Pupils killed in Damascus University attack
SHAFAQNA (Shia International News Association) -- At least 15 students have been killed and 20 others injured when mortar bombs landed on the canteen of Damascus University's College of Architecture, state-run media and opposition activists said.
Al-Ikhbariya television on Thursday showed images of doctors pumping the chests of at least two young men and blood splattered on the floor of what appeared to be an outdoor canteen in the campus, located in the central Baramkeh district.
"Terrorists fire mortar rounds on the faculty of architecture in Damascus, and according to initial reports several people have been killed or wounded," the broadcaster said, using the regime term for rebels fighting against the regime of President Bashar al-Assad.
Mortar shells have become a daily occurrence in Damascus as Syria's rebels are increasingly using mortars.
The latest attack on the capital comes two days after rebels barraged Damascus with mortar shells that killed at least three people and wounded dozens in one of the most intensive attacks on the seat of Assad's power.
Meanwhile, in the country's south, activists said Syrian rebels have been attacking army checkpoints in and around a key town that is a gateway to Damascus.
The Britain-based Syrian Observatory for Human Rights says rebel attacks are under way in Dael and surrounding areas.
The Local Coordination Committees, another activists group, says regime bombardment of Dael killed at least three people on Thursday.
Dael lies in the strategic Daraa province, which borders Jordan.
Unrest in Turkey camp
The UN says Syria's two-year civil war has killed more than 70,000 people.
The latest reports of violence comes as Reuters news agency quoted Turkish officials as saying on Thursday that at least 600 Syrians staying at a refugee camp near the border were deported after clashes with Turkish military police following protests over living conditions in the camp.
Turkish foreign ministry denied the report, saying it has not deported refugees from the camp in the southern Akcakale town, but that about 50 to 60 people had returned to Syria voluntarily.
On Wednesday, angry refugees pelted police with stones, as security forces fired tear gas and water cannon to disperse the protesters.
The protests were sparked by the death of a child in a fire in the camp, which houses around 25,000 Syrians who fled the conflict in their country.
Accidental fires often break out in the camps, and several refugees - mostly children - have died.
Turkey is housing some 200,000 refugees in camps situated along the Syrian border, while another 70,000 displaced are living in houses rented in several Turkish towns.
Pupils to get advice about Facebook and social media sites
SHAFAQNA (Shia International News Association) -- A pilot scheme will give tips on avoiding posting compromising or embarrassing photos on sites such as Facebook or Twitter.
It will include advice on protecting personal information and staying safe.
This week the Welsh government asked councils to allow pupils more access to social networking sites.
The pilot scheme is being run by the office of the information commissioner, a UK body which promotes data privacy as part of its role.
The move is about being more proactive, the commissioner's Welsh official says.
"We've had experience of cases where people have maybe applied for jobs and something they've done in their past or they've put up on Facebook has actually stopped them from getting that job," said Anne Jones, the assistant information commissioner.
"We all know that employers tend to search for these things online and it certainly has been happening and I'm sure it will happen again in the future."
In an interview with the BBC's Sunday Politics Wales programme, the assistant commissioner said that earlier pilot schemes in Shropshire and Cambridge were being extended to Wales.
One school will be chosen shortly to take part in a wider pilot scheme of 30 schools across the UK.
"There's a lot of reasons why we feel this is a really important project to take forward - to embed information rights into the curriculum," she said.
"It is that full package of information rights, it's understanding personal data - your personal information is valuable and, as far as children are concerned, explaining to them or trying to make sure them understand exactly what personal information is.
"It's trying to make sure that they deal appropriately - that they don't give it away to the wrong people, that they keep it safe where it needs to be kept safe," she added.
Positive view
Earlier this week the Welsh government called for local authorities to allow schools to offer pupils greater access to social networking websites on a supervised basis.
Anna Brychan, director of head teachers' union NAHT Cymru, warned that her members were concerned about the practical difficulties involved with the proposals despite their "great eagerness to make maximum use of new technologies in education".
But the Welsh government will now write to all local authorities in Wales to ask them to take a more positive view on the use of social networking in young people's education.
Ms Jones said that the Welsh government's stance complemented the work being undertaken by the information commissioner's office.
"It just sort of chimes with what we are trying to do, in that these things are good and positive... [and] we're all using them [social networking sites] aren't we?" she said.
"But the point is the fact that we need to use them safely, we need to use them properly and we're not giving out personal data to people who are completely inappropriate.
"So it ups the ante - if the children are going to be using it more in the schools then they need to do it properly."
Pupil expelled from Montreal college after finding ‘sloppy coding’ that compromised security of 250,000 students personal data
SHAFAQNA (Shia International News Association) -- A student has been expelled from Montreal’s Dawson College after he discovered a flaw in the computer system used by most Quebec CEGEPs (General and Vocational Colleges), one which compromised the security of over 250,000 students’ personal information.
Ahmed Al-Khabaz, a 20-year-old computer science student at Dawson and a member of the school’s software development club, was working on a mobile app to allow students easier access to their college account when he and a colleague discovered what he describes as “sloppy coding” in the widely used Omnivox software which would allow “anyone with a basic knowledge of computers to gain access to the personal information of any student in the system, including social insurance number, home address and phone number, class schedule, basically all the information the college has on a student.”
“I saw a flaw which left the personal information of thousands of students, including myself, vulnerable,” said Mr. Al-Khabaz. “I felt I had a moral duty to bring it to the attention of the college and help to fix it, which I did. I could have easily hidden my identity behind a proxy. I chose not to because I didn’t think I was doing anything wrong.”
After an initial meeting with Director of Information Services and Technology François Paradis on Oct. 24, where Mr. Paradis congratulated Mr. Al-Khabaz and colleague Ovidiu Mija for their work and promised that he and Skytech, the makers of Omnivox, would fix the problem immediately, things started to go downhill.
Two days later, Mr. Al-Khabaz decided to run a software program called Acunetix, designed to test for vulnerabilities in websites, to ensure that the issues he and Mija had identified had been corrected. A few minutes later, the phone rang in the home he shares with his parents.
“It was Edouard Taza, the president of Skytech. He said that this was the second time they had seen me in their logs, and what I was doing was a cyber attack. I apologized, repeatedly, and explained that I was one of the people who discovered the vulnerability earlier that week and was just testing to make sure it was fixed. He told me that I could go to jail for six to twelve months for what I had just done and if I didn’t agree to meet with him and sign a non-disclosure agreement he was going to call the RCMP and have me arrested. So I signed the agreement.”
The agreement prevented Mr. Al-Kabaz from discussing confidential or proprietary information he found on Skytech servers, or any information relating to Skytech, their servers or how he accessed them. The agreement also prevented Mr. Al-Kabaz from discussing the existence of the non-disclosure pact itself, and specified that if his actions became public he would face legal consequences.
When reached for comment Mr. Taza acknowledged mentioning police and legal consequences, but denied having made any threats, and suggested that Mr. Al-Khabaz had misunderstood his comments.
“All software companies, even Google or Microsoft, have bugs in their software,” said Mr. Taza. “These two students discovered a very clever security flaw, which could be exploited. We acted immediately to fix the problem, and were able to do so before anyone could use it to access private information.”
Taza explained that he was quite pleased with the work the two students did identifying problems, but the testing software Mr. Al-Khabaz ran to verify the system was fixed crossed a line.
“This type of software should never be used without prior permission of the system administrator, because it can cause a system to crash. He [Al-Khabaz] should have known better than to use it without permission, but it is very clear to me that there was no malicious intent. He simply made a mistake.”
The administration of Dawson College clearly saw things differently, proceeding to expel Mr. Al-Khabaz for a “serious professional conduct issue.”
“I was called into a meeting with the co–ordinator of my program, Ken Fogel, and the dean, Dianne Gauvin,” says Mr. Al-Khabaz. “They asked a lot of questions, mostly about who knew about the problems and who I had told. I got the sense that their primary concern was covering up the problem.”
Following this meeting, the fifteen professors in the computer science department were asked to vote on whether to expel Mr. Al-Khabaz, and fourteen voted in favour. Mr. Al-Khabaz argues that the process was flawed because he was never given a chance to explain his side of the story to the faculty. He appealed his expulsion to the academic dean and even director-general Richard Filion. Both denied the appeal, leaving him in academic limbo.
“I was acing all of my classes, but now I have zeros across the board. I can’t get into any other college because of these grades, and my permanent record shows that I was expelled for unprofessional conduct. I really want this degree, and now I won’t be able to get it. My academic career is completely ruined. In the wrong hands, this breach could have caused a disaster. Students could have been stalked, had their identities stolen, their lockers opened and who knows what else. I found a serious problem, and tried to help fix it. For that I was expelled.”
Morgan Crockett, director of internal affairs and advocacy for the Dawson Student Union, agrees.
“Dawson has betrayed a brilliant student to protect Skytech management,” said Ms. Crockett. “It’s a travesty that Ahmad’s academic future has been compromised just so that Dawson and Skytech could save face. If they had any sense of decency, they would reinstate Ahmad into [the] computer science [program], refund the financial aid debt he has incurred as a result of his expulsion and offer him a full public apology “
Repeated calls to various members of the Dawson administration were not returned, with the college citing an inability to discuss an individual student’s case on legal and ethical grounds in a statement released by their communications department.
