Many of you woke up Monday morning to discover that our website was being flagged as potentially insecure. Not exactly the news you want when you're preparing for your first class of the week! The issue was resolved by Tuesday morning, but we want to take a moment to explain what happened, why that scary warning message popped up, and what it actually means. What you need to know is - our site was not compromised, there were no hacks or intrusions on our website or on you or your students.
Much of the traffic on the Internet flows over protocols known as http or https. You've probably seen these at the beginning of a lot of web addresses! The second one (https) uses certificates that browsers rely onto the security indicators we've been taught to look for: the "lock" icon, a green badge, etc. These certificates don't last forever, and that's a good thing: it means that websites need to prove they are trustworthy at regular intervals, like getting a regular inspection for your car to make sure it's road-worthy.
We received notification that our certificate was going to expire on Friday, leaving us without enough time to reply before it expired. And once it did, your web browser did what it was supposed to do: warn you that our website had an invalid certificate. Within 48 hours, the certificate was renewed and everything went back to normal.
Of course that's small consolation to those of you who got that scary message on Monday, or were unable to save files to Google Drive! We take your security seriously; all of us are teachers, and we also know how even a small glitch can ruin a lesson. We're sorry for the inconvenience, and we want to remind you that an expired certificate does not mean that our site was hacked or that anything was compromised. This is the first time in 13 years that we've had a certificate issue, and we plan on it being the only one we ever have.Posted October 20th, 2020