Teacher Tech Tips Update
This talk is an updated version of a similar talk I gave in 2017. It combines that talk with another presentation I’ve given to my high school classes on Internet Security and Safety, as well as introduces possible app options to learn during this Teacher Training course.
There are THREE main topics to discuss in this presentation:
Part ONE: Computer Security
The first section of this presentation will focus on THREE aspects of Security both on and offline:
Phishing
What is Phishing?
Phishing is a type of social engineering where an attacker sends a fraudulent (“spoofed”) message designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim’s infrastructure like ransomware.
– Wikipedia
In other words: Phishing is a false email or message you receive that purposefully attempts to get you to compromise your security in some way.
Questions to Consider:
- Do you know someone who has been scammed? What happened?
- What is the purpose of a scam? What are some tricks people use?
- What kinds of personal information might someone try to get? How do they get it?
Commonalities in Phishing Messages:
- They want you to verify your account information (online)
- Because they alert you that “your account is in trouble!”
- And there’s a sense of urgency
- You can find English spelling or grammar errors (very common)
- There’s often a link provided (which can be disguised)
- Or some kind of attachment (also disguised, potentially hiding a virus)
- Or the message sounds too good to be true (“You’ve won $1 million!”)
- And often there is a generic greeting (“Dear Sir / Madam”)
The PPT gives THREE examples of phishing emails. Can you notice what is “off” about each one? What clues give away their phishing intention?
Hacking
What is Hacking?
Hacking refers to activities that seek to compromise (by breaching defenses, or exploiting weaknesses in) digital devices, such as computers, smartphones, tablets, and even entire networks.
– MalwareBytes
Can you read the following message? It’s written in Leet:
K33P C4LM 4ND 5P34K L337
In English, it reads: “Keep Calm and Speak Leet.”
Leet is basically a kind of modified spelling of English words that replaces some characters with numbers or symbols that look similar to the English letters they are replacing.
It’s also a GREAT way to stay safe on the Internet. By using a password or passphrase that includes symbols or numbers in place of similar-looking letters, you can create a password that is relatively easy to remember but hard to hack.
Password Tips
- NO
- Dictionary words or very common words (nor combinations of 2 or 3)
- Not short – shorter = weaker and easier to hack
- Not easy to guess information like your birthday, or your mother’s name, or any information that can be easily found on your Facebook profile
- YES
- $ymbol$, L337$p3@k (Leetspeak), etc
- Longer = stronger
- Sometimes patterns are helpful – for example, on social media, create a passphrase that reminds you of your purpose on each platform:
onFacebookIpostpics4family
- A passphrase is much stronger than a password
- For example:
mymothertoldmetoalwaysbecareful
even though it doesn’t use any special characters, numbers, nor Capitals, is MUCH stronger than5@f3tY!1st
(safety!1st) and much easier to remember
- For example:
Stay Safe
- Check how strong your password is on: howsecureismypassword.net
- You can also check if your email address has been leaked in a data breach (hack) at: haveibeenpwned.com
Passphrases beat Passwords
The image below is a cartoon from XKCD.com that illustrates why passphrases almost always beat passwords:
Passphrases change lives
Want to read a great story about how a password changed someone’s life?
Single Sign-on vs. Traditional Login
Now, while we’re on the subject of passwords, let’s also talk about the difference between Single Sign-on methods (logging in with Facebook or Google, etc) and the traditional email/password login method.
These ARE NOT the same, so please don’t be confused.
In a basic sense:
- Single Sign-on
- Facebook or Google, etc manages your private data, user profile information, and so on
- When you click the SSO button, you sign in to THAT site
- Then THAT site provides THIS site with a special TOKEN proving you are you
- Then you get access to THIS site
- Traditional Login
- THIS site records your email and password and stores it in its own database
- THIS site manages your user profile information
- When you click the login button, THIS site checks your email / password combination against its database to verify your identity
- If your email / password combination is correct, you get access to THIS site
In sum:
- Single Sign-on is managed by Facebook, Google etc, and retains NO email / password information for you in THIS site – you are logged in with a TOKEN
- Traditional Login is managed entirely by THIS site, and THIS site retains your email / password data, which is used to log you in. There is NO connection to Facebook, Google, etc using the Traditional Login – it only remembers your email (but is NOT connected to it)
Pros & Cons
Personally, I prefer SSO logins to Traditional logins for a number of reasons:
- It’s easy and streamlined
- I don’t have to create ANOTHER account and remember ANOTHER password
- It already links to my verified profiles on social media
- With updated accurate info and profile pictures
- I can link other accounts to the service or site as well
- There are less failed logins
- Less abandonment of the site
- And greater user adoption
There are a few disadvantages we can talk about as well though:
- Security issues
- If the major website is compromised (hacked), then your information that’s stored on it will also be compromised (but Facebook / Google are huge and have enormous resources – more than THIS site – to combat that)
- Also, it can promote bad password practices like reusing the same password everywhere for convenience
- Privacy
- Additionally, by logging in to Facebook / Google on THIS site, you will be allowing these services to track your behavior and display targeted ads here
- Also, your social data is essentially completely “open” and accessible to THIS site once you login
But personally, I still find SSO to be far more convenient, and I can deal with the disadvantages it provides.
But remember:
- If you JOIN the site with SSO
- You ALWAYS have to login with SSO
- You can’t use your email / password in the login fields
Social Engineering
What is Social Engineering?
In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information.
– Wikipedia
One of the best movies that highlights social engineering is Catch Me If You Can (Amazon affiliate) with Leonardo DiCaprio and Tom Hanks:
The most basic principle to always keep in mind when it comes to Internet, computer, or even building security is:
YOU are always the weakest link
Let’s take a look at some of the most common social engineering methods and tactics below. Click the links for more information:
- Methods
- Pretexting
- Diversion theft
- Phishing
- Baiting
- Whaling
- Quid pro quo
- Tailgating
- Tactics
- Target & attack
- Phone calling
- Dumpster diving
- Online messaging
- Persuasion
- Familiarity exploit
- Creating a hostile situation
- Gathering & using information
- Getting a job there
- Reading body language
Stay Safe
Protect yourself from social engineering by keeping the following principles in mind:
- Be skeptical (trust no one)
- Don’t open suspicious (unexpected) emails (or messages)
- Mark suspicious messages as “Spam” or “Junk” (this helps everyone)
- Don’t click links in messages (hover over them to double-check the destination, or copy-paste the link in your browser window as links can be disguised)
- Check URLs (look for HTTPS (“s” for “secure”) and make sure the URL is real)
- Don’t enter your personal information, particularly NOT passwords or credit card information into websites you’ve linked to from outside sources
- When in doubt, call customer service to verify the email or message
- Create strong passwords (passphrases)
- Always remember to install security patches and updates (which fix vulnerabilities that have been exploited)
Part TWO: Professional Productivity
This portion of the presentation was originally given as part of a training seminar at Global Prodigy Academy international high school in Jeonju. Please view the following link for that presentation in its entirety:
The majority of that presentation remains the same in this updated version with the exception of Multiple User Profiles, in both Chrome and Windows, which we’ll look at in more depth after the Useful Computer Tricks section.
Useful Computer Tricks
The following are some of THE very best computer tricks for teachers I’ve picked up over the years (and use on a nearly daily basis):
- Browser Tricks
CTRL + SHIFT + N
= Chrome’s Incognito mode (doesn’t save passwords, browsing history, etc)CTRL + SHIFT + T
= Re-open the most recently closed tab- In Gmail, with keyboard shortcuts enabled:
C
= compose new message - Also in Gmail, type
SHIFT + ?
to view a pop-up of ALL of Gmail’s keyboard shortcuts - And in Google Docs, a quick way to
Strikethroughanything you don’t want is to highlight it and pressALT + SHIFT + 5
- We’ll talk about Multiple Chrome users in the next section
- Windows Shortcuts
CTRL + ALT + DELETE
= Slow, additional step to Task ManagerCTRL + SHIFT + ESC
= FAST, direct Task Manager accessWin + ←
orWin + →
= Move current window to half screenWin + L
= Instant logoutWin + P
= Change Presentation (projector) modePrtSc
= screenshot & screen drawing (with the Lightshot app installed)
- Text Editing
CTRL + V
= pastes text into a Document- But
CTRL + SHIFT + V
removes styling from the text you copy-paste CTRL + K
= create hyperlink from selected textCTRL + Z
= undo- But
CTRL + SHIFT + Z
= redo
Multiple Users
For me, discovering that it was possible to create multiple Users in Chrome and Windows has been a real game changer.
I used to need to login to multiple different email accounts constantly throughout the day in order to get some work done. And after a time, some accounts would be automatically logged out. And I’d often loose track of what I was working on, or which tabs I needed open for different tasks.
But with multiple Chrome users, I’m able to separate the tabs and emails I’m using for different accounts quite easily, and keep them separate. I open a different User account whenever I need to switch tasks.
The same is true for multiple Windows users. By creating multiple users in Windows, I’m able to keep my files and programs separate from everyone else in my family who also uses the same computer.
In this way, whether in Chrome or Windows, each user profile, and all their content and settings, can be customized to the particular user who needs it.
Acceptable Use Policies
What is an Acceptable Use Policy?
An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet. Many businesses and educational facilities require that employees or students sign an acceptable use policy before being granted a network ID.
– WhatIs.com
This is something that came up a few times at the high school I was working at. In principle, the high school owns the email accounts and all the computers that students and faculty use while at school. So, any inappropriate use can be disciplined by the school.
Examples of inappropriate use:
- Student: bullying classmates via the school email, looking at inappropriate things on the school computers, harassing or attempting to blackmail teachers with the school email
- Teacher: job hunting with the school email, looking at (or showing) inappropriate things on the school computers, etc
General Guidelines:
I think it is always a good idea to remember WHICH email account you are using when you send messages, and WHO OWNS the email or the devices you are using. Here are some general AUP guidelines to help you stay safe:
- Keep things professional (at all times)
- Your school / company owns your school email, office device, etc
- Scheduling / socializing with students outside school hours (including instant messaging) needs to be handled with caution, and is not recommended
- Keeping door codes & computer passwords secure is important (beware of writing down passwords near your computer, or students looking over your shoulder as you type the password or enter the door code)
- A zero-tolerance policy for bullying and harassment might be advisable
Part THREE: Technology Learning options
In this Teacher Training course – which runs for 18 weeks – we will study many of the following apps. I’m presenting this list to you here for future reference and also to see which you may have heard about and which you may be interested in learning more about.
Anything with a red asterisk * is what we will definitely study. After Row One (Google tools), apps are presented in alphabetical order.
- Row ONE
- * Google Classroom (Publish class content, collect & grade assignments)
- * Google Docs (Collaborate on assignments, create books / journals)
- * Google Sheets (Create schedules, calendars, lists, graphs, charts, grade books, etc)
- * Google Slides (Create PPTs, PDF books, journals, posters, edit images)
- * Google Drawings (Create images, graphics, charts, logos)
- * Google Forms (Create surveys, quizzes, analyze student data)
- * Google Sites (Publish digital portfolios, keep students & parents up to date)
- * YouTube (Create, edit, & subtitle videos – good for learning reflection)
- Row TWO
- * Audacity (Create audio files, listening tests, etc for FREE)
- Blogger (Let students show what they know, reflect, journal project progress, etc)
- Book Creator (Web & iOS, create books, portfolios, audio files, etc)
- Book Widgets (Create interactive exercises & auto graded tests)
- * Canva (Create online graphics, books, presentations – a Korean-version is known as Miricanvas, but Canva includes design tutorials)
- Code.org (Create programs, games, and animations with Blockly, an easy-to-learn coding tool)
- Explain Everything (Whiteboard app that lets you draw, create content, record and narrate everything on your screen)
- Flipgrid (A video-response platform where students record responses to published videos of their classmates)
- Row THREE
- Formative (Formative assessment tool that lets students respond by writing on their screens)
- * Kahoot (Create competitive quizzes that can be done in class)
- Metaverse (Augmented Reality magic for teachers and students)
- * OBS (Open Broadcaster Studio allows you to record whole classes on your computer, including using a webcam and PPT, for FREE)
- Padlet (Collaborate and share work or assignments with anyone in the class)
- * Plickers (No-device-required interactive quizzes)
- * Quizizz (Interactive quizzes like Kahoot with more quiz options)
- Quizlet (A flashcard and spaced repetition quiz app)
- Row FOUR
- ReCap App (Students verbalize their thoughts and reflect on their learning with video and audio creation tools)
- Screencastify (Record what happens on your screen with this Chrome extension)
- Seesaw (A comprehensive digital portfolio app and website)
- Socrative (A popular formative assessment tool that helps teachers gather student info from closed- and open-ended questions)
- Soundtrap (A collaborative digital audio workstation for students to make audio files)
- WeVideo (A web-based video creation platform)
- Talk and Comment (Another Chrome extension that lets students leave voice notes in any web page)
- * Zoom (The definitive video-conferencing app)
Thanks!
I hope this presentation was helpful for introducing this class. I look forward to learning a lot together with you this semester!