News

A hacker from french claims remote access to Aarogya Setu data

Robert Baptiste, a French cybersecurity analyst who goes by the pseudonym ‘Elliot Alderson’ on Twitter, on Wednesday, stated he could access details of Corona-infected persons through the government-mandated Aarogya Setu app.

A remote attacker could know “who is infected, unwell, make a self-assessment in the area of his (attacker’s) choice,” Baptiste wrote on Twitter.

Even with the most advanced version of the Covid-19 contact tracing app, Baptiste stated he was capable of seeing “if someone was sick at the PMO office or the Indian Parliament.” The makers of Aarogya Setu had circulated a statement in response to dismissing Baptiste’s earlier claims.

Baptiste claimed that he could access details of positive cases at the location of his decision. He did not give any proof in this regard; he promised a full article about the alleged security flaws.

An earlier statement published by the makers of the app announced a user could get data for different places by changing the latitude/longitude, which is anyway available data. The makers, however, insisted that the bulk collection of this data was not probable as “the API call is behind a Web Application Firewall.” The official report released by Aarogya Setu said, “no personal data of any user has been confirmed to be at risk by the French ethical hacker.”

There has been a significant debate on the use of contact tracing apps by governments, Eivor Oborn, Professor of Healthcare Management at Warwick Business School, UK, told India Today. “I think a real breach is made if the professionals are forced to use the app, and they are not permitted to discontinue the monitoring after the threshold of the pandemic is over; this to me is a bigger concern.”

He continued that in a democratic country like India, citizens should have clarity regarding what, when, and how the data is being used. “I think it is good for the governments concerned to show profits that accrue from data use tangibly,” Prof Oborn stressed. Independent specialists and privacy rights groups have been advocating that the source code of the contact tracing app should be made public.

“India is the only democracy which has made the use of contact tracing app necessary, so steps should be taken to make the codebase of the app open source, and users should be provided with the option to delete their data, even from the servers,” Prasanth Sugathan, legal director of Software Freedom Law Center, said India Today.

The government’s chief scientific advisor, Prof K VijayRaghavan, has said India Today that the source code of the app would be made public very soon. French ethical hacker Baptiste has been in the news for consistently pointing out security defects with India’s Aadhaar system. Source India Today.

Scrollsocial

Scrollsocial covers the latest in tech, business, apps, gadgets, marketing, entertainment, and lifestyle, delivering fresh insights and updates; stay informed and inspired in today’s digital world.

Recent Posts

Things You Should Know About Folic Acid and Its Limitations

The importance of folic acid is mentioned mainly in connection with pregnancy. During pregnancy, its… Read More

4 days ago

Chrome.//net-internals/dns | How to Clear DNS Cache

Before discussing chrome.//net-internals/dns, you should know about the DNS server, what DNS is, and its… Read More

2 weeks ago

How to Develop a Digital Marketing Campaign in 2025

Digital Marketing is the set of strategies focused on promoting a company or brand on… Read More

3 weeks ago

How to Choose Vitamin C Serum and When to Apply It?

Do you want to get rid of skin fatigue? Vitamin C Serum is the answer.… Read More

1 month ago

Nilkamal Sleep – Ban, Luxury Mattress, Furniture Online

Nilkamal Sleep - Ban: Nilkamal is one of the oldest household brands; it manufactures mattresses,… Read More

1 month ago

How to Install and Configure High-Performance WiFi Router

With the rapid evolution of smart homes, it is crucial to properly install and configure… Read More

1 month ago