Comments
A French hacker who goes by the name of Elliot Alderson on Wednesday continued to tweet that the government’s Aarogya Setu app has a lot of security issues and can be hacked easily, thereby revealing the identities of those infected by Covid-19 or those unwell.
His tweets on Tuesday said ‘five people felt unwell at the PMO, two unwell at the Indian Army headquarters, one infected at Parliament and three infected at the office of the Ministry of Home’.
“Yesterday an attacker was able to know who is infected, unwell, made a self assessment in the area of his choice. Basically, I was able to see if someone was sick at the PMO or the Indian Parliament. I was able to see if someone was sick in a specific house if I wanted,” Alderson said in the tweet.
His tweets and claims triggered a war of words between the government and the Opposition over the safety and privacy issues of the app. While the Opposition charged that the Aarogya Setu app breaches privacy, the government said it is robust, safe and secure.
The app was developed by the Ministry of Electronics and Information Technology (MeitY) along with NIC, NITI Aayog and some private entities.
Protecting the integrity of the app, the MeitY on Wednesday said the app fetches user’s location only at the time of registration, self assessment and “when a user submits the contact tracing data voluntarily through the app or when we fetch the contact tracing data of a user after they have turned Covid-19 positive”.
The radius parameters are also fixed and can only take five values — 500 m, 1 km, 2 km, 5 km and 10 km — and these are the standard parameters posted on with HTTP headers, it said. “No personal information of any user has been proven to be at risk by this ethical hacker. We are continuously testing and upgrading our systems. Team Aarogya Setu assures everyone that no data or security breach has been identified,” it added.
Prime Minister Narendra Modi has been urging people to download the Aarogya Setu app, saying it is a fantastic use of technology to combat coronavirus. And, some of the local authorities like in Noida (Uttar Pradesh) have made it mandatory for everyone to use the app, and warned that those who do not have the app can be booked under Section 188 of the IPC (tried, fined or left with a warning).
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.