Gujarat Exclusive > National-World > Hacker points to security issues in aarogya setu app, developers say no personal info of user is at risk

Hacker points to security issues in aarogya setu app, developers say no personal info of user is at risk

0
307

A Twitter handle of Elliot Alderson, has flagged some security issues with the ‘Aarogya Setu’, a coronavirus tracking application of the government. A tweet by the handle states that a security issue has been found and the privacy of 90 million Indians is at stake.

The developers of the application in its clarification said that no personal information of any user has been proven to be at risk but did acknowledge some of the issues raised by the Twitter handle of French cybersecurity expert and hacker.

The Twitter handle had pointed out that the app fetches locations of a user on a few occasions and that users can get the Covid19 stats displayed on home screen by changing the radius and latitude-longitude using a script.

On the question of location raised by the hacker, the developers of the app acknowledged that it is clearly by design and is detailed in the privacy policy and that the data is secured, encrypted and is done in an anonymised manner.

As to the second allegation that the radius and latitude-longitude can be changed, the developers said that the radius parameters are fixed and can only take one of the five values- 500 mts, 1 km, 2km, 5km and 10 km.

The application is developed by the National Informatics Centre (NIC). Alderson said that the response of the application developers was ‘nothing to see here’. He also said that the concerns raised by Rahul Gandhi were indeed right.