Computer security

Allegations of foreign intelligence affiliations
Aadhaar
Digital India

Co-founder and director of iSPIRIT, Sharad Sharma accused of anonymous trolling of dissenters

Since the last few weeks, there has been a sudden uptick of anonymous accounts supporting Aadhaar and dismissing concerns and news of information leaks, security and privacy issues. These accounts were all either created in may or scrubbed of all content and began tweeting afresh in May. Some of them are propaganda accounts that tweet only […]

Read More
income-tax-dept-server-result
National

What is this address we are supposed to report black money to?

This post has been updated to take out some points that were misunderstood by me and have been clarified and another issue which appears to be resolved. Okay, I’m spooked. I don’t understand this enough to even claim something is wrong. This is the most bizarre “email situation” I have ever seen. It began with […]

Read More
MyGov.in profile at HackerOne
Aadhaar
Democracy
Digital India
National

A Digital India with no interest in fixing serious security flaws

The government of India doesn’t seem to be interested in getting security vulnerabilities fixed. A CS engineer, Bhavyanshu Parasher, has been spending his time understanding the current security standards deployed by the government of India in most of its data-critical apps and websites. Last year, in September, he disclosed a security flaw in Prime Minster […]

Read More
exploit
Digital Rights
General

What the security flaw in Prime Minister Narendra Modi’s app tells us

Bhavyanshu Parasher, a young computer science engineer took a look at Prime Minister Narendra Modi’s Android application (among popular apps he studied for his own research purposes). The Narendra Modi app had 500,000+ downloads at that time. He found a major security flaw in how the app accesses the “api.narendramodi.in/api” API. At the time of disclosure, API was being served […]

Read More
Illustration of how a file or document is sent using Public key encryption by Johannes Landin
Democracy
Digital Rights
National
Politics & Political Commentary

DEITY National Encryption Policy is as good as forbidding encryption

First of all, what is National Encryption Policy? “Under Section 84A of Information Technology Act, 2000 Rules are to be framed to prescribe modes or methods for encryption”. So DeitY has framed a draft of such rules which will decide the future of how encrypted services are to be used or provided to users in […]

Read More