Flipped Without Permission: Some Advice About Teaching Online an ITBabble No Frills Video

By Tony DePrato | Follow Me on LinkedIn

Posted in Educational Technology, Helpful Tips, TIEONLINE, Tony DePrato, Uncategorized, Video, VideoTipTrick | Tagged , | 2 Comments

Streaming in the classroom: BenQ – Instashow

The journey continues! This time we are looking at the BenQ Instashow. A lot of people may not be too familiar with BenQ in North America, but they have it looks as though they have been making steady inroads into the continent. They may a bevy of products and this is one of them.

If you are familiar with Barco’s ClickShare (review coming soon) you will notice an immediate similarity, and you would be correct! It basically works under the same principal which I’ll check out below.

Price

OK – let’s get this out of the way. The BenQ Instashow is expensive. I looked the cost up on CDW and the cost for this system is $1100 USD. That’s a hunk of change people. The version I have is USB but they do have other connector types available to purchase and all are around the same price point.

One unit is good for one display. We do have two buttons that will allow you to quickly (and seemlessly) switch between one computer and another on the same display.

What can it do?

It can mirror your screen or allow the second screen to act as an extended display. Let me tell you fellow reader – it works really well. That is all it does though. No whiteboard, no multiple computers on the same screen simultaneously, just takes your screen and puts on a projector/TV.

You get a button or two and a base station. The base station obviously plugs into the projector or display and the buttons plug into the computer. The first time, you will need to pair the buttons with the base station. This initial pairing is pretty quick and you only need to do it once.

On the back of the base station you have few options.

As you can see, there is a pairing button, an Ethernet input, and HDMI connector and a microUSB connector (for power). Unfortunatelye the BenQ Instashare does not have Power Over Ethernet (POE). Meaning you need to use the micro USB port to power the device. The good news is that connecting it to a TV or projector’s USB port is sufficient to power the base station. The packaging does include a traditional plug if your device doesn’t have a USB.

What makes this different from the Mersive and the Barco WePresent is that no software is needed. There is no client to download, install and run to connect. It just connects. You plug in one of the buttons into your computer, wait for the light to turn green, press the light and you’re connected.

The lag is nearly nonexistent and the image is crystal clear. It really is pretty nice.

How this works is that the button and the base station form their own private (and encrypted) network. You don’t have to connect the BenQ to your schools’s WiFi or even the LAN. All you need to do is plug it into the display make sure it has power and you’re off and running. Something to note though, the dongle must be plugged in the entire time to work. Which means you are carrying that dongle plugged into your computer with you at all streaming times.

When it is connected to the display here is what is shown.

That is really all the instructions you get. No navigating to an IP address or anything else. Just very straight forward which is really nice.

Streaming Video

Ease of use is one thing, but performance is another. How does the BenQ stream video? It streams video great! There is no lag, no distortion of picture or dropped frames. Audio came through with no problems (though I did have to change the audio output on my Mac each time I connected).

It worked very, very well. I would go so far as to say it streamed video better than an Apple TV and at this price point it had better. Check out the example below. Again, I used a random Ted Talk because you get to see a lot of people talking on screen.

Pretty good eh?

When we had two buttons connected, all a person had to do was hit their button and the image switched instantly. There was no loading screen, no black screen while it was processing. It just switched. We did this many times even trying to see how fast it would go. The BenQ handled it all with ease. Very impressive.

It does take a little time to connect but more about that below.

Issues

It’s not all sunshine and lollipops with the BenQ though. It works pretty well with MacBooks, Windows laptops and Chromebooks, but it was a no go for iPads or mobile phones with USB. I am not sure why, but it wouldn’t react at all when plugged into my OnePlus 6. Does this mean it won’t work at all? Not sure, but we had no success with it.

Then there was the time it took to connect. I would hope that all I had to do was plug in the dongle and a few seconds later I could connect. Not quite. I plugged in the dongle and then after about 25-30 seconds I got a green light on the ring, but when I pressed the button to connect it failed. Here is a video of that happening. I sped up the speed by two but put a time code in the upper left hand corner for reference.

If you were thinking that you could pass the dongle around from student to student to seamlessly stream you better have some buffer time planned in between. This seemed to be the case with any of the computers we tried including the Chromebook. Sometimes we got it up and running in about 30 seconds, but it was always 30 seconds or more.

Once connected though, it was solid. It stayed connected and nothing we threw at it seemed to deter it at all.

The range of the BenQ Instashow is pretty decent at around 8 meters (26 feet) as advertised in its included documentation. It didn’t stutter or try to keep the connection. When it hit the limit it just disconnected instantly – this is nice. No games, no maybe I can stretch it today, it just stops.

The reason I include this in the Issues section is that if you wanted to use this in your theater or large multipurpose room, it may restrict where you can place it. Keep that in mind, before plunking down all that cash. In most classrooms though this would work without issue.

The last issue is the dongles. They’re not heavy or poorly built, in fact they’re feel good. In order for this to work, your computer must stay plugged into the dongle at all times. I had no issues plugging it in, and picking up my computer and walking around the room with it. It worked just fine. Even accidentally bumping the dongle didn’t interrupt the stream.

Managing the BenQ

Well, there is no management option I could find, but really there isn’t much to manage. Since they are plugged into the projector/display via USB, they pull their power from it. If it were to freeze, we would simply restart our projectors. Since we have laser projectors this whole process would take 15 seconds and then a short boot time for the BenQ. That’s not too hard.

I do worry about the dongles (buttons) getting lost as classrooms can move pretty fast but overall teachers could easily power cycle these units themselves.

Would teachers like it?

Hell yeah! Great video streaming and solid connection? You bet they would. I am sure they wouldn’t be too thrilled with the dongle but right now that is where technology is. I do like the fact that it works with Mac, Windows and Chromebooks. The long load times may keep teachers from freely passing the dongle around the room. The cost of a dongle is around $600 USD, so that may also keep teachers from passing it around as well.

Will it replace our Apple TV’s?

Not a chance. It is just too expensive. I like what BenQ has made, but the cost is waaaay out there.

$1100 vs $179 (that’s the 4K version)

There is no way I can sit in front of our CFO and justify the price per unit cost. I’ll be sure to keep my eye on the Instashow but at this point it may be a good idea to have one in the building for presenters.

Posted in Opinion, Patrick Cauley, Review | Tagged , , , , | 2 Comments

Episode 177

  1. RIP Kobe Bryant
  2. Parent Portals 
    1. How to get parents to use them more
    2. Only use one portal – avoid fragmentation
    3. Consistency with the portal for teachers and faculty
    4. Survey coming soon (next few months)
  3. Tony wants to rant on vendors: Managebac 
  4. Microsoft’s new Edge browser
    1. Based on Chromium
    2. Microsoft Chromebook? Edgebook?
    3. https://remotedesktop.google.com/
    4. Cast tab content

You can download the episode HERE

Posted in Podcast | Tagged , , , , | Leave a comment

The Support Puzzle

Jigsaw

By Tony DePrato | Follow Me on LinkedIn

I was recently in a conversation with a large group of people who provide IT Support. Many do not work in education, which is why I like the group. One of the members was recently asked in an interview to rank the following support requests in terms of importance.

1) A teacher has standardized testing starting in 30 minutes however she is unable to access the testing site.

2) The principal (aka your immediate supervisor) can’t open a spreadsheet that she needs to have ready for a presentation later that same day.

3) A teacher is unable to start a lecture because her PowerPoint won’t open. Students are waiting in the classroom.

This scenario truly exemplifies the difference between EdTech and CorpTech. In EdTech the order of importance should be, 1-3-2. In CorpTech it could easily be 1-2-3, or, even 2-1-3. Anyone who has worked with a demanding boss in a Hire-At-Will employment environment would understand why.

In a school, unless the school is on the bad side of accreditation standards, the answer would be 3-2-1.

Here is why.

Teaching and Learning

Most people look at the options and see time and urgency. And although the right answer can be derived from time and urgency, that metric will not always apply. A universal metric is to always focus on Teaching and Learning (TL).

This means that all processes at the school, IT included, need to be on mission and that mission is to support Teaching and Learning. In order to do that, students and teachers come first, and everything else later.

The business of the school is education, education happens within the TL dynamic.

Most school administrators will not even interrupt classes unless there is a real emergency. School administrators will inconvenience themselves to reduce the impact on teachers and students.

In organizations with a head of school or superintendent, those offices may have their own separate support for the technology to further reduce any impact to TL.

The Eisenhower Matrix

I am a big fan of using time management and decision management frameworks. My favorite is The Eisenhower Matrix. I have written about it here if for those who are not familiar with it. 

matrix22

I use the layout above for decision making and project planning. I also use Agile and Scrum when executing the actual pieces of projects. I need these tools to prevent reacting emotionally to problems.

In the scenario above this is how I would categorize each of the three support problems.

DO, Do it Now: 1) A teacher has standardized testing starting in 30 minutes however she is unable to access the testing site.

The reasoning here is that standardized tests have controls that the school must follow. This is a tricky scenario because unless you have implemented IT procedures for standardized testing you would not realize that the pre-testing is completed well in advance. That means the school has already scheduled and guaranteed a test window. The test either has to occur or be canceled and rescheduled. I would write a guide on test implementation, and they vary greatly. For older children, there is a high risk if these test fail.

DECIDE: 3) A teacher is unable to start a lecture because her PowerPoint won’t open. Students are waiting in the classroom.

As a school administrator, I would, of course, ask IT to go help the teacher immediately. In this case, you really need to know the schedule before deciding when to go. If classes are 70-80 minutes every other day, you would want someone in there immediately. If classes are 35-40 minutes daily, you would want to send someone at the end of the class.

The technology has made achieving the lesson goals impossible if the lesson is short. However, the lesson occurs so often that the impact on TL is low. In fact, taking more time in the end when the students are transitioning will allow someone to look at prevention instead of just adding a quick solution that only deals with the symptom.

Most schools have requirements that teachers should be able to run their lessons in the event of an IT failure. This should not happen every day, but it can happen, and teachers are required to work through the issue. If a teacher follows protocol going into the class 5-10 minutes after class has begun, could interrupt their backup plan.

This is why it is a DECIDE. It varies based-on campus and culture.

Delegate: 2) The principal (aka your immediate supervisor) can’t open a spreadsheet that she needs to have ready for a presentation later that same day.

Anyone can do this job as soon as the others are in progress. If there is one IT support person, they will do this last. It is not time-sensitive. Most principals would angry if a teacher or class of students were put in lower priority.

If there is a team, the leader could assign someone to this with a reasonable timeframe.

If you are in EdTech IT Support, make sure you are connected to the culture of your school. Understanding the policies and procedures outside of IT is key to understanding how to support Teaching and Learning.

 

 

Posted in Educational Technology, Instructional Technology, Opinion, Tony DePrato | Tagged , , , , | Leave a comment

Episode 176 – Happy New Year 2020

Tony and Patrick are back for 2020 with a new episode. It’s been a while but I assure the wait was worth it. Be sure to subscribe to us on Apple Music or your favorite podcasting app.

  1. Happy New Year – Resolutions?
    1. TDK12 – Practical advice for expats 
    2. Tdk12.net 
  2. Tony’s Cyber Security Series
    1. Don’t spend $10,000 train your staff
    2. Train your staff first
      1. Certification training CISA, COSN (join this organization), FEMA, Homeland Security
  3. Barco WePresent review
    1. Don’t trust vendors
    2. Viewsonice Viewboard – https://www.viewsonic.com/us/products/shop/viewboard.html
  4. Cubit Robotics
    1. https://itbabble.com/2020/01/16/cubit-robotics-probably-better-than-what-your-are-doing/
    2. https://cubit.cc/

Download this episode here

Posted in Podcast | Tagged , , , , | Leave a comment

Streaming in the classroom: Barco WePresent

When it comes to screen sharing few names are as renowned or respected as Barco. They have a history of building quality products and delivering solid results. So today, I have been playing around with the Barco WePresent. A streaming box that will allow you to connect your device to your projector/display. There are three models that you can chose from.

  • WiPG-1000
  • WiPG-1600W (the model I am reviewing)
  • WiPG-2100

As you can see from the picture above, the WePresent is a pretty compact design much like the Mersive Solstice and not much bigger than an Apple TV.

The WePresent 1600W has two USB A ports on the front. You could plug in a USB with media on it and play it right from there or you could plug a mouse into it to access some of the on screen features.

On the back, you will find a VGA port (pretty rare these days) another USB A port, an HDMI out port a port for power (it’s there, just a little hard to see from the picture) and an Ethernet port. The Ethernet port not only let’s you plug right into your network for a stable Internet connection, but it will also power your WePresent if your switch has Power Over Ethernet capabilities. As I mentioned before this is very nice as it is much easier to pull an Ethernet cable where you want it as opposed to running an extension cord or adding a power outlet to a room.

You may notice the antenna on the device. Those can come off but they are there for a stronger signal.

Price

They seem to range in price from around $500 – $650 per device. Much cheaper than Mersive Solstice but still more expensive than an Apple TV. Of course, the WePresent (like the Solstice) will let you connect with any device (Apple, Windows, Linux, iOS, Android). This is nice. As opposed to Apple TV’s on Apple ecosystem.

What can it do?

Well, not as much as the Mersive but much more than an Apple TV. The Mersive could let you connect a bunch of devices at once while this model (1600W) can only accommodate 4. The 2000 model can handle up to 32 (according to its spec sheet) but why in the world would you want to do that?

Here are some of the other options:

  • Whiteboard
  • Playing media directly from a USB
  • Locking the device down so no one can connect to it
  • Seeing who is connecting
  • Muti screen (up to 4 on this model)
  • Settings (sort of)

It outputs 1080p full HD. There is no 4K option and while 1080p looks fine, up close on a 4k display it can look a little blurry. Not a deal breaker and most classrooms with projectors have 1080p or lower.

The settings isn’t really settings. On our model there are only two options. You can calibrate the device (this is for touch interaction) and the other one is to make a Plug & Show (PnS) token on a USB.

The PnS (not the best acronym) is a USB that will have the Barco software needed for a new computer/guest presenter. It will also link that computer with that partiular WePresent device. If a guest does show up and needs to present wirelessly, then this will come in handy and be much faster than downloading the app, installing the app and then testing the app. It will (should) all work right from that USB. You can make as many of these as you want as well which is nice.

MirrorOP

This is the softare that you need on your device to connect to the WePresent. It’s very easy to use and makes it super simple for anyone to connect. Merely open the software, find the WePresent you want to connect to, input the code (always displayed on the screen) and you’re connected. My computer screen did not fill the image like it does using AirPlay as you can see below.

I found there was a little lag between my mouse on my computer and the display but what was nice is that it was a predictable lag. No matter when I connected or what I did, the lag stayed the same. It never sped up to try and keep up or jerk around the screen. It was smooth and looked good.

When more than one device was connected, the screen was set up into quadrants. This was not great. If there were just two devices, then half the screen was wasted. This is one thing the Mersive did much better than the WePresent.

The WePresent does have Apple AirPlay built into it, so if you have an an Apple computer or iOS device, you do not need the Barco MirrorOP app installed. What I found here is that when I did connect via airplay the lag was still there, but my computer screen filled the entire screen no black bars.

On a sad note, the Barco did not always show up in my AirPlay list on my MacBook Pro. I even restarted my computer but still no WePresent, but when I restarted the WePresent it suddenly showed up. This did not happen often but it did happen more than once.

However, connecting through the MirrorOP app never failed.

Streaming video

I’ll start off with the obvious. It is not as good as the Apple TV. It’s close but not as good. However, it is much better than the Mersive Solstice – by far. In the room we were testing it in, we had built in speakers in the ceiling and while the Mersive sometimes would play through them and other times play through my computer speakers (I never cold figure out why it would switch between the two), the Barco always played through the ceiling speakers. Making that one less thing for teachers to worry about.

Here is a short clip of the lag with the video.

What we found is that if there were a lot of quick shots (think of a Michael Bay movie) then the lag would increase. If the movement was pretty minimal, then the lag wasn’t too bad as you can see above.

Managing

Like the Mersive Solstice, it is possible to manage them all from a single dashboard. I am unsure of the cost. Barco calls their solution the XMS Cloud Management Platform and it will let you manage all of your WePresent devices and your ClickShare devices. According to their video (below) you will need to install a physical Barco XMS server on your network or a virtual XMS server.

I imagine this would be extremely helpful if you have these devices throughout multiple buildings or throughout a large building.

Would teachers like it?

That depends on two factors. Are your teachers using MacBooks and do they want to stream videos? If your teachers are using Windows devices or if they have the choice to bring in whatever device they want to us, then yes. They will like this. It will give them the ability to walk into any space and connect wirelessly and do what the need to do. If your staff is all on MacBooks, then I think the response will be mixed. I have a feeling that the WePresent would be more reliable than the Apple TV but the fact that it disappeared a couple of times from the AirPlay list would annoy me.

If teachers want to stream a lot of video then it is hard to recommend this device. The lag, while much better than the Mersive, still is not what I consider acceptable.

Will it replace our Apple TV’s

No, but we are seriously considering getting two or three to put in our shared spaces so guests can easily connect. The ease of use, reliability and the fact that any device can connect to it makes the WePresent appealing and considering the 1600W is over 50% cheaper than the cheapest Mersive Solstice makes it even more so.

I still need to test out the Airtame 2 (review coming in February) which retails for $399 USD to get a better idea.

 

 

 

 

Posted in Patrick Cauley, Review | Tagged , , , , , | Leave a comment

Cubit Robotics: Probably Better Than What You Are Doing

654724647_780x439

By Tony DePrato | Follow Me on LinkedIn

I have been working with robotics since 2005. I have worked with students from US Grade 4 to students competing in university competitions.

As of late, I have been shocked by this trend: remote control.

Remote control is not the future. The future is autonomous and AI-driven. So why are schools teaching robotics via remote control at all levels with very little autonomous programming?

The software that was once easy to access, often free, and allowed for fairly deep programming has reverted to big graphical blocks.

This is why I am very excited about Cubit Robotics/Electronics for STEM.

I asked Cubit for a sample kit, and they sent it along. My robot frame and build were simple because I wanted to focus on programming.

cubit-rover

The Cubit was loaded with sensor options, and the programming interface was Bluetooth.

For the record, I was using a Macbook, and I was very happy to get back into a programming environment that empowered real coding on an Apple. As of late, most of the robotics packages I have used on an Apple have removed the text-based coding options.

The flexibility was nice, and the educational scaffolding was clear.

You can start with the colorful blocks, and easily get things working.

Screen Shot 2020-01-16 at 7.44.43 AM

Then, you can get into the code, and make things work the way you want.

Screen Shot 2020-01-16 at 7.45.03 AM

Cubit uses Lua language. I found it to be an excellent primer for going in a variety of programming directions. I have always found that using robotics and electronics as a prerequisite for IB or AP computer science is a better primer than simply having an introductory course based solely in a language. Let’s be honest, robots are fun, and they can really help build the programming competency base.

If you are new to robotics and have no idea where to get started, Cubit is an excellent solution. Cubit provides a built-in curriculum with projects ranging from elementary to high school. The programming environment guides users through the initial steps.

Screen Shot 2020-01-16 at 8.10.41 AM

Robotic’s education needs to move away from the obsession with remote control. I believe this obsession emerged from the ubiquity of mobile devices, and the realization that automation is usually a low scoring and frustrating endeavor. When students can use a remote control, they can get more points and do more in less time.

The process, stress, and failure should be the goal when using robotics for K-12 education. If a student can understand the complexities of automation before they leave high school, then they are better prepared for the AI-driven future and their place within it.

It is small, affordable, and easy to build, but Cubit is a step towards authentic learning and forward-thinking.

AI Research

  1. https://www.grandviewresearch.com/industry-analysis/artificial-intelligence-ai-market
  2. https://www.pwc.com/us/en/services/consulting/library/artificial-intelligence-predictions-2019.html
  3. https://apnews.com/Business%20Wire/df8bdcfa4de84f6aa301d3683c2e1b55
  4. https://www2.deloitte.com/content/dam/Deloitte/br/Documents/technology/DI_TechTrends2019.pdf
Posted in Educational Technology, Instructional Technology, Opinion, STEM/STEAM, Uncategorized | Tagged , , , | 1 Comment

Are Your Files Public? The Edlio Example

one

By Tony DePrato | Follow Me on LinkedIn

I have written before about cloud security and file security. I was doing a simple pentesting job for a school recently and found a service they were using called: Edlio.

I cannot say if Edlio has a security issue, or if what I found was simply based-on clients not following procedures, or if all these schools marked their documents as public.

However, I can say it is generally bad practice for:

  1. Personal information to be public and openly searchable
  2. Budget information to be public and openly searchable (aside from summaries and annual reports)
  3. Versions of documents, that are not the final version, to be public and openly searchable
  4. Calendars and other data about large group events to be enabled without security

Schools using Edlio, or other services, need to audit their public content. Here is what is accessible on Edlio with a compound search:

one

two

I then noticed that the documents seem to be organized by date, and mixed. Meaning, different schools appear to be storing documents in a “common” directory, and then their files are further organized.

three

four

Using a search based on the date, I was able to further sort documents from different schools:

five

six

Again, there is no evidence this is an issue with the Edlio service. These documents could be available due to schools simply not managing their permission options, or because the schools believed these documents needed to be public.

The takeaway here is that school senior leadership should be aware this information is public, how it can be searched, and there should be some minor threat assessment done to determine if these documents (and posting policies) are creating more risk than reward.

If you want more information on how to do this type of testing and analysis, please email me: tony.deprato@gmail.com

 

 

Posted in copright, cyber awareness, Educational Technology, Helpful Tips, Uncategorized | Tagged , , , , | Leave a comment

CyberSecurity Part 3: Simple Penetration Testing for K12 Schools

simplepen
By Tony DePrato | Follow Me on LinkedIn

I have been following a few online threads where schools are considering contracting penetration testers. For those who may not know, penetration testing (pentesting) is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) or network to check its security posture. The objective is to penetrate the application or networksecurity defenses by looking for vulnerabilities. These are usuallyweaknesses or flaws that an attacker could exploit to impact confidentiality, integrity, or availability. This goal is the same whether performing application pentesting or network pentesting. ~ https://cobalt.io/pentest

As a consultant, I am not opposed to K12 schools using consultants. However, I have seen some red flags out there from pentesting consultants. I want to highlight those issues, and also provide a method for K12 schools to get started on this process in an easy and low-cost manner.

Finding a Good Pentester

The Conversation

School: We are looking for someone to help test our security.

Pentester: Great. I can do that ( credentials and background presented).

School: What do you need?

Pentester: I need a list of (x,y,z). I need an office to work from. I need to interview…

What is wrong here?

Here is how this should go

School: We are looking for someone to help test our security.

Pentester: Great. I can do that ( credentials and background presented).

School: What do you need?

Pentester: I need a contract protecting me if I break into one or more of your services. I need a contact person to send my findings to. I need a timeline.

A pentester’s job is to find the weaknesses and to find a way to access your organization. If you provide access, not only is the job easier, but they could simply report an issue that is unlikely to occur. I witnessed a similar scenario where a firm was asking for the keys to break into the car.

There may be a point where you want a pentester to become a student and see what a student can do with the access provided. There may be a point where you want them to test spaces used by the public during events.  If you provide and manage laptops, a good pentester will need one of the school’s laptops.

These are reasonable requests. Asking the school to literally give them a roadmap and set of targets is not reasonable.

Doing Your Own Testing

I have a list of standards schools should work towards to be secure. Some these do not always connect well to third party services, public-facing websites, etc.

Over the last few months, I have developed a checklist for pentesting K12 school websites and resources.

Test Definition
Subscription and Services Discovery Can your subscriptions and services be easily discovered?
Files Exposed to the Public Are there files publicly available that supposed to be private?
Calendars Exposed to the Public Is calendar data that should be private, private?
Staff and/or Student Email Harvesting Can your staff and/or student PII be used to create a database for phishing and spamming?
Portals and SIS Are your portals and SIS properly secured and difficult to brute force attack?
Websites and Social Media Are websites and social media properly secured; is the media being used legally and correctly?
Cloud Services Have cloud services been properly secured?
Third-Party Sharing Is anyone sharing your content and do they have permission?
FTP, SSH, and Telnet Are any of these protocols a threat to your school via publically accessible information?
Email Blacklist Is your email domain blacklisted?
Email Header Check Is there any data in your header that could be anonymous or lead to blacklisting?
Email Catch-All for Non Existent Emails Is your email set up to catch any email that does not exist and alert someone?
SMTP Relay Is your email system running services that would allow an attacker to use your email for a criminal act; send an email on someone’s behalf?
4xx and 5xx Error Check Do the 4xx and 5xx pages on your public-facing services configured properly and supportive of trusted users?
HTML Forms Are any HTML Forms vulnerable to low-level URL based attacks? (Will also review CAPTCHA.)

I score these on a scale of 1-5 and document the issues/results. The next level is researching the solutions to correct the problems. Keep in mind, many solutions are in policies and procedures. This means issues need to be articulated for school leaders, teachers, students, and parents.

In other words, avoid jargon and lingo.

Doing as much due diligence as possible before contracting someone will not only save time and money, but it will also help to further educate the community.

If you do not know what is actually dangerous, then everything could be sold as dangerous.

These recommended tests are not very difficult, but if you want to outsource this, email me at: tony.deprato@gmail.com  .  I thoroughly enjoy doing this kind of work and have automated many of these processes with scripts and services.

 

 

 

 

Posted in cyber awareness, Educational Technology, Instructional Technology, TIEONLINE, Tony DePrato, Uncategorized | Tagged , , , , , | Leave a comment

Going Phishing with Finalsite

By Tony DePrato | Follow Me on LinkedIn

This video reviews a method to extract staff email and names from the popular Finalsite CMS used by K12 schools.

Disclaimer: This video is not documenting any known bugs or issues with Finalsite. This video is demonstrating how Personal Information can be harvested using options end-users select. Solutions to this problem are available by adjusting the options in any existing Finalsite implementation. Specific tools and process will not be fully revealed in the video. Anyone wishing to learn more must arrange for a private demonstration.

References:

https://www.proofpoint.com/sites/default/files/gtd-pfpt-us-tr-human-factor-2019.pdf

Posted in Uncategorized | Tagged , , , | Leave a comment