Menu

Tag: Software testing

A Digital India with no interest in fixing serious security flaws

MyGov.in profile at HackerOne

The government of India doesn’t seem to be interested in getting security vulnerabilities fixed. A CS engineer, Bhavyanshu Parasher, has been spending his time understanding the current security standards deployed by the government of India in most of its data-critical apps and websites. Last year, in September, he disclosed a security flaw in Prime Minster …

What the security flaw in Prime Minister Narendra Modi’s app tells us

exploit

Bhavyanshu Parasher, a young computer science engineer took a look at Prime Minister Narendra Modi’s Android application (among popular apps he studied for his own research purposes). The Narendra Modi app had 500,000+ downloads at that time. He found a major security flaw in how the app accesses the “api.narendramodi.in/api” API. At the time of disclosure, API was being served …