The ostrich algorithm is ignoring a problem in the
hopes that it will go away.
So, 90 days ago we issued a challenge
to John Baker, CEO of Desire2Learn; Michael Chasen, CEO of Blackboard;
and Ray Henderson, President of Blackboard Learn, to participate in an
annual open security audit. Why? Because we believe that hiding
security vulnerabilities in the LMS decreases the likelihood they will
be repaired and increases the likelihood they will be exploited.
Unfortunately, none of them responded.
They are keeping their security practices closed and secret. I wish I
could say I was surprised, but I'm not. This is how legacy enterprise
software companies usually behave, to the detriment of their customers.
We think they may have picked 'D'.
We will kick off our second annual open security audit in Q4. We invite
any and all education companies to participate. We think education
should be open, safe, and secure -- and that corporations should be held
accountable for their claims.
Original Document Link