An 18-year-old kid’s app topples the official e-grade book
Since September of last year, state schools have to use the electronic grade book called KRÉTA (Chalk). Like in the case of the not so popular Neptun, schools were obligated to start using the system from the second semester already, even if they had an established e-grade book. Because of this, the switch was not smooth, of course, and parents, teachers, and students filed many complaints alike.
According to Index, neither could the KRÉTA phone application vade public anger. The e-Kréta application got so many negative reviews on Google Play Market that it has failed to recover from the plenty of F marks ever since. Incidentally, in spite of fruitful updates and repairs, the app still only has 2.1 stars by 16 thousand reviews. Complaints were mostly made on its slow operation, crashes, and irregular notifications. However, not everybody is discontent: some use it without any trouble.
A student struggling with e-Kréta had enough of the faulty app and developed another at the age of 18.
According to feedback, the interface of e-Szivacs (e-Sponge) is more user-friendly, first of all, and has more features than the official version. For example, parents with more than one children can look at all of their school-attending kids’ grades without signing out and in again. This was much appreciated by users: e-Szivacs has a 4.6 score with 821 user reviews from 10 thousand downloaders.
Photo: Google Play
In Kréta’s defence, the system and the phone application had to be set up from scratch while e-Szivacs was based on e-Kréta, thus becoming more popular.
Although, in this case, we are speaking of an innocent application which genuinely is just trying to satisfy user needs, it is justifiable to wonder; how does software like this access the data of students and how protected are they?
To understand this, we have to follow the operation of applications as well. One of our sources well acquainted with the system of Kréta explained this as such: when we log in with the help of a client programme like e-Szivacs, we get the data by connecting to Kréta but then the display of these data depends on the application. There is no such security solution which could prevent these apps from accessing the system. This could be problematic if phishers would create an app like this, which then steals the data of users needed for logging in, then their personal data as well.
Regarding this, we also asked the opinions of KRÉTA and e-Szivacs developers. According to KRÉTA, application bots answer for the legal operation of mobile applications. Many client programmes (for example, various messaging applications) exist which use interfaces provided by Google.
While downloading these applications, there is no guarantee that the software will not collect and forward email addresses and passwords given during its use to an external database.
The young creator of e-Szivacs said in turn that when someone tries to get other people’s data, they want to do it with as little effort as possible and most likely will not put in weeks and months of work to create a functioning app with its sole intent being data theft. Apps like this usually collect and forward data after logging in and then signalling an error. However, an application such as this would get many bad reviews and would not reach many people.
Either way, it is worth paying attention to which client programmes we avail ourselves of.
By Réka Tóth
Source: https://index.hu/
