Tag Archives: internet

Our Digital Life

smartphone-569076_640
“Smartphone” by Jeshoots licensed CC0/public domain

What’s the place of digital media in our lives? What’s the consequences of oversharing online? How can we make responsible choices when we use other people’s creative work? What factors intensify cyberbullying and online cruelty and what can we do to lessen them?

The distinction between online life and offline life is blurring more and more, especially for young people. It’s our responsibility as educators to help our students not only be successful in learning more about the subjects our school offers but also in how to navigate the media and networks of our online life.

Our school teaches explicitly the skills and concepts of “Digital Citizenship” – responsible, ethical and intelligent behavior while online. In our Advisory sessions, as well as in other classes, students will be grappling with issues such as cyberbullying, oversharing, copyright and remixing others’ work, and other important aspects of online life.

To help us do this effectively and efficiently, ICS is using the Digital Citizenship curriculum that was developed by CommonSenseMedia, a non-profit organization devoted to helping families be informed and responsible online users, consumers, sharers and creators. The Digital Citizenship curriculum they’ve developed is highly regarded and widely used in schools, and we are using and adapting it for our students at ICS.

But this education can’t only happen in school. We ask all parents to help your children to learn their place in the online world and act responsibly and safely. I’ll be publishing information on this blog and in the school’s newsletter for parents and other community members to be more informed about how to help our children grow and develop in the online world.

For starters, I encourage all parents to read this PDF Family Tip Sheet on using common sense in digital life. It’s full of good advice for parents, with some excellent suggestions on how to help your children cope with life online.

As for me, the key is one of our ICS Learner Profile traits: balance. It’s OK for kids to be online, chatting and posting on Facebook, sharing on Instagram, watching YouTube videos, etc. It’s also important for them to get outside and play soccer, or go to a dance, or just hang out chatting with their friends over coffee. We’re lucky here in Addis that this is the norm for our children. It’s part of our culture (in school and throughout the community) to value these offline, person-to-person interactions.

As the weeks go by, I’ll be showcasing many of our projects with students and the skills and ideas they’re grappling with. Share your questions, concerns and ideas!

Cross-posted from my school blog.

Sounds Free

cute-15719_640This holiday, I was invited to a “Secret Santa” gift-giving exchange. The only rule was that the present had to be a made one, not a bought one. An obvious choice was to make something edible – always appreciated, but also very common – but then I thought about one of the things that I enjoy the most: listening to music. A mix of holiday songs burned onto a CD with a printed case would be a welcome present for anyone.

To make it more interesting, I decided to share free music: songs that were either in the Public Domain or released with a Creative Commons license. That way, my gift recipient could find more music that she could download and listen to for free …legally. So I went to my favourite sources of free (and legal!) music.

FreeMusicArchive.org

fmascreenshotThe Free Music Archive is a great source of all types of music and podcasts. I often find interesting artists and good music to listen to. The music all has different licenses – mostly some version of the Creative Commons licenses. (One of my favourite finds here is the Debo Band – an American/Ethiopian band that plays some great funky versions of Ethiopian music.)

I went searching for Christmas songs and found all kinds of eclectic songs. The ones that I liked the most were from Badgerland, a label out of Canada that has released some eclectic, mostly folksy versions of traditional Christmas carols and other songs. (There are additional releases on their website.)

Jamendo.com

jamendoscreenshotJamendo is another place I go to find interesting and free music. There are all kinds of independent bands that release music on the site, with all kinds of styles. (I recently found and got hooked on the band I Am Not Lefthanded – featured on the website screenshot.)

I searched for Christmas music and again there were all kinds of interesting music. I was really drawn to Ronny Matthes, a German pianist who has released a number of albums of holiday music, mainly instrumental.

Others

I looked at MusOpen, which has some beautiful classical music – all in the Public Domain. They also have sheet music and educational resources …it’s a great site. I thought about downloading Bach’s Christmas Oratorio, but I figured it would take too many CD’s. (I’ll do it for my own listening pleasure! MusOpen did remind me of the music of the US Air Force Band and they have several holiday recordings on their website free for downloading. (I must admit to being a little uncertain of the license for their music. I know that works by government agencies are in the public domain, but the music is often copyrighted. The USAF Band says the music is free for “educational purposes.” I’ll take it!)

Giving a free gift

gift-553139_640Finding the music, putting together a playlist, burning a CD and printing out the cover and track information (including CC license info and a link to the website, of course!) all made it a personal present for my “Secret Santa.” My work was my time and effort.

But I also like to think that I’ve given another gift: the knowledge of sources of freely shareable music. It’s too easy in this day and age to pirate music, breaking the law knowingly or unknowingly. Using Jamendo or FMA or MusOpen or any other free sources of music works against that. And it spreads the knowledge of otherwise unknown recording artists. I hope that my gift’s recipient will explore other musicians on these sites …just as I hope that you will too!

Merry Christmas!

(note: images are either screenshots or pictures from Pixabay – a source of excellent free photos released in the public domain. They’re free to use!)

 

Pa55w0rds

by Geralt (Pixabay) - license CC0 (public domain)
by Geralt (Pixabay) – license CC0 (public domain)

Passwords are a problem.

Websites require them. They’re hard to remember. They get stolen. You have to change them. They’ve got all those weird characters in them.

Unfortunately, passwords are with us for the forseeable future. Managing your passwords is an important skill for students and adults alike. With security breaches like the recent Dropbox and Snapchat and iCloud password thefts, keeping strong passwords that can be changed and remembered is an important thing for everyone to do.

Various experts will offer various recommendations on how to keep your passwords straight. There are various computer- and web-based password storage systems that will keep strong passwords for you – all you have to do is remember the one password for your password manager and it will give you the rest.

There are, however, two simple ways to manage your passwords easily:

Passphrases

Password Strength from XKCD (licensed CC-BY-NC)

One of the strongest and easiest way to manage passwords is not to use a password at all, but to use a passphrase – a series of words.

This is a very easy way to get a secure and unique code to get into a website, and studies have shown that it is easy to remember and very hard to crack. It’s been popularized by the webcomic XKCD (created by Randall Munroe, an ex-NASA scientist) and has been championed by many security experts. It has been studied recently by researchers at Carnegie-Mellon University and shown to be a very secure method.

Unfortunately, however, there are a couple of problems with it. First of all is the problem of finding several really random words. If the words are not random, it will be easy to crack – either through guesswork or through “social engineering” (if a criminal knows enough about you, he/she can figure out the passphrase). There are systems that can be used to make the words random, but they can be cumbersome and complicated.

The other, and perhaps more difficult, problem with using passphrases is that many systems (bank and credit card sites, particularly) won’t allow them. They will set a limit as to how long the password/phrase can be and require various cases, non-alphabetic characters, etc. It may be possible to build a passphrase using those, but it makes it harder to remember.

Therefore, passphrases are a good system that might eventually supplant passwords and may be used with systems that do not require non-alphabetic characters, but they probably can’t be used widely. I’d recommend you use passphrases when you can, but if it’s going to be confusing for you to have different systems you might want to use option #2.

Cryptic Sentences

This is a method that I have used and championed for years. It’s not my own idea – credit goes to Bruce Schneier, who is an expert on computer security. He wrote about this method years ago and still recommends it. It’s a reasonably simple way to get cryptic passwords that are not too hard to remember.

Start with a sentence that you can remember. Ideally it would be unique to you, like “I broke my arm when I was 7 years old.” You then use the first letter of each word and make slight changes as you wish and as the password system requires. So “I broke my arm when I was 7 years old” becomes IbmawIw7yo or IbmARMwIw7yo!! or something like that.

This is a very easy method for creating cryptic passwords that are easy to remember. Try it!

Managing your passwords

Once you’ve created your passwords, you need to manage them. Here are some basic tips:

Keep them different!

If you use the same password for different sites, then once a criminal has the password he/she can get into other systems. It is hard to break into bank systems. It’s easier to break into Facebook or The Daily Mail. Criminals target soft targets and then use what they’ve got to try to get into other systems. Make sure you use a different password for each system!

You can use some variation of the same password for different sites, but make sure that it’s not easy to guess. Having “passwordGoogle” and “passwordApple” and “passwordBank” means that once one password is compromised, the others are wide open. If instead you use something like “passwordEL” and “passwordEL” and “passwordKN” (not using “password” but something stronger!)  it will be harder to guess. (But don’t just use the last two letters, make up your own system.)

Change them

Security experts recommend you change passwords regularly. The mean ones say you should change them every month or every quarter. That might be a little extreme, but I would recommend you change them occasionally – every year is a reasonable amount. Definitely, you should change your passwords whenever you hear there is some security problem. Don’t put your head in the sand and hope that it won’t affect you!

Remember them

If you need to write them down, don’t put them on a sticky note next to your computer! Write them on a slip of paper and keep them in your wallet or someplace else secure. Ideally, don’t write the password itself down, but some memory jogger. (If my password is “thislittlepiggywenttomarket” my memory jogger might be “swine goes to store.”)

 

At the end of the day, managing your passwords is a chore and a hassle. However, it is also a necessary process – just like keeping your house keys protected and making sure to change your locks if there’s a chance someone has a copy.

In the Internet We Trust ????

road-sign-464641_1280
by geralt (Pixabay) – license CC0 (public domain)

A recent event highlighted the importance of checking the credibility of information published on the internet.  An anonymous blog reported Ebola cases in Kenya and Ethiopia, causing concern among many people in Ethiopia, including ICS community members.

A quick check of the site found it not to be a credible source of information. It was the only site reporting the case in Ethiopia, and it has a strong anti-government bias. The Ethiopian government denied that the report was true. That denial was then backed up by various other organizations including the US Center for Disease Control and the US Embassy. The Kenyan incident was reported in other media outlets, but the case was confirmed to not be Ebola.

This event highlights some of the important critical thinking skills that are needed when getting information on the internet:

Be sceptical about anything that sounds strange

Anybody can publish anything online. For example, did you know that the US Government has kept a Federal Vampire and Zombie Agency to protect US citizens from attacks by the undead? It’s true! You can read all about it online. (Spoiler alert: it’s not true – this is a humorous site.)

Similarly, email messages or Facebook posts that tell you that the moon will be ten times larger than normal, or that Bill Gates will send you $1,000 if you forward a message or that if you open a particular email message your computer will explode or… these simply aren’t true. People send out all kinds of wacky information and there are no Internet Police stopping them. This kind of gossip, rumor-mongering, and spreading of false information has always happened. It’s just with the internet, it’s easy to spread it faster and further.

Chances are, if something sounds wrong …it probably is.

Check the credibility of the source

PD Pics (Pixabay) - license CC0
PD Pics (Pixabay) – license CC0

When you read something online, you need to know who is publishing this information. Are they trying to promote a particular viewpoint? There is a website about the American civil rights leader, Martin Luther King, Jr. which describes all kinds of unpleasant aspects of his personal life. Read through the site, and you’ll wonder why people admire him …until you find out that the website is maintained by a racist white supremacy organization. (I won’t link to the website because I don’t want to increase their traffic, but you can find it easily on the web if you want to read it.)

Check whether a website has a bias. If they are trying to convince you to believe a particular thing, then they won’t give you balanced information. They also may skew the facts or even blatantly misrepresent information in order to further their cause.

Verify the information somewhere else

If one site publishes some information, is it published on another site? If something is only found on one place on the web, then it may not be correct.

Even if you do find the information elsewhere, you need to make sure that it’s not just repeating the first site. A while back, there was a report that the Ethiopian government was banning Skype and other internet calling applications. This report spread out and was reported on several news sites …but they were all simply copying the initial report (which was by an activist group that had an agenda). In the end, the report turned out to be false.

There are a few websites that are devoted to trying to stop the spread of misinformation.  Snopes is probably the best source to use …I always use it to check email messages I receive that make strange claims. Others include Hoax-Slayer and Truth or Fiction. The Straight Dope is also an excellent site that tries to fight ignorance and misinformation.

 

There is a wealth of information on the web, and it’s great to have access to it all. Use it. Enjoy it. But think critically about the information you find. Just because it’s published on a website, just because Google offers it to you when you search for information, doesn’t mean that is reliable. Use the web. But check your facts.

 

Internet security: Heartbleed

The web has been roiled by the “Heartbleed” bug. This problem – it’s not a virus or malware, but something not working right in software (hence a “bug”) – is causing problems for all kinds of websites …and the people who use it.

What is Heartbleed?

heartbleed
Heartbleed is a defect in OpenSSL, one of the software systems which handle secure connections (SSL=”Secure Socket Layer”) between a web browser and a web server. This software means that when you go to a website that needs private or secure information (a password, your bank account or credit card number, etc.), the communication between your computer and the website is secure so that nobody can intercept that private information. (You can tell a site is secure by the https:// prefix to the site’s address (URL) – if you’re loading a webpage with http:// then the connection is not secure.)

The defect in the software allows information to bleed out to anyone or any computer which communicates with that server. The information might include private or sensitive information such as passwords or account numbers. It might not. The problem is, there’s no way of knowing if any private information has leaked out.

If you want to understand exactly how the Heartbleed bug works, check out this XKCD cartoon. It’s a simple but effective demonstration of what happens. Notice that the data being processed by the server is constantly changing, so whenever the request for information from the server happens, the data that’s retrieved changes. Does it include your password? Maybe…

Do I have to worry about it?

man-65049_640
The simple answer is yes. OpenSSL is widely used throughout the internet. Most notably, it is used by Google, Facebook, and Yahoo! – and all of these sites were vulnerable. (This article from BBC News includes a list of some of the most popular sites were vulnerable. Many other sites were also affected… this list is not exhaustive!)

It is not sufficient to simply hope things will blow over. This defect in the OpenSSL software affected the infrastructure of the internet – it affected many systems throughout the web …including sites and services that you may use without being aware of it. You might not have a problem resulting from it, but then again you might. If someone has been able to steal your password, you could wind up being the victim of identity theft or other financial scams. (Read this account by someone whose GMail password was stolen – not related to Heartbleed – and what happened. Friends were conned, mail was lost, and it was a horrible nightmare.)

What can I do to keep my information secure?

The main thing to do is to change your passwords. The important thing is to change your passwords after the OpenSSL software has been updated and new security certificates have been issued. If you do it before this, any criminal exploiting the Heartbleed bug might get your new password.

Ideally, services you use should alert you to the fact that they have patched their systems. (And a proper fix means updating the software and issuing new security certificates, not just updating the software.) Here’s a message I received from Moodle saying their system has been patched (and they did issue new certificates):

moodlesecureIf you don’t get a message from a site, you can check it using a service like this one. Enter the URL (address) for the site and it will check if the system is using the version of OpenSSL that is affected by the Heartbleed bug.

Once you know a system is protected, you should change your password. Any passwords you use should meet these criteria:

  • Your password should be strong. You shouldn’t use an easily recognizable word or sequence of numbers. (“password” and “12345” are two of the most commonly used passwords …they are highly unsecure!!)
    • Ideally, a password should be a random collection of letters, numbers and other characters …such as: kjP87mi%lkj. Unfortunately, such a thing is hard to remember.
    • There are various ways to create memorable hard passwords – here’s one:
      • Make a phrase you can remember, such as “My favorite food is pizza.”
      • Change the case of some of the words, and add in some numbers (you can substitute some numbers for letters) and other characters. If you have a password such as “my FAVORITE!! f00d 15 Pizza?” it will be hard to break.
      • Alternatively, use the first letter of each word (including some numbers and other characters, too) – so you might get a password like “mFf1p”
      • If you can make your phrase more nonsensical or in a different language than English, it will be harder to break. (So, “elephant 74 PURPLE Michael stop!sign” or “BETAM**amesegenalaho!!” would be strong.)
  • Your password should be unique.
    • Don’t use the same password for other sites.
    • You can use variations of your password (“my FAVORITE!! f00d 15 Spaghetti?”) for other sites, but if you repeat a password it really weakens it.
  • Ideally, you should change your password every so often. (It may be a good idea to change your password to sites that had been vulnerable and then patched – such as Google, Yahoo, Facebook – again in a few weeks, after they’ve issued new security certificates.)

There are services that can manage passwords for you if you find this confusing. Some recommended ones include LastPass and the open source KeePass.

Where can I get more information?

Here are some articles I found helpful in understanding this problem and identifying how to deal with it:

Not a cloud in sight

While it is true that you can’t take the sky from me, it’s also true that sometimes those skies are so blue that there’s no cloud. You can see forever – up to the moon and back.

We’ve had some blue skies recently in Addis …as all clouds went away when our internet connection disappeared. Something went wrong with the telecom’s router and the connection shut down for a little under 24 hours.

It was frustrating in school, not having access to the internet. Research had to be put on hold, news wasn’t available, etc. Our mail server had a different connection, so email came in and out …but web-based mail was offline.

But business went on as usual. Students collaborated, did work, uploaded their assignments to their teachers, etc. We use locally-hosted services for all our mission-critical tasks: email & collaboration, our virtual learning environment, e-portfolios, attendance and reporting, etc. We were more limited in what we can do with technology, but we weren’t stopped dead in our tracks.

That’s why we don’t rely on software-as-a-service systems. Sure, Google Apps for Education have some fantastic features, but when your connection goes down those features are worthless. That’s why we’re testing out our locally-hosted OwnCloud system.

And while it may be true that Ethiopia has more frequent connectivity losses than the US or European countries, I do know that connectivity can be a problem anywhere. Try running your Chromebook in rural USA. And even giants like Google or Amazon have periodic outages.

Besides, there are plenty of high-powered tasks that people can do using technology without being connected to the internet: edit a video, graph data, build a presentation, design graphics, write a program, etc. …and let’s not forget that communication and collaboration can happen amongst people sitting in the same room. And if you want to reach out further, try another classroom in a different grade. There are plenty of non-tech 21st century learning opportunities!

At the end of the day, it all boils down to perspective. A loss in connectivity could be a disaster. Or it could be an opportunity. At worst, it might just be a minor inconvenience, forcing to you to focus on something you weren’t intending. It all boils down to how you deal with unexpected occurrences and how resilient you are.

And isn’t that a perfect 21st century skill to cultivate?

Addendum:

I wrote the above around 5 p.m. today. Now, around 10p.m. I see this tweet:

Prescient?

Best online maps? Surprise!

Want to find a place online? Want to see a map? Where do you go? Google’s maps, right?

Guess what? It’s not the best – at least not for Addis!

Take a look at these two maps:


Which one looks better? Which one has more detail? The top one is from Google Maps while the bottom one is from OpenStreetMaps.org

What’s OpenStreetMap?, you might say. It might not be as famous as Google’s work, but it’s well worth a look. OpenStreetMap is an open and freely accessible collection of map data that anyone can contribute to. Consider it a “Wikipedia” for mapping. As such, it has a wealth of information about all kinds of places. Certainly there is more detail about Addis Ababa than on the Google map.

Don’t take my word for it: the Guardian has written about it for quite some time. Here’s an article from a year ago comparing the two services in various places.

One of the greatest things about OpenStreetMap is that it is completely editable. Go ahead, give it a try! It’s not hard. (Do you see the new location of Aba Guben on the OSM screenshot above? That was me!) Plenty of people in Addis are adding data – and the more who do, the better the maps will get.

Google has recently launched its MapMaker service – so you can add to a Google Map as well. It’s not hard either, but there are some differences. Probably the biggest difference is that the changes you make to Google Maps are owned by Google. You’re doing their work for them. OpenStreetMaps data is all freely licensed – if you want to use their data, you are allowed. This may not mean much to individuals, but for businesses with high-volume websites, they have to pay (and pay quite a bit) to use Google’s maps. They can freely use OpenStreetMaps. Again, don’t take my word: here’s one map-contributor’s comparison of the two services.

So go ahead: use OpenStreetMap. Add your favorite places to it. Show off Addis! (If you want more guidance, here is a good place to start.)

The Internet Saved My Dog’s Life

No, really. It’s absolutely true. Without the Internet, my dog would be dead. He’s doing quite fine, thank you very much, thanks to the web.Hoover

This is my dog, Hoover. He’s 11 years old – we think. We got him three years ago when his then-owner moved away to Darfur. My daughter was five and she’s grown tremendously attached to Hoover over the years. He’s a friendly, gentle animal.

Just before we went away for the summer, he started living up to his name: he was hungry all the time. He’d eat and then follow us into the kitchen, quietly begging for scraps. He’d also started needing to defecate frequently – so much that we had to have him sleep outside because he was disturbing our sleep. We de-wormed him and changed his diet but nothing seemed to help. Then we got back from our holidays and he looked horrible: just skin and bones. He had no energy, his ribs were sticking out. I took him to the vet and he tested his blood sugar – no diabetes. No parasites, either. The vet was stumped. Was it a tumor? Cancer? Something else?

Vets here in Ethiopia have limited resources – labs are minimal, access to medicine is iffy – and that people often have a more practical attitude towards animals. Animals are livestock: sources of food and income. The vet was sympathetic and puzzled about Hoover’s decline but in the end he said Hoover was an old dog and there wasn’t anything he could do for him.

Not willing to let my daughter’s pet just go – and aghast at the idea of our dog starving to death while we fed him plenty – I took to the internet. Searching led me to plenty of sites of advice and animal medical information …all of which wound up with the “ask your vet” type of advice. All well and good in America or Europe, but not helpful here. The vast majority of sites talked about diet and parasites. Again, not much use.

Finally, stumbled on a site focusing on EPI in dogs (epi4dogs). EPI – or Enzyme Pancreatic Insufficiency – is a failure of the pancreas in which a dog simply can’t digest his food. He’ll eat plenty, but just defecates it out undigested. I read more about the symptoms and looked at the photos of dogs – this might be what Hoover had. How to be sure? Oh, yes: your vet can do a test. The samples have to be sent to a particular university lab in the US. Ah. Not going to happen.

So how to see if this is what he had? Maybe if I try the treatment on him and see if he improves. How do you deal with a dog with EPI? Buy powdered pancreas enzyme and sprinkle it on his food. <sarcasm> Oh, yes. This is easily obtainable in Ethiopia. </sarcasm> Any advice to those of us living in more out-of-the way places? Sometimes adding raw pancreas to the dog’s food can work. Pig pancreas works best.

Not a lot of pigs here, but we have plenty of sheep. Ethiopians (like many Africans) like their meat fresh, so people buy sheep live and slaughter them at home. This shouldn’t be hard. After a consultation with some of the Ethiopians around, we find out that pancreas is called tafiya in Amharic and that it’s not eaten. People might keep it to feed their dogs (ha!), but otherwise it’s mostly discarded. So we sent out word to the neighbors and sent our guard out to the slaughtering sites to try to get some tafiya for Hoover.

It was a slow start until the end of Ramadan and the approach of the Ethiopian new year. Then we got tafiya by the sackful. (At about 1birr each – that’s about 8cents.) We added it to Hoover’s meals and he seemed to be improving. His stools were looking more digested and were coming less frequently, anyway.

So back to the internet. EPI4dogs had some links to some places where we could order the pancreatic enzyme powder. Thank goodness for credit cards and online shopping! Shipping medical products (a powder with a biohazard warning on it, no less!) to Ethiopia would be problematical at best. Fortunately, we found some friends who could get it in for us …but it would take a while. So we waited and ground up the raw tafiya and added it to his food and Hoover seemed to be less hungry and more energetic.

Finally we got the pancreatin powder and started adding it to his food. We kept up the tafiya as well, figuring it would do no harm and it was readily available. (We had a big bag of it in the freezer from the Eid al fitr feasts!) His ribs are now sticking out less and there seems to be more meat on his belly. It’s still early days, but things are looking good for him.

So my dog owes his life to the Internet. Without it, he would have starved to death (while eating frequently). A horrible prospect. With the WWW, however, I had access to enough information to find out what the problem was and then access to the medicine he needed.

I always like a moral to a story and look to generalize things, so here goes. In more remote or less-developed parts of the world like Ethiopia, the access to information that the Internet brings is of phenomenal importance. People can quite literally know more than they ever possibly could before. With a little work, they also have access to goods and services that were formerly completely out of the realm of possibility. This has amazing ramifications on people’s quality of life. The saving of my dog’s life may be a small thing (to you, anyway – not to my daughter!) compared to the potential for helping or saving human lives, but it points the way: open access to information and access to services and products beyond the local market can save lives.

So thank you, Sir Tim Berners-Lee, and all the team who created the internet. And as I check my Twitter stream and send out emails, I acknowledge and am grateful that the Internet has not only brought more communication and entertainment into our lives, it has also brought the means of actually saving lives.