French security researcher Robert Baptiste, who goes by the name Elliot Alderson on Twitter, had made news when he showed the UIDAI's official mAadhaar app to be insecure. After the UIDAI finally updated the mAadhaar app, the app is still vulnerable. He has now published another video showing how the password security of the mAadhaar app can be bypassed to retrieve secure information of the Aadhaar holder by using a modified APK and physical access to the phone. A rooted phone is not necessary. The APK is modified to bypass the requirement of the password. https://twitter.com/fs0c131y/status/973482430903586816 The failure of the Indian establishment to provide standard channels for providing feedback on vulnerabilities means that such vulnerabilities found are likely to be reported publicly and be picked up by malicious actors while the organization remains uninterested in securing their apps. Alderson has currently gone on a rampage across various Indian websites demonstrating security flaws and leaks of data. He is currently trying to get in touch with ISRO and Apollo Hospitals about data leaks on their websites. A data protection law cannot do much to protect data if there isn't a will to secure it and be proactive in responding to reports of problems. This is a repeated phenomenon, where people who find vulnerabilities and would honestly like to report them are reduced to making a noise about them on social media in order to get someone to pay attention. This unnecessarily alerts hackers that there is a vulnerability to be found on specific…
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
News
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
Advert
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
News
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...
News
Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...