who might hack into these servers and sell this information whom we can’t trust.

This is beginning to sound like a conspiracy theory, rather than a post about digital citizenship. It’s not meant to be. What I believe is that young people today must be aware that the information about them that exists online is their personal property, and that they have a right to protect it. Students who are true digital citizens are not just savvy about their privacy settings on Facebook and their password security – they should also be aware of how others may use or misuse their online identities, and have a voice in ensuring nightmare scenarios such as 1984 don’t ever become a reality.

Life through a Lense – the ubiquitous camera

I don’t know if the Apple advertisement’s claim that more photos are taken with the iPhone than any other camera is completely true – but I do know that we are taking more photos than ever, and more often than not, we are using phones to do it.

If you asked anyone about ten years ago if they would ever use a phone to take a photo, they would have looked at you as if you were daft. The two tools don’t seem connected in any logical way. Apart from futuristic ‘video phones’, the idea of a lense on your phone, which is essentially a voice driven medium would have been the furtherest from people’s ideas about the future of telephony.

Added to this is the ability for the phone to store hundreds of photos. They have replaced Grandma’s little photo album of the grandkids, and at gatherings you often see people clustered around a phone’s tiny screen, viewing someone’s favourite pet or last night’s antics.

The fact that we now all carry around a camera with us in our pockets has changed so much. When the police wanted to find the suspects of the Boston Bombings, they didn’t have to rely solely on security camera footage (although it was cctv footage that eventually led to their identification) – they appealed to the public, seeking photos and video people had taken on their phones which may have inadvertently captured suspicious behaviour.

Likewise the veracity of referees’ decisions was called into question last week, when French Open tennis competitor Sergiy Stakhovsky took his phone from the sidelines, to photograph the mark left by a ball he claimed was not out.

Now that we are not limited to 12 or 24 exposures, as used to be the case with film, there is no reason not to take photos everywhere and of everything. We can use this capability in so many ways – and like everything, there are positives and negatives.

“A photograph is a moral decision taken in one eighth of a second. ”
Salman Rushdie, The Ground Beneath Her Feet

Our students now carry a powerful learning tool in their pocket all of the time. They can record their learning, capture an ‘aha’ moment and reflect upon it, create beautiful images and share them, build a history of their experiences far beyond what we have done in the past.

With this great tool, however, they can also create tremendous havoc. Everyone makes mistakes, and we should be able to learn from them and move on, not have them haunt us for the rest of our lives, captured forever in digital format. Photos that are taken on the spur of the moment and shared online will never ever truly disappear – no matter if they are deleted from a newsfeed or supposedly ‘self destruct’ in a chat service.

And so yet another avenue for solid digital citizenship arises. It’s difficult to get students to stop and think before taking rash actions – and even more so when they are with friends, at a party, caught in the moment. However it is vital for them to understand the responsibility that comes with being able to record a moment in time forever – and the power they wield with just one tap of the camera button.

Perpetually in Beta – the constantly evolving world of the website

Early on in the history of what is known as ‘Web 2.0′, one of the identifying features many speakers touted was that Web 2.0 tools were ‘perpetually in beta’. Essentially, this meant websites and tools were a constant work in progress – with updates and improvements made on an ongoing basis.

We see these updates in websites and tools large and small. Sometimes the improvements are substantial, and welcomed. Other times they are invisible to the user (what on earth does Java change every time I switch on my machine and get told it needs updating yet again??).

Changes to tools that people use on a regular basis are usually heralded with a negative response – anyone who uses Facebook will know the huge reaction to any of it’s ‘improvements’ to its services:

Today, it was my turn to be totally taken unawares by a massive website redesign. Today I presented in front of a group of about 60 Teacher Librarians at their quarterly network meeting. One part of my presentation centred around an incredibly useful GreaseMonkey script, created by the very clever Alan Levine which, when installed, makes Creative Commons attribution information available on every Flickr Creative Commons licenced image. You can read about this fantastic tool on my work blog here.

Unfortunately, last night Flickr chose to unveil quite an extensive redesign – which of course rendered the greasemonkey script null. So, there I was, standing in front of 60 people, with no script to show them and an unfamiliar website to navigate…great!!

Fortunately I had other tools at my disposal to show the TLs, so a crisis was averted, and a quick tweet to the creator of the script gave me up to date information about when it might be resurrected, but it goes to show that online, nothing is set in stone.

What does this mean for educators?

We must be flexible and always have a backup plan; I find that when glitches occur (and they inevitably will), staying upbeat and moving quickly to a second option usually allows the lesson/PD session to continue relatively smoothly.

We must develop in ourselves (and teach our students) a level of fluency with tools and websites that allows us to confidently cope with constant change, find alternate tools or contact those online who can help us. This level of digital literacy comes from not only familiarity with the way things online generally ‘work’ but also the development of skills that can be transferred from tool to tool. The best way to do this is through ‘playing’ with as many different tools as possible, trying things out, investigating why things don’t work as they should and accepting that in the online world, nothing is static (or particularly reliable!).

The only thing constant online is that things are constantly changing. The challenge to stay up to date is demanding; the best way to deal with it is to accept it, and appreciate the fact that when one tool or website does not do what we need it to do any longer, there are always many, many more that will do more, or even better.

Sharing the glory – content ownership in a remix culture

In a world where anyone can publish anything to the world, copyright and ownership of content has become an increasingly interesting, complex and controversial field.

In Australia, a work is copyrighted as soon as it is created. Every drawing, song, story, sculpture, multimedia creation – all are copyrighted, unless the creator chooses to release some of their rights, under a Creative Commons licence (read more about Creative Commons at the Copyright Copyleft wiki, which I created to help educators understand these issues).

Today, Cory Doctorow reported in the Boing Boing blog that Nintendo has chosen to claim ownership over gamer fanvids on YouTube. What does this mean, and why am I blogging about it?

Put simply, many keen Nintendo players create fanvids, commonly known as ‘let’s play’ videos which are basically videos that show them playing a particular game. In these videos, they share tips, easter eggs (hidden extras), show off their skills and generally contribute to the gamer community. An example of a let’s play fanvid is below:

As Doctorow notes, at the moment a search for ‘let’s play’ on YouTube brings up over 9 million videos, many of which have been created by at home gamers.   Although these videos have been created by the gamers, they are based on content that belongs to Nintendo, and Nintendo has decided to monetize these videos by placing advertising around, before or after the videos, income from which will flow to Nintendo, rather than the owner of the video.

This decision has set the gamer community alight;  they acknowledge that  Nintendo is within its legal right to do this, but question whether it is a sensible move to upset so many gamers; you can hear more of this discussion here.

There is no doubt that now Nintendo has made this move, others will follow. In fact some gaming consoles actually have the capacity to record the game as it is played built in.

The concept of fanvids and fanfiction is not new, or limited to video games. In fact, in Japan, it is a major industry.

Known as Dōjinshi, this fan fiction, based on popular manga series, is so well accepted it is sold at major events, the best known of which is Comiket, the most recent of which attracted over 560 000 visitors.  Unlike in many western countries, where fanfiction is seen as a breach of copyright, in Japan it is tacitly accepted as a source of marketing for the ‘official’ publications, and as a breeding ground for discovering new upcoming manga artists.

It seems like Nintendo wishes for its gamer fans to see their move as one which promotes co-existence, similar to the dojinshi model – after all, they aren’t banning videos which contains their content, they are simply profiting from it. From the gamers’ perspective, their videos are not replicating the game, as every player will have a unique experience – they are simply sharing their own.

We will increasingly see issues of ownership of content arising, as technology allows us to remix content and publish it online – and concepts such as copyright, intellectual property and creative commons need to be in the forefront of every content creator’s mind. If you are interested in learning more about this, a great place to start is Bound by Law, a graphic novel available for free download or for purchase through Amazon, which explores the concepts of copyright, intellectual property and fair use in a digital remix culture. It is a fantastic read, and educational to boot!

Download this comic by clicking on the image.

Produced by Duke Centre for the Study of the Public Domain.

I am…Ask Me Anything!

These six words form the basis of a fascinating forum which exists on the popular social media site Reddit. In everyday life, most of us move in relatively small circles – and if we do meet someone who has had an extraordinary life experience, or who has a unique lifestyle or career, often social mores limit just what we can ask.

Enter the AMA (I am…ask me anything). Here you can learn about people who live in far away places – We are staff, students and teachers at a village middle school in Ghana in West Africa. Ask us anything., pop stars – I am PSY! Composer, singer, entertainer, and creator of “Gentleman” and “Gangnam Style”. Ask me anything, and parliamentarians – I am Scott Ludlam – Australian Greens Senator and national comms spokesperson. Ask Me Anything…

The anonymity of Reddit means that readers feel freer to ask what they really would like to know, and the rules of the AMA (literally, Ask Me Anything) means that the responses are more likely to be honest.

It was this recent AMA, from Greens Senator Scott Ludlam that prompted this post. While some AMAs are purile, many others are providing access to individuals that ‘average’ people would never be able to contact. Upcoming AMAs include Mason Peck, NASA’s chief technologist, Gillian Anderson, actress from THE FALL, Hannibal and The X-files, Major Blaine Jones, the lead solo pilot of the U.S. Air Force Thunderbirds, and Roger Federer, Professional tennis player.

Their discussions, answering questions from everyday people, not only creates a wealth of hitherto unknown information, but also makes these people more human, as they relate their stories and interact with the readers – a far more intimate and involving experience than what was previously available only through magazine articles and television interviews.

As an increasing number of celebrities choose to do AMAs (Barack Obama brought Reddit to a standstill when he participated: I am Barack Obama, President of the United States — AMA) a level of proof of identity is required. This is difficult to fake, and if there is any whiff of insincerity redditors (and the moderators who manage the communities) are quick to jump on it; this was evident during the recent Morgan Freeman AMA, where the photo evidence looked dummied up and the responses appeared to be from a publicist rather than the man himself.

So what does the AMA mean for access, open communication and the ability to access primary source information? Simply, it is a new way for those in positions of authority, for those with unique life experiences, for those who are famous to share their stories more directly with others who might never meet them normally. It takes the concept of a campfire chat and distributes it across the globe. It democratises access and allows ordinary people to ask the questions that they really want answers to. It allows us to learn more about other peoples’ life experiences, their thoughts, their opinions and their beliefs, and it creates a unique source of primary information that will be archived online. Imagine if Neil Armstrong, Christopher Columbus, Mother Theresa or Margaret Thatcher had completed AMAs – what a trove of information we would have access to!