Some Observations on Kahoot!

科技动态 2016-06-14

3 min read

In the screencast below, I highlight some issues with Kahoot!, a quiz platform that, according to the company, was used by 20 million US students
in the month of March, 2016.

In the screencast, I use two demo accounts to show how an 11 year old student can create an account with no parental consent, and subsequently share content with a random adult within the application. I also highlight a less serious issue with how PINs can be shared to allow for open access over the internet to anyone who has the PIN.

(note: the screencast has no volume - so don't think your audio settings are on the fritz 🙂 )

Recommendations for Kahoot!

Some of these recommendations look at Kahoot's terms of service and privacy policy. A full evaluation of their terms is outside the scope of this post, but currently the terms lack meaningful detail about important points, such as how data can be used for advertising, or shared with third parties. In addition to a full review of their current privacy policy, a short list of improvements for Kahoot! includes:

  • Implement verifiable parental consent for accounts for people under 13; this should be accompanied by corresponding language in the privacy policy.
  • Inside the service, implement friend lists, and limit sharing to and from student accounts to approved friend lists.
  • Update their infrastructure to improve encryption on their login and account creation pages. Currently, these pages get an F using the Qualys SSL verification service
  • Update their terms of service to clarify what ownership they are claiming over student and teacher work. Their current terms claim full ownership over all content created using "any open communication tools on our website" - this effectively means that Kahoot! owns all student and teacher work created in their platform, and that they can use that work without limits, in any way they want. While I don't think this is what they intend, they should clarify the details. The precise language from the terms of service is included below.

However, any content posted by you using any open communication tools on our website, provided that it doesn't violate or infringe on any 3rd party copyrights or trademarks, becomes the property of Kahoot! AS, and as such, gives us a perpetual, irrevocable, worldwide, royalty-free, exclusive license to reproduce, modify, adapt, translate, publish, publicly display and/or distribute as we see fit. This only refers and applies to content posted via open communication tools as described, and does not refer to information that is provided as part of the registration process, necessary in order to use our Resources.

There are other suggestions that would improve the service, but this short list highlights some of the more pressing issues documented in the screencast.

责编内容by:FunnyMonkey (源链)。感谢您的支持!


Cable lobby claims US is totally overflowing in br... Are you ever frustrated about a lack of choice for home Internet providers? Well, worry no more. The nation's top cable lobby group is here to let you...
个人站长、美食家和傻×设计师 互联网开始被大众使用之初,使用的工具是以“Navigator”(领航者),“Explorer”(探险者)和“Safari”(远征)等来作为名称的,与现在互联网用户比较起来,那时人们的身体更为固定,就坐在电脑之前来“远征”和“探索”。现在如果去问一个人“你使用互联网来做什么”,会有隔时代的荒诞感,而如...
How much money you need to spend on a home to be i... A mansion in San Francisco, California. Sotheby's International Realty The United States is in a housing crisis. ...
车发发与中国人保达成合作,推出“车险无忧保”,并与人保车险系统打通... 近日,互联网养车平台车发发与中国人保达成合作。车发发创始人兼CEO王海表示,关于全面战略合作的首期内容,双方将在用户大数据、SAAS系统对接、客户服务、B端客户合作、配件采购、多险种合作、团队学习支援、相互主推等八个领域展开。具体来说,车发发线上系统将与中国人保的车险系统打通,SaaS养车系统的大数...
Digital Shadows raises $26m to protect companies a... A British cyber security firm has raised $26m (£19m) to develop its technology that scans the internet for threats to businesses. Digi...