Java-based Edtech Tools Pose Security Risk

I was just discussing free screencasting tools with some fellow Instructional Designers, and realizing how many of the most commonly-used apps like Screencast-O-Matic are based on Java technology. Java’s recent plague of security breaches has earned it the title of  the biggest vulnerability for US computers, and yet, I haven’t heard much discussion in edtech circles about replacing these. So let’s talk about it!

I don’t meant to create mass hysteria, but it’s definitely something that users of free education technology tools should be aware of – especially if your institution restricts your ability to update software on your machine, you may not be able to install the latest patches in response to Java’s frequent security threats. In other words, – it CAN be patched, but it often ISN’T patched quickly enough to protect users from malware. It’s bad enough that security experts are urging people to find alternatives to Java-based tools and uninstall Java from your system.

Edtech Love’s Not Supposed to Hurt

I realized that several of the most beloved edtech tools require us to have Java installed on our machines, including Open Office for office documents, edtech darling Minecraft, Blackboard Collaborate for webinars, Screencast-O-Matic for screencasting, Big Blue Button webinars, Screenr screencasting, and XMind mind-mapping. Included in this list are tools that many of us have integrated into our personal course design workflows, or even have integrated with our LMSes.

I’m surprised that people continue to use (and SELL!) big-expensive Java-based tools like Bb Collaborate without discussing the risks.

As many users (like me) make the decision to uninstall Java completely from their personal machines, it poses an issue of equitable access if you continue to deliver instruction using tools that put students at a security risk.

To the best extent possible, you should probably take a good hard look at the tools you have it within your power to change, and reach out to other stakeholders in your organization to see what can be done to protect your institution and students. Hopefully, your IT group has a plan for securing everyone’s computer from Java’s vulnerabilities, but it’s worth discussing with them to see what the best thinking is, and what you need to communicate to students.

Beyond Java-Based EdTech

Java’s days as a de facto part of every major operating system seem to be over. Mainstream operating systems have stopped including Java by default, offering it only as an optional add-on for folks who need it. – digitaltrends

Long term, it appears that we should get used to living in a world where Java is no longer installed on our machines by default, and should start to explore Java-free (decaf?) alternatives to our favorite edtech tools.

Specifically for screencasting, you may want to check out Screencastify, which works as a Chrome browser plugin and runs natively without Java. You may want to dump OpenOffice and explore markdown as a better way of formatting your documents and creating presentations. You may want to ditch the bloated teleconferencing tools your institution purchased for the LMS and explore Google Hangouts, Skype, or Zoom.us instead?

If you use free code development tools with your students, you may that many popular titles are Java-based, like Eclipse and Aptana Studio. Maybe it’s time to start recommending SublimeText or Atom Editor instead.

These are just the tools I can think of off the top of my head, but I know that, over my years as an edtech tool junkie, I’ve run across lots of tools that require Java to run. Which apps do you depend on, and what are you thinking of switching to? You may want to use AlternativeTo to help you find alternatives to your favorite Java-based edtech tools. Please share in the comments below…

Liked this post? Follow this blog to get more. 

Comments

This site uses Akismet to reduce spam. Learn how your comment data is processed.