Tracking Users across the Web via TLS Session Resumption

User tracking on the Internet can come in various forms, e.g., via cookies or by fingerprinting web browsers. A technique that got less attention so far is user tracking based on TLS and specifically based on the TLS session resumption mechanism. To the best of our knowledge, we are the first that investigate the applicability of TLS session resumption for user tracking. For that, we evaluated the configuration of 48 popular browsers and one million of the most popular websites. Moreover, we present a so-called prolongation attack, which allows extending the tracking period beyond the lifetime of the session resumption mechanism. To show that under the observed browser configurations tracking via TLS session resumptions is feasible, we also looked into DNS data to understand the longest consecutive tracking period for a user by a particular website. Our results indicate that with the standard setting of the session resumption lifetime in many current browsers, the average user can be tracked for up to eight days. With a session resumption lifetime of seven days, as recommended upper limit in the draft for TLS version 1.3, 65% of all users in our dataset can be tracked permanently.Comment: 11 page

Investigation into the security and privacy of iOS VPN applications

Due to the increasing number of recommendations for people to use Virtual Private Networks (VPNs) to protect their privacy, more application developers are creating VPN applications and publishing them on the Apple App Store and Google Play Store. In this ‘gold rush’, applications are being developed quickly and, in turn, not being developed with security in mind.This paper investigated a selection of VPN applications available on the Apple App Store (for iOS devices) and tested the applications for security and privacy issues. This includes testing for any traffic being transmitted over plain HTTP, DNS leakage and transmission of personally identifiable information (such as phone number, International Mobile Equipment Identity (IMEI), email address, MAC address) and evaluating the security of the tunneling protocol used by the VPN.The testing methodology involved installing VPN applications on a test device, simulating network traffic for a pre-defined period of time and capturing the traffic. This allows for all traffic to be analysed to check for anything being sent without encryption. Other issues that often cause de-anonymization with VPN applications such as DNS leakage were also considered.The research found several common security issues with VPN applications tested, with a large majority of applications still using HTTP and not HTTPS for transmitting certain data. A large majority of the VPN applications failed to route additional user data (such as DNS queries) through the VPN tunnel. Furthermore, just fifteen of the tested applications were found to have correctly implemented the best-recommended tunneling protocol for user security.Outside of the regular testing criteria, other security anomalies were observed with specific applications, which included outdated servers with known vulnerabilities, applications giving themselves the ability to perform HTTPS interception and questionable privacy policies. From the documented vulnerabilities, this research proposes a set of recommendations for developers to consider when developing VPN applications

Rethinking professional practice: the logic of competition and the crisis of identity in housing practice

The relationship between professionalism, education and housing practice has become increasingly strained following the introduction of austerity measures and welfare reforms across a range of countries. Focusing on the development of UK housing practice, this article considers how notions of professionalism are being reshaped within the context of welfare retrenchment and how emerging tensions have both affected the identity of housing professionals and impacted on the delivery of training and education programmes. The article analyses the changing knowledge and skills valued in contemporary housing practice and considers how the sector has responded to the challenges of austerity. The central argument is that a dominant logic of competition has culminated in a crisis of identity for the sector. Although the focus of the article is on UK housing practice, the processes identified have a wider relevance for the analysis of housing and welfare delivery in developed economies

Wigs, disguises and child's play : solidarity in teacher education

It is generally acknowledged that much contemporary education takes place within a dominant audit culture, in which accountability becomes a powerful driver of educational practices. In this culture both pupils and teachers risk being configured as a means to an assessment and target-driven end: pupils are schooled within a particular paradigm of education. The article discusses some ethical issues raised by such schooling, particularly the tensions arising for teachers, and by implication, teacher educators who prepare and support teachers for work in situations where vocational aims and beliefs may be in in conflict with instrumentalist aims. The article offers De Certeau’s concept of ‘la perruque’ to suggest an opening to playful engagement for human ends in education, as a way of contending with and managing the tensions generated. I use the concept to recover a concept of solidarity for teacher educators and teachers to enable ethical teaching in difficult times

Secondary literacy across the curriculum: Challenges and possibilities

This paper discusses the challenges and possibilities attendant upon successfully implementing literacy across the curriculum initiatives – or ‘school language policies’ as they have come to be known - particularly at the secondary or high school level. It provides a theoretical background to these issues, exploring previous academic discussions of school language policies, and highlights key areas of concern as well as opportunity with respect to school implementation of such policies. As such, it provides a necessary conceptual background to the subsequent papers in this special issue, which focus upon the Secondary Schools’ Literacy Initiative (SSLI) – a New Zealand funded programme that aims to establish cross-curricular language and literacy policies in secondary schools

The Obliteration of Truth by Management: Badiou, St. Paul and the Question of Economic Managerialism in Education

This paper considers the questions that Badiou’s theory of the subject poses to cultures of economic managerialism within education. His argument that radical change is possible, for people and the situations they inhabit, provides a stark challenge to the stifling nature of much current educational climate. In 'Saint Paul: The Foundation of Universalism', Badiou describes the current universalism of capitalism, monetary homogeneity and the rule of the count. Badiou argues that the politics of identity are all too easily subsumed by the prerogatives of the marketplace and unable to present, therefore, a critique of the status quo. These processes are, he argues, without the potential for truth. What are the implications of Badiou’s claim that education is the arranging of ‘the forms of knowledge in such a way that truth may come to pierce a hole in them’ (Badiou, 2005, p. 9)? In this paper, I argue that Badiou’s theory opens up space for a kind of thinking about education that resists its colonisation by cultures of management and marketisation and leads educationalists to consider the emancipatory potential of education in a new light

Impact of Scottish vocational qualifications on residential child care : have they fulfilled the promise?

This article will present findings from a doctoral study exploring the impact of 'SVQ Care: Promoting Independence (level III)' within children's homes. The study focuses on the extent to which SVQs enhance practice and their function within a 'learning society'. A total of 30 staff were selected from seven children's homes in two different local authority social work departments in Scotland. Each member of staff was interviewed on four separate occasions over a period of 9 months. Interviews were structured using a combination of repertory grids and questions. Particular focus was given to the assessment process, the extent to which SVQs enhance practice and the learning experiences of staff. The findings suggest that there are considerable deficiencies both in terms of the SVQ format and the way in which children's homes are structured for the assessment of competence. Rather than address the history of failure within residential care, it appears that SVQs have enabled the status quo to be maintained whilst creating an 'illusion' of change within a learning society

Education and older adults at the University of the Third Age

This article reports a critical analysis of older adult education in Malta. In educational gerontology, a critical perspective demands the exposure of how relations of power and inequality, in their myriad forms, combinations, and complexities, are manifest in late-life learning initiatives. Fieldwork conducted at the University of the Third Age (UTA) in Malta uncovered the political nature of elder-learning, especially with respect to three intersecting lines of inequality - namely, positive aging, elitism, and gender. A cautionary note is, therefore, warranted at the dominant positive interpretations of UTAs since late-life learning, as any other education activity, is not politically neutral.peer-reviewe

Critical Race Theory and Education: racism and anti-racism in educational theory and praxis

What is Critical Race Theory (CRT) and what does it offer educational researchers and practitioners outside the US? This paper addresses these questions by examining the recent history of antiracist research and policy in the UK. In particular, the paper argues that conventional forms of antiracism have proven unable to keep pace with the development of increasingly racist and exclusionary education polices that operate beneath a veneer of professed tolerance and diversity. In particular, contemporary antiracism lacks clear statements of principle and theory that risk reinventing the wheel with each new study; it is increasingly reduced to a meaningless slogan; and it risks appropriation within a reformist “can do” perspective dominated by the de-politicized and managerialist language of school effectiveness and improvement. In contrast, CRT offers a genuinely radical and coherent set of approaches that could revitalize critical research in education across a range of inquiries, not only in self-consciously "multicultural" studies. The paper reviews the developing terrain of CRT in education, identifying its key defining elements and the conceptual tools that characterise the work. CRT in education is a fast changing and incomplete project but it can no longer be ignored by the academy beyond North America