Like many privacy-minded parents of elementary students, Tony Porterfield tries to keep close tabs on the personal information collected about his two sons. So when he heard that their school district in Los Altos, Calif., had adopted Edmodo, an online learning network connecting more than 20 million teachers and students around the world, he decided to check out the program.
Edmodo’s free software allows teachers to set up virtual classrooms where they can post homework assignments, give quizzes and use third-party apps to complement lessons. Students can create individual profiles, including their photograph and other details, within their teacher’s class and post comments to a communal class feed.
Mr. Porterfield, an engineer at Cisco Systems, examined Edmodo’s data security practices by registering himself on the site as a fictional home-school teacher. As he went about creating imaginary students — complete with cartoon avatars — for his fictitious class, however, he noticed that Edmodo did not encrypt user sessions using a standard encryption protocol called Secure Sockets Layer.
That cryptography system, called SSL for short and used by many online banking and e-commerce sites, protects people who log in to sites over an open Wi-Fi network — like the kind offered by many coffee shops — from strangers who might be using snooping software on the same network. (An “https” at the beginning of a URL indicates SSL encryption.)
Without that encryption, Mr. Porterfield says, he worried about the potential for a stranger to gain access to student information, and thus hypothetically be able to identify or even contact students.
Click headline to read more--