If you’re new here and like what you read, you may want to subscribe to our RSS feed.
Thank you for visiting!

I just received this response from Max Lytvyn at MyDropBox:

I’m sorry for the delayed response. I met with the development team regarding the issue you mentioned. It turned out this was a known issue since this past fall, and we had a fix ready. The fix was not deployed not to introduce any changes to the system during the peak usage time. Now, that the peak season is over, we deployed the fix and the exploit no longer exists.

Unfortunately, the flaw is still present and active. Max has been informed. More soon…

..:: Update: December 15, 2007

After I provided Max a link to an example of the flaw (without expiring links), he wrote back:

The link that you provided is from a different product (MyDropBox individual, which is completely different from MyDropBox 2.0 provided to ALL institutional clients). This product has permanent links to reports, as these links are delivered to users via email, and thus should not expire. There is no fix for this particular version of the product at this point, but this product is used by less than 3% of our clients. We will develop a fix for it before the beginning of the next semester.

I’ve found a second critical security flaw with anti-plagiarism software.  This time, it’s with MyDropBox, and the problem is arguably more severe.  Again, private student data and student work are being made available to third parties. I’ve reported the problem to MyDropBox, and will provide more details on this after I hear back from them.

Blackboard Beyond’s Greg Ritter sent me a note announcing that “the issue [I] experienced with SafeAssign that enabled [me] to gain access to a SafeAssign user’s paper has been resolved. Blackboard released a new version of the SafeAssign central service as well as a new version of the SafeAssign Building Block last Tuesday, November 20.”

Since the issue has been fixed, I am now de-redacting my previous post on the issue.

I received a call this afternoon from a third-party developer who confirmed the Blackboard Beyond Initiative is working aggressively on a fix for the critical flaw in its SafeAssign product reported at EF on Tuesday. The good news is that student data is no longer being distributed into the wild. This is a huge gain for students and faculty concerned about privacy.

The quick turnaround on this issue merits extra credit. In the interim, SafeAssign’s grade gets changed to an “Incomplete” until the fix is released.

The flak I caught yesterday regarding SafeAssign got me thinking about term papers in the 21st century. Information and communications technologies make it easy and rewarding to share information. More recently, however, ICTs are allowing people to build creative and innovative products from the information available. We’re evolving into a “cut-and-paste society.” Some examples of which are:

• YouTube, which allows anybody to share videos that interest them with anybody in the world for free
• Mogulus, which allows anybody to create their own TV station for free (something that very recently required a sizable staff and millions of dollars of funding)
• GarageBand, which provides people with tools to record, mix and publish their own music
• Hip-hop, which often mixes, juxtaposes and generates new meanings from music, images and texts

Academic culture and traditions have not caught up to 21st century society. What real meaning is there for society if we were to continue to place heavy focus on traditional term papers, and police the content to make sure no influence is present from modern society?

Creative work, also, is being generated increasingly by machines. Two examples are Brutus and the 20th century’s MINSTREL (see Noah’s comments). Why should we worry about originality in student work if we are perhaps only a couple years (or months?) away from machines that will be able to write original essays, theses, novels, etc., for them? …and what if these machines could write these documents better than –and vastly outperform– most students?

Is there something else schools should focus on?

After reading yesterday’s post on SafeAssign at least 31 times today, Blackboard Beyond Initiative product director Greg Ritter (who also blogs) called me to voice Blackboard’s objections over sharing information on the software flaw that broadcasts submitted students’ papers across the Internet. I thought a personal call from the company was much better than receiving an intimidating letter from Sutherland, Asbill, & Brennan (check out what they sent to others in the past!). Kudos go to Blackboard for this new approach to public engagement.

During our conversation, it occurred to me that due to the longstanding flaw, Blackboard might be violating students’ rights (inadvertently) under FERPA. Rather than become an accessory, I decided to temporarily redact information in the post until Blackboard implements a fix (next week, they promise). Once the problem is fixed, the redacted text will be restored.

The cheerfulness among undergraduates at my institution has transformed suddenly into overt displays of despair and depression. This can only signal one thing: midterm grades are coming in.

Another sign midterms are being graded: the Education Futures access.log has been receiving many referral hits from websites claiming to thwart plagiarism.

Students, please note that submitting your papers on sites such as SafeAssign (by Blackboard) is not safe, and in no way protects your privacy. Why? Because I can read your papers by visiting referral URLs left by your instructors on this site’s log. SafeAssign does nothing to hinder me from reading your work. It’s all open for the world to view. The SafeAssign FAQ states, “Blackboard does not claim any ownership rights on the content submitted to SafeAssign.” So, why do they redistribute it to the world?

A student at the University of Illinois at Chicago’s College of Nursing wrote an outstanding community health assessment of a Chicago neighborhood. I got to read her work in its entirety because SafeAssign has assigned a 7% chance that she lifted the following text from an EF post on China:

Healthy People 2010. (2007). Adults with Congestive Heart Failure as Principal Diagnosis, 1997. National Hospital Discharge Survey (NHDS), Retrieved November 1, 2007, from http://www.healthyPeople.gov/Document/HTML/Volume1/12Heart.htm.

Hozawa, A., Folsom, A., Sharrett A., Chambless L. (2007). Absolute and attributable risks of cardiovascular disease incidence in relation to optimal and borderline risk factors: comparison of African American with White subjects- Atherosclerosis Risk in Communities Study [Electronic Version]. Archives Of Internal Medicine , 167(6), 537-539.

Sharma, S., O’Keefe, SJ. (2007). Environmental influences on the high mortality from colorectal cancer in African Americans[ Electronic Version]. Postgraduate Medical Journal, 83(983), 583-589.

Why SafeAssign thinks there’s a 7% chance she plagiarized that from EF baffles me.

The student gets an A from EF for her outstanding work. SafeAssign gets an F for failing to protect students’ best interests through a shoddy, insecure product.