Google discloses its acquisition of mobile learning app Socratic as it relaunches on iOS – gpgmail


Google publicly disclosed its acquisition of homework helper app Socratic in an announcement this week, detailing the added support for the company’s A.I. technology and its relaunch on iOS. The acquisition apparently flew under the radar — Google says it bought the app last year.

According to one founder’s LinkedIn update, that was in March 2018. Google hasn’t responded to requests for comment for more details about the deal, but we’ll update if that changes.

Socratic was founded in 2013 Chris Pedregal and Shreyans Bhansali with the goal of creating a community that made learning accessible to all students.

Initially, the app offered a Quora-like Q&A platform where students could ask questions which were answered by experts. By the time Socratic raised $6 million in Series A funding back in 2015, its community had grown to around 500,000 students. The company later evolved to focus less on connecting users and more on utility.

It included a feature to take a photo of a homework question in order to get instant explanations through the mobile app launched in 2015. This is similar to many other apps in the space, like Photomath, Mathway, DoYourMath, and others.

However, Socratic isn’t just a math helper — it can also tackle subjects like science, literature, social studies, and more.

In February 2018, Socratic announced it would remove the app’s social features. That June, the company said it was closing its Q&A website to user contributions. This decision was met with some backlash of disappointed users.

Socratic explained the app and website were different products, and it was strategically choosing to focus on the former.

“We, as anyone, are bound by the constraints of reality—you just can’t do everything—which means making decisions and tradeoffs where necessary. This one is particularly painful,” wrote Community Lead Becca McArthur at the time.

That strategy, apparently, was to make Socratic a Google A.I.-powered product. According to Google’s blog post penned by Bhansali — now the Engineering Manager at Socratic — the updated iOS app uses A.I. technology to help users.

The new version of the iOS app still allows you to snap a photo to get answers, or you can speak your question.

For example, if a student takes a photo from a classroom handout or asks a question like “what’s the difference between distance and displacement?,” Socratic will return a top match, followed by explainers, a Q&A section, and even related YouTube videos and web links. It’s almost like a custom search engine just for your homework questions.

Google also says it has built and trained algorithms that can analyze the student’s question then identify the underlying concepts in order to point users to these resources. For students who need even more help, the app can break down the concepts into smaller, easy-to-understand lessons.

googleai v2

In addition, the app includes subject guides on over 1,000 higher education and high school topics, developed with help from educators. The study guides can help students prepare for tests or just better learn a particular concept.

explorer 56kHA30

“In building educational resources for teachers and students, we’ve spent a lot of time talking to them about challenges they face and how we can help,” writes Bhansali. “We’ve heard that students often get ‘stuck’ while studying. When they have questions in the classroom, a teacher can quickly clarify—but it’s frustrating for students who spend hours trying to find answers while studying on their own,” he says.

This is where Socratic will help.

That said, the acquisition could help Google in other ways, too. In addition to its primary focus as a homework helper, the acquisition could aid Google Assistant technology across platforms, as the virtual assistant could learn to answer more complex questions that Google’s Knowledge Graph didn’t already include.

The relaunched, A.I.-powered version of Socratic by Google arrived on Thursday on iOS, where it also discloses through the app update text the app is now owned by Google.

The Android version of the app will launch this fall.

 


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

How safe are school records? Not very, says student security researcher – gpgmail


If you can’t trust your bank, government or your medical provider to protect your data, what makes you think students are any safer?

Turns out, according to one student security researcher, they’re not.

Eighteen-year-old Bill Demirkapi, a recent high school graduate in Boston, Massachusetts, spent much of his latter school years with an eye on his own student data. Through self-taught pen testing and bug hunting, Demirkapi found several vulnerabilities in a his school’s learning management system, Blackboard, and his school district’s student information system, known as Aspen and built by Follett, which centralizes student data, including performance, grades, and health records.

The former student reported the flaws and revealed his findings at the Def Con security conference on Friday.

“I’ve always been fascinated with the idea of hacking,” Demirkapi told gpgmail prior to his talk. “I started researching but I learned by doing,” he said.

Among one of the more damaging issues Demirkapi found in Follett’s student information system was an improper access control vulnerability, which if exploited could have allowed an attacker to read and write to the central Aspen database and obtain any student’s data.

Blackboard’s Community Engagement platform had several vulnerabilities, including an information disclosure bug. A debugging misconfiguration allowed him to discover two subdomains, which spat back the credentials for Apple app provisioning accounts for dozens of school districts, as well as the database credentials for most if not every Blackboard’s Community Engagement platform, said Demirkapi.

“School data or student data should be taken as seriously as health data. The next generation should be one of our number one priorities, who looks out for those who can’t defend themselves.”
Bill Demirkapi, security researcher

Another set of vulnerabilities could have allowed an authorized user — like a student — to carry out SQL injection attacks. Demirkapi said six databases could be tricked into disclosing data by injecting SQL commands, including grades, school attendance data, punishment history, library balances, and other sensitive and private data.

Some of the SQL injection flaws were blind attacks, meaning dumping the entire database would have been more difficult but not impossible.

In all, over 5,000 schools and over five million students and teachers were impacted by the SQL injection vulnerabilities alone, he said.

Demirkapi said he was mindful to not access any student records other than his own. But he warned that any low-skilled attacker could have done considerable damage by accessing and obtaining student records, not least thanks to the simplicity of the database’s password. He wouldn’t say what it was, only that it was “worse than ‘1234’.”

But finding the vulnerabilities was only one part of the challenge. Disclosing them to the companies turned out to be just as tricky.

Demirkapi admitted that his disclosure with Follett could have been better. He found that one of the bugs gave him improper access to create his own “group resource,” such as a snippet of text, which was viewable to every user on the system.

“What does an immature 11th grader do when you hand him a very, very, loud megaphone?” he said. “Yell into it.”

And that’s exactly what he did. He sent out a message to every user, displaying each user’s login cookies on their screen. “No worries, I didn’t steal them,” the alert read.

“The school wasn’t thrilled with it,” he said. “Fortunately, I got off with a two-day suspension.”

He conceded it wasn’t one of his smartest ideas. He wanted to show his proof-of-concept but was unable to contact Follett with details of the vulnerability. He later went through his school, which set up a meeting, and disclosed the bugs to the company.

Blackboard, however, ignored Demirkapi’s responses for several months, he said. He knows because after the first month of being ignored, he included an email tracker, allowing him to see how often the email was opened — which turned out to be several times in the first few hours after sending. And yet the company still did not respond to the researcher’s bug report.

Blackboard eventually fixed the vulnerabilities, but Demirkapi said he found that the companies “weren’t really prepared to handle vulnerability reports,” despite Blackboard ostensibly having a published vulnerability disclosure process.

“It surprised me how insecure student data is,” he said. “School data or student data should be taken as seriously as health data,” he said. “The next generation should be one of our number one priorities, who looks out for those who can’t defend themselves.”

He said if a teenager had discovered serious security flaws, it was likely that more advanced attackers could do far more damage.

Heather Phillips, a spokesperson for Blackboard, said the company appreciated Demirkapi’s disclosure.

“We have addressed several issues that were brought to our attention by Mr. Demirkapi and have no indication that these vulnerabilities were exploited or that any clients’ personal information was accessed by Mr. Demirkapi or any other unauthorized party,” the statement said. “One of the lessons learned from this particular exchange is that we could improve how we communicate with security researchers who bring these issues to our attention.”

Follet spokesperson Tom Kline said the company “developed and deployed a patch to address the web vulnerability” in July 2018.

The student researcher said he was not deterred by the issues he faced with disclosure.

“I’m 100% set already on doing computer security as a career,” he said. “Just because some vendors aren’t the best examples of good responsible disclosure or have a good security program doesn’t mean they’re representative of the entire security field.”


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something