Search This Website

Wednesday, 6 May 2020

French hacker is viewing details of millions of Indians from Arogya Setu app: PM Modi gives explosive details of office

The government has launched a health bridge app to fight the corona virus. Corona infected patients can be tracked with the help of this app.

 In the first 20 days before the app was launched by the Health Department of the Government of India, 80 million downloads have been received. The main objective of the app is to spread awareness among the people. So far 90 million people have downloaded this app.

The Arogya Setu app, is a sophisticated surveillance system, outsourced to a pvt operator, with no institutional oversight - raising serious data security & privacy concerns. Technology can help keep us safe; but fear must not be leveraged to track citizens without their consent.
45.4K people are talking about this

Last Saturday, Congress leader Rahul Gandhi raised questions about data privacy on this health bridge app. "The Health Bridge app is a state-of-the-art surveillance system, outsourced to a private operator," he said. In which the absence of an institutional supervisor raises serious data security and privacy concerns. Technology protects us, but fear should not be used to track citizens without their consent. '
Elliott Alders, an ethical hacker from France, told the Health Bridge app team via Twitter that the app has a security issue. The privacy of 90 million people is at stake. Can you speak separately? The hacker also said that Rahul Gandhi was right. It may be mentioned that Congress leader Rahul Gandhi had questioned the security of data in the Health Bridge app a few days before this tweet.
Hi @SetuAarogya,

A security issue has been found in your app. The privacy of 90 million Indians is at stake. Can you contact me in private?


PS: @RahulGandhi was right
13.5K people are talking about this
Amid concerns over data safety in the Health Bridge app, the government clarified on Wednesday. The Health Bridge team said there was no risk of any user's private information being leaked. Talk to our hacker, no need to worry. The government has clarified the matter in the wake of a challenge it has given to French ethical hacker Elliott Alders. Alders had earlier pointed out a flaw in the support system.
The government said the hacker alerted us to two flaws. We have discussed those two flaws with the hacker.
1. The hacker said that the app sometimes fetches the user's location. In response, the government said that the design of the app is the same. This is stated in detail in the Privacy Policy. It is being used for the benefit of all. The user's location is encrypted and stored securely on the server.
2. Another point of the hacker was that the user could see the corona figures on the home screen by changing its radius and latitude-longitude. In response, the government stated that the parameters of the radius are fixed. There are standard parameters of 500 meters, one kilometer, two kilometers, five kilometers and 10 kilometers. The user can change the latitude-longitude to view data from more than one location. This information is public for all locations. It does not affect the security of any private or sensitive information.
However, the hacker was not satisfied with the government's response. Told him to talk to you again tomorrow. However, in a reference to the location of the app, he asked the government only two hours later, what is triangulation?

No comments:

Post a Comment