Coursera is learning yet another lesson learned long ago by real LMS providers: you can't fake your way to privacy and security; you have to have real measures in place. Stanford's Jonathan Mayer identifies three major flaws:
- Any teacher can dump the entire user database, including over nine million names and email addresses.
- If you are logged into your Coursera account, any website that you visit can list your course enrollments.
- Coursera's privacy-protecting user IDs don't do much privacy protecting.
To follow up, he writes, "Coursera has acknowledged the issues, and claims they are "fully addressed." The second vulnerability, however, still exists." Via Audrey Watters.
Today: 4 Total: 92 [Direct link] [Share]
View full size
