US School Curriculum to Include Online Safety?

Stony Stevenson writes to mention that the US National Cyber Security Alliance (NCSA) is pushing for school's to include cyber-security, online safety, and ethics lessons in their normal curriculum. "The National School Boards Association reported that 96 per cent of school districts claim that at least some of their teachers assign homework requiring internet use. But there is still no formal education on how to stay safe, secure and ethical online, despite the fact that the internet, like the real world, has threats and dangers which students may come across in the normal course of a day. These include communications from identity thieves, online predators and cyber-bullies."

Comment removed

[account_deleted]

Comment removed based on user account deletion

"School's"?

[nlitement]

Who dares to let through such idiotic abuse's [sic] of the apostrophe?!

Good idea

[eln]

I think this is a good idea, although I would suggest making the teachers and administrators attend the class too. In most schools I've seen, most of the students know more about this stuff than the teachers do, and the teachers are a whole lot more resistant to learning about it, as they lump it in with "all that computer stuff" that they've convinced themselves they're incapable of learning.

Re:Good idea

[Billosaur]

I think an even better idea is to raise technology to an actual curriculum area, like English, Math, etc. Right now, too many schools are using teachers in other subjects who have even a little computer knowledge as computer teachers. Instead, given the prevalence of the Internet and its underlying technology, the importance of teaching kids to use the Internet properly and to give them some insight into its inner workings would seem to be a necessity in this century and beyond.

Re:Good idea

[RealAlaskan]

... raise technology to an actual curriculum area, like English, Math, etc.

English hasn't changed dramatically in the last 100 years. We can still read Shakespeare's stuff, which are around 400 years old.

The basics of math hasn't changed dramatically in 2,000+ years. Sure, computation got a bit easier after the decimal system became wide-spread about 1,000 years ago, but that's not a change in the fundamentals.

20 year old technology is obsolete. I know: let's teach that in schools!

I don't think it makes sense to teach kids things that will be quaint and better forgotten before middle age. Language and math are great choices for an ``actual curriculum area.'' Evanescent trivia isn't.

It might be worthwhile to offer kids some high school credit for getting their teachers up to speed with that stuff, but it should be elective credit, on a par with credit for changing diapers at the nursing home.

Re:Good idea

[FiloEleven]

I disagree. First of all, 'technology' is too broad a term for what you're describing, which is really nothing more than computer literacy. Technology encompasses pretty much every scientific and engineering advancement made since, well, ever. The fork is a product of technology, as is the Spinning Jenny, and the tennis ball, and double-pane windows, and...

I believe that computer literacy is important, and I agree that competent teachers should be hired to teach the subject, but giving it the same importance as language, history, or mathematics is overkill and IMO detrimental. Any knowledge gained in the realm of computer use is sure to be outdated within the next decade because computers are still in their infancy. If a whole curriculum were to be put into place, we would end up with the equivalent of giving students science books from the '70s because the field moves faster than the administrative engines of our schools. Sure, you can still learn important things, but you're going to miss out on stuff that's happened in the intervening years.

I think that in the coming years two things will happen. First, kids will be computer literate simply by being immersed in their use - we are seeing this to an extent today. Second, computers will become easier to use as we continue to make design and interface improvements. They'll never be transparent to the general populace in much the same way that cars aren't today: their use is accepted and widespread, but when they break or when something new is desired a specialist (or hobbyist) must be consulted.

A high-school curriculum built around deeper concepts of computing, like an advanced automotive curriculum, would be hard and useless to 90% of the students forced to follow it. A class or two on computer safety, on the other hand, would be much like the Highway Safety courses offered by many high schools today: relatively lightweight, but enough information to improve the web for everyone through decreasing the spread of malware, viruses, etc.

How about...

[Billosaur]

...they push teachers to teach children basic skills like reading, writing, mathematics, public speaking, and give them a thorough knowledge of world and American history, logic, and problem solving. I suspect if you teach children how to function properly in society by giving them the necessary tools, then they won't wind up falling into these traps and will be able to make more informed decisions. Just my opinion.

Almost a good idea

[Kranfer]

While I do understand the need for teaching our nation's children about safety, I am wondering if this should fall upon the parents to educate their children about what is on the internet and to keep their children away from sites that can be harmful. I do not think I would want my tax dollars to be spent to teach little johnny or susan about how bad people are on the internet... teaching them the proper way to do research is one thing, but security and safety is another that I don't think the education system should be involved in per se... maybe a little but not a whole hell of a lot.

"School Bus", "Sidewalk", or "Cafeteria" safety?

[forsetti]

Wow -- my kids also come into contact with School Buses, Sidewalks, and Cafeterias during the normal course of school. They better start teach safety courses for those too!!!!

Re:yea right

[UnderDark]

Case in point:

When I was in high school (AP Computer Science), the teacher (who knew what she was doing) would take days off and be replaced by a substitute. The only problem was that my high school classified computer programming as a math, which isn't that far off; but the substitutes would always come in and be shocked that there were computers. She would say that she was told this was a math course, and that she didn't know the first thing about programming.

This happened about once a month.

"and ethical"

[Speare]

The proposal says "and ethical" which I take to mean indoctrinating a willingness to prop up ancient and unfair art-patron business models rather than nourish a new generation of self-referential art and culture.

Re:"and ethical"

[pla]

The proposal says "and ethical" which I take to mean indoctrinating a willingness to prop up ancient and unfair art-patron business models

Schools exist for two purposes only (and the second only as a side-effect out of necessity to support the first): Indoctrination as good little corporate slaves, and socialized babysitting.

When we used to ask our math teachers "when will I ever use this", the could accurately have answered "Your future masters keep complaining that you little bastards can't make change or accurately count inventory. So stop trying to think for yourself, suck it up, and do what we say."



"Sally gives you a $10 bill to pay for 20 oranges at $1.85/lb, with four oranges to the pound. The register says to give her 75 cents change - How many quarters should you give Sally?"

Re:yea right

[Rob+T+Firefly]

Generally speaking, American schools haven't managed to do much about good old-fashioned regular bullying for generations. Now they're supposed to solve cyber-bullying as well?

Prudence

[morkfard]

Teaching students about online security should be done at a very fundamental level. Unless the student is very interested in that topic, a basic understanding is all that is necessary to prevent malicious attacks. Take a cue from the workplace, and provide an security workshop or online training sessions for the student to take when he or she starts each school year. It is not necessary to mandate coursework in this area; this would take valuable time away from more crucial learning, such as math, science, English, etc. Better IT policies should be implemented and enforced by school boards. Use of Internet security and privacy protection software should be in place, if it is not already.

If ppl had common sense already, why teach them?

[Spy+der+Mann]

How about common sense instead? How about thinking with your head instead?

We already know that people lack common sense (and what happens to them), but the only way to give common sense to dumb people is through EDUCATION. If people had common sense about online safety, would there be a NEED to educate them in the first place?

You can't fight an enemy you don't know. Someone said that any technology sophisticated enough is virtually indistinguishable from magic. So people need to know how computer security works (and how it DOESN'T work).

here's an example of what can happen to you if you don't know how security works (taken from bash.org - please DON'T mod funny) :

#117002
<YuFFie> SO U HACKING ME THEN HUH
<YuFFie> WElL I GOT NEWS FOR U MISTER I GOT MORE FIREWALL POWERS NOW SO IM SECURE AND IM USING WINDOWS 98 SO IM REALLY SECURE FROM HACKERS LIKE YOU SO YOU BETTA JUST GIVE UP CUZ U GOT NO HOPE MISTER.
* YuFFie (~mirc@3B942731.dsl.stlsmo.swbell.net) Quit (Quit: Owned.)
* YuFFie (~mirc@3B942731.dsl.stlsmo.swbell.net) has joined #
<YuFFie> HELP MY MOUSE IS MOVING BY IT SELF

What's the lesson here? The victim thought that a firewall was enough to protect him from hackers, when the real problem was a vulnerability in his mirc software (most probably a buffer overflow vulnerability), where communications were not protected by any firewall.

Did the victim have common sense? Probably. Did he lack important information? YES! Had he known about buffer overflow vulnerabilities, he wouldn't have dared the hacker to hack into his computer. We know how human nature can be - the victim was overconfident in his computer's security.

In the same way, people need to learn about social engineering, how spam and phishing fools you, how e-mail From: headers can be faked, how files extensions can be faked in Windows (.gif.exe anyone?), and all that stuff that may look like common sense to you, but might be not so obvious to others.

The govt has educated people about sex (i.e. to bash the common myth that the first time you do it there's no pregnancy), why would online safety be any different, as the internet becomes more important for people's lives each day?

Engage brain, not groupthink

[cbhacking]

The tendency of the Slashdot community to automatically ensure anything containing the words "children" and "safety" is a "but won't somebody think of the children?" situation is starting to piss me off. While there ARE risks involved (a friend of a friend lost her virginity at 16 to a 42-year-old man who has a record of such things... but he seemed only a few years older than she was on MySpace), the real problem is that people are operating complicated and expensive technology with little to no idea of how to do so properly. In my more despairing moments I figure that computers need to have some sort of certification/authentication system where anybody who hasn't passed a certification test is unable to gain admin/root permissions on an Internet-connected machine. (Yes, I realize this wouldn't work, and would have many problems even if it was feasible to implement. The point remains though; those who are not educated about safe computer usage cause all kinds of trouble for everybody else.) The problem is, people have a distict tendency to treat computers in one or more of a few extremely stupid ways:
"The computer (or occasionally the program) is smarter than I am about this, shouldn't it have realized the file was dangerous?" Computers aren't smart, they are just machines that do what they are made to do: run programs.
"Somebody sent me a dangerous file? Don't be silly, why would anybody bother to do that?" Malware is big business these days, and they need huge botnets to effective flood spam and such. Every computer they can infect is worth something, and that's leaving aside those who do it just to see if they can. They aren't really sending it to you in particular anyhow; they're sending it to everybody on a list of people who sent somebody an online greeting card or some such crock.
"I have Norton Antivirus (or other security program) installed, so I'm safe." Nope. Security software at best only protects against established and known issues, and often fails even at that. New malware, outdated definitions, poorly implemented or configured scanning engine... people need to know that antivirus programs aren't shields of invulnerability.
"It doesn't matter if my computer gets some adware, it's not a real problem." Even pure adware (no spying, redirecting or URLs, changing files, sending emails, or anything like that) slows your computer down and wastes a considerable amount of your time. Other forms of malware are typically much worse; they will send spam emails, try and take over other people's computers, be used to attack remote networks (denial of service) or possibly to flood your own network (many worms do this, intentionally or otherwise), watch everything you do and tell somebody every password/credit card number/email message/document you enter or read, and/or possibly even use your computer as storage for illegal software, kiddie porn, or similar things you don't want on your machine.
"I downloaded this from a website that said it was safe, so it shouldn't cause any problems." People can put any damn thing they want on their website, and there's no guarantee it's true. At the very least get a third-party opinion. In fact, extend this policy to any unverified claim on a web site; there is a lot of false info out there. Don't believe it just because somebody typed it out and put it online!

Consider random things like the infamous ILoveYou worm, which caused all kinds of trouble... all because users were too damn stupid to know better than to open such attachments. It wasn't hard to figure out, even if you had known file extensions hidden, that it was NOT a greeting card (IIRC, it was originally intended as a Valentine's Day thing, which - given that by the first time I read about it in the news, summer vacation had already started - should give one an idea of how long it took people to wise up to it).

While I am in no way confident it will be implemented correctly, I think this idea in general is a very good one. The types of things taught in computer classes in our public schools w