Archive

Posts Tagged ‘moodle security’

Moodle Security Myth Continues

May 16th, 2012 No comments

Three years of egg on their face and the disciples over in moodle-land are still pushing the big Moodle security lie. Maybe they need to refresh their memories.

Good thing Blackboard bought Moodle…at least there is one secure LMS in the company to choose from and it isnt Moodle :-)

Moodle Security = Oxymoron

 

Categories: Moodle Tags: , ,

Research Report: “Investigation on Security in LMS Moodle”

January 16th, 2012 2 comments

The research report attached to this post was published in the “International Journal of Information Technology and Knowledge Management, January-June 2011, Volume 4, No. 1, pp. 233-238“. It covers some major security flaws in Moodle that will not surprise anyone who has been following Moodle security issues for the past few years. I no longer need to use Moodle, but for those of you who do rely on it, don’t be fooled…just because I’m no longer dedicating time and effort to publically demonstrate major security flaws in the Moodle code and design, don’t take that as a sign that those problems no longer exist! I know of at least two major security holes in the latest version of Moodle and one of them is just as bad as this one I publicized not long ago…and like that vulnerability, it has been discussed in the Moodle forums for months and has received no attention by the devs. If that security issue is not addressed in the next few months, then I may do another “open demonstration” for the public…that seems to be the only way to force action by the Moodle lead dev.

A Moodle Reality Check — only one of many

December 18th, 2011 No comments

I am a senior this year and getting to know a new program just to check my grades and post papers is ridiculous. Blackboard had become a friend to me; I knew everything about it and how to get to where I needed to be. Moodle is a stranger, one that I care not to know. You may say I am one of those people who does not like change, which is wrong: I love change, just not when it deals with my school work.

University of Mary Washington Selects Canvas Over Moodle

October 10th, 2011 3 comments

This is  becoming an everyday thing now. I’m not sure I’ll be able to keep up with all the colleges, universities, and K12 systems that have decided to dump Moodle and move into the 21st century with their LMS, but whether I post about it or not, the move is happening.

Hawaii Department of Education Drops Moodle for Blackboard

September 29th, 2011 No comments

Hawaii Department of Education Selects Blackboard Learn 9.1 to Replace Open Source LMS.

The Hawaii Department of Education’s Extended Learning Opportunities and Student Support section has chosen Blackboard Learn™ 9.1 to replace an open source learning management system (LMS) Blackboard Inc. (Nasdaq: BBBB) announced today. The platform provides online courses for over 1,200 students through the Hawaii Virtual Learning Network-ESchool (HVLN-ESchool) and over 500 teachers annually through the HVLN-Project Inspire program.

Blackboard’s stock up 30% — Moodle has seen its better days!

April 20th, 2011 5 comments

The news that someone has offered to buy Blackboard is causing quite a bit of chatter in LMS circles today…not to mention a big boost to some who may own stock. My advice…sell now before the hype wears off :-) Of course, I never was good at reading the stock market–I guess if the phantom buyer turns out to be a big player–think Google, Microsoft, or even a huge textbook publisher, then holding onto that stock may prove to be a very good idea. I love it that the CNBC article mentioned Instructure as one of the most interesting competitors and completely ignores Moodle…maybe they’ve been talking to those who have upgraded to Moodle 2.0 ;-) However, just so Moodle Disciples out there don’t feel completely left out, I think the announcement by Instructure last week that it has raised $8 million in capital and is in this for the long haul, did contain several references to Moodle, without mentioning it by name.

“Moodle 2.0 Not Production Ready” — Conclusion of 14 Independent Colleges

February 26th, 2011 7 comments

After over three years of development and nearly four months after the Moodle lead dev declared Moodle 2.0 Stable, 14 independent colleges have concluded that Moodle 2.0 is “Not production ready”…in fact, it’s far from being suitable for any real production environment.

Moodle2-Status-Report

Mo’s Logic — Always good for a laugh :-)

February 9th, 2011 1 comment

A couple days ago, I reported about the hair-brained idea of ending support for the latest stable version of moodle — moodle 1.9.x — in December of this year. Seems that resulted in a lot of backlash for Moodle HQ. So today, Mo announced support would continue through June 2012 and in the same announcement, stated the following:

I hope this assuages any fears anyone had (possibly having the misleading “End of Life” in the title of this thread wasn’t helping much!)

Source: http://moodle.org/mod/forum/discuss.php?d=168021#p738502

New Moodle Leadership: Larry, Mo, and Curly leading moodle into the future ;-)

February 7th, 2011 2 comments

It’s official…Larry, Mo, and Curly leading Moodle into the future ;-)

The official advice being given for months on moodle.org has been, if you are planning on upgrading to Moodle 2.0–don’t! Anyone who has been following the moodle 2 saga, knows that’s good advice. Now, the moodle lead dev (aka Mo) chimes in and announces that support for moodle 1.9.x will cease less than a year from now, in Dec 2011.  So, let’s see where that puts you:

  1. You are responsible for your institutions moodle install.

Moodle at North Carolina State University: Report of Two Instructors’ Experiences

February 6th, 2011 11 comments

WARNING: This report is (NSFMD), Not Safe for Moodle Disciples. Read at your own risk! ;-)

http://www4.ncsu.edu/~n51ls801/MoodleTwoNCSUCoursesFall2010Web.pdf

This is a “must read” report for anyone in a decision making position considering adopting Moodle as an institutional Learning Management System (LMS).

The very first line in the Introduction section of the 61 page report should serve to alert any reader that this is not your typical “I’m a blind Moodle lover and can’t see the flaws” type report that is prevalent on moodle.org.

Our experience with using Moodle as a Learning Management System contrasts sharply with the faculty experiences described in Vista to Moodle: Everybody’s Doing It2

Quotable Tweets: “More bad code from moodle”

January 31st, 2011 No comments

More bad code from #moodle: "echo $spacer;". Guess what that outputs!
@gatekiller
Stephen Hill

Part I: Why Moodle is Dangerous — Years of Moodle Porn Doesn’t Go Away Easily

January 2nd, 2011 4 comments

One of the biggest PR nightmares for Moodle in recent years was the revelation about 3 years ago that 10s of thousands of Moodle sites all over the world had been hacked and infested with vial porn advertisements.

A little background…

I initially discovered this problem when doing routine maintenance on my own Moodle sites back in late 2007 and reported a fix on moodle.org. Unfortunately, the moodle devs, including the lead dev, ignored the problem choosing to blame users and local admins for not properly securing their moodle sites.

WordPress 3.0.3 Released — Moodle, Are You Paying Attention?

December 12th, 2010 1 comment

WordPress 3.0.3 is available and is a security update for all previous WordPress versions.

This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts. These issues only affect sites that have remote publishing enabled.

The WordPress security release process is a model that should be a standard for any open source project that really takes security seriously. The last two security upgrades were released within as many weeks. When WordPress devs become aware of a security problem, the release is usually out the same day and everyone is notified through several public outlets, not the least, with a notice in the admin area of every WordPress blog in use.

Categories: Moodle Tags: , ,

Moodle 2.0 Released…but where’s the “2.0” part?

November 25th, 2010 6 comments

The wait is finally over for everyone holding their breath in anticipation of the release of Moodle 2.0…its was officially released as stable today. Moodle 2.0 has been hyped-up and billed as the release to revolutionize the LMS. To paraphrase a famous line from Napoleon Dynamite, for the past 3+ years, disciples over in Moodle-Land have been chanting the phrase “Wait for Moodle 2.0 and your wildest dreams will come true.”

Well, it’s here and my first thought is — where’s the 2.0 part?

I see a clunky, significantly slower system, with a much more complex and confusing navigation structure and a far less user-friendly teacher management/admin interface.

Moodle Security Notice — An Irresponsbile Process!

October 26th, 2010 2 comments

Moodle released the following security vulnerability notice today following the irresponsible notification process they have used for years now that puts your moodle site at risk. Moodle.org touts the fact that they have over 1 million registered users however, this notice didn’t go out to them. Surely the devs are smart enough to at least send an email to the million email addresses they have in their moodle.org database?

Categories: Moodle, WP General Tags: ,

Moodle.org Upgrading to Moodle 2.0

October 3rd, 2010 5 comments

Over three years in the making and finally, moodle.org is in the process of upgrading to Moodle 2.0 — The version that promises to revolutionize  the LMS industry and solve all the many moodle problems once and for all. I’m sitting on the edge of my seat just waiting for a glance of what the site will look like. I can’t wait to try out all the cutting-edge features. I’m so excited, I made a video…

Categories: Moodle Tags: , ,

Moodle 2.0 — Vaporware??

September 6th, 2010 3 comments

I haven’t been reading the threads over in Moodleland for a couple of months now, so I decided to check in today and see what I had missed. In a word…nothing! Same old disciples spewing the same old propaganda. I noticed the “hot topic” is still, when will Moodle 2.0 be released…calling that a broken record is a huge understatement. It seems the 3+ year development is still at least 6 months away from a true beta…that should be directly after Moodle 2.0 Preview 36 :-)

Question: What do all of the following phrases have in common?

Categories: Moodle Tags: , ,

Another “Interesting” Moodle Site Hacked

June 12th, 2010 No comments

I noticed a post in the moodle.org forums today that grabbed my attention for a few reasons:

  1. It is reporting yet another Moodle site being hacked…that’s about a bazillion and counting now ;-)
  2. It’s not just any Moodle site…it’s actually a site set-up specifically for a Moodle Moot (a type of Moodle conference that typically attracts a hand full of Moodle evangelist)
  3. It was hacked the same day the Moot was scheduled to take place — Ouch!

Here is an excerpt from the person making the post…

Categories: Moodle Tags:

BP Moodle Site Hacked

June 10th, 2010 1 comment

As if BP didn’t have enough trouble to deal with at the moment, it seems they were running a Moodle LMS site that was hacked and private data (or data that was supposed to be private) was compromised. While this is pretty amusing and I’m sure it’s not on the top of anyone’s list at BP, it does point out one thing any organization running Moodle should be aware of…if someone really wants to hack your Moodle site, it’s typically not a difficult thing to do.

Categories: Moodle Tags:

Moodle 2.0 wherefore art thou?

May 3rd, 2010 2 comments

Moodle 2.0…the Godsend to LMS users worldwide…under development for over 2 years now…

Someone emailed me today asking: O 2.0, O 2.0 wherefore art thou 2.0?

He/she may have even posted here: http://moodle.org/mod/forum/discuss.php?d=145632

Actually, that is a very good question, but one that doesn’t really concern me. The person who emailed me (why he/she emailed me is a mystery) stated that Martin (you know, king of the disciples), stated at the recent UK moot that he has decreed Moodle 2.0 Stable will be out in July so all in the Northern Hemisphere will be able to upgrade before school starts in the fall.