A Funny Thing Happened on the Way to Coursera

Jonathan Mayer writes:

I’m excited to be teaching Stanford Law’s first Coursera offering this fall, on government surveillance. In preparation, I’ve been extensively poking around the platform; while I found some snazzy features, I also stumbled across a few security and privacy issues.

  1. Any teacher can dump the entire user database, including over nine million names and email addresses.
  2. If you are logged into your Coursera account, any website that you visit can list your course enrollments.
  3. Coursera’s privacy-protecting user IDs don’t do much privacy protecting.

The balance of this piece provides some detail on each of the vulnerabilities.

Read more on Web Policy.

About the author: Dissent

Comments are closed.