Jump to content

Search the Community

Showing results for tags 'india'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 57 results

  1. Most people would probably agree that YouTube comments are generally pretty worthless (especially the ones that tell you the year the commenter last watched a particular music video). In fact, the video streaming site is widely known for having some of the vilest comments on the internet. So now, after all these years, it seems Google may be finally coming around to this realization and is looking to change things up with a test in India that hides YouTube comments by default. This YouTube trial was first detailed by XDA Developers and only seems to affect the YouTube app on Android for now, and it couldn’t be more straightforward. Normally, when you open a video in YouTube and start scrolling down, you’ll see a row of buttons for liking, disliking, and sharing a video among other tools, followed by a list of suggested videos, and then finally after scrolling down even further, the comments for that video. But in YouTube’s new test in India, Google has simply removed the comment section below the list of suggested videos and replaced it with a comment button that sits between the Dislike and Share buttons, so that users won’t see any comments unless they go out of their way and tap the Comment button. To make room for the new Comment button, YouTube is testing a layout that removes the Save For Later button, which could be annoying for some, but not a complete loss as that functionality has apparently been moved to the drop-down window you get when you click the arrow to see a video’s full description. (XDA Developers has screenshots if you want to get a visual of the change.) YouTube did not immediately respond to Gizmodo’s request for comment. While it’s easy to vilify all YouTube comments as garbage, there’s also a lot of useful info or heartwarming anecdotes shared in comments as well, so it’s nice to see that YouTube isn’t quite ready to abolish comments entirely. (Here’s a shout out to all the commenters that take the time to list out all the tracks in long DJ sets.) And just maybe, by making the process of reading and posting comments a more deliberate affair, YouTube might actually encourage more thoughtful discourse. Big maybe. Source
  2. NEW DELHI (Reuters) - India will examine concerns raised by foreign technology companies around stringent rules to store data locally, the government said on Tuesday, an issue that has upset firms such as Mastercard and also irked the U.S. government. The decision to review the rules comes at a time when trade tensions between India and United States have risen. India imposed higher tariffs on some U.S. goods on Sunday, following Washington’s withdrawal of key trade privileges for New Delhi. On Monday Commerce Minister Piyush Goyal and leaders of technology companies discussed several federal plans in the works to push for more stringent data rules. The Reserve Bank of India (RBI) last year mandated foreign payment firms must store their payments data only in India to allow supervision. The central bank representative who attended the meeting “assured the industry representatives that the Reserve Bank of India will look into this”, a statement by the commerce ministry said. A lobbying effort by Mastercard, Visa Inc and American Express Co to dilute or reverse the central bank order has failed previously, Reuters has reported. Mastercard CEO Ajay Banga joined Monday’s meeting via video conference, the government statement said. India wants more stringent data storage rules so it can better access data and conduct investigations when the need arises. Technology companies argue the rules would force them to change their business models, hurt planned investments and raise costs. U.S.-India trade groups as well as top U.S. officials have expressed concerns around such rules in the past. “We’ll also push for free flow of data across borders, not just to help American companies, but to protect data and secure consumers’ privacy,” U.S. Secretary of State Mike Pompeo said last week ahead of his visit to New Delhi this month. E-COMMERCE POLICY Other than RBI rules, India has also drafted an overarching law on data storage which calls for all personal data determined to be critical to be processed locally. The government will be the one to determine categories of such data. Technology companies on Monday requested minister Goyal to ensure the law should have more clarity around data classification and he assured them that the IT ministry would address those concerns, the government statement said. The government will take companies’ suggestions “towards building a robust data protection framework that will achieve the dual purpose of privacy and innovation”, it said, signaling the government could possibly go soft on implementing the rules. Concerns were also raised around a separate e-commerce policy that focuses on data localization and improved privacy safeguards. They call for housing of more data centers and server farms locally, measures bound to raise costs of multi-national companies. “Commerce Minister assured the e-commerce industry representatives that each and every concern of the industry will be addressed,” the government said. The discussions around the e-commerce policy come after India implemented new foreign investment rules from Feb. 1, forcing companies such as Amazon.com Inc and Walmart’s Flipkart to rethink their business strategy in the country. Source
  3. Draft bill proposes 10-year prison term for dealing in cryptocurrency A cryptocurrency is a digital or virtual currency that uses cryptography for security and is generally based on blockchain technology, a distributed ledger enforced by a disparate network of computers. Bitcoin is the most popular cryptocurrency in the world. HIGHLIGHTS A draft bill has proposed 10-year jail term for people dealing in cryptocurrencies in India Besides making it completely illegal, the bill makes holding of cryptos a non-bailable offence A cryptocurrency is a virtual currency that uses cryptography for security and is generally based on blockchain technology Holding, selling or dealing in cryptocurrencies such as Bitcoin could soon land you in jail for 10 years. The "Banning of Cryptocurrency and Regulation of Official Digital Currency Bill 2019" draft has proposed 10-year prison sentence for persons who "mine, generate, hold, sell, transfer, dispose, issue or deal in cryptocurrencies. Besides making it completely illegal, the bill makes holding of cryptos a non-bailable offence. A cryptocurrency is a digital or virtual currency that uses cryptography for security and is generally based on blockchain technology, a distributed ledger enforced by a disparate network of computers. Bitcoin is the most popular cryptocurrency in the world. Given the high chances of cryptocurrencies being misused for money laundering, various government bodies such as the Income Tax Department and the Central Board of Indirect Taxes and Customs (CBIC) had endorsed banning of cryptocurrencies. The draft bill for banning cryptocurrency has been in the works for some time with Economic Affairs Secretary Subhash Chandra Garg leading the exercise. While strict law would soon be in place to deal with people indulging in trade of cryptocurrency, India is likely to have its own digital currency. "A decision on the launch of Digital Rupee would be taken after consulting the Reserve Bank of India (RBI)," said an official. Source
  4. According to Sophos Senior Security Advisor John Shier, organisations are struggling with phishing and other user-focused attacks in India. NEW DELHI: With more and more Indians going online and generating never-heard-before kind of data, hackers have turned their focus on a country with over 450 million smartphone users and more than 550 million Internet users. The country has 366 million Internet subscribers in urban locations and 194 million in rural areas, says the latest report by Telecom Regulatory Authority of India (TRAI). According to Sophos Senior Security Advisor John Shier, organisations are struggling with phishing and other user-focused attacks in India. "Most people don't believe that computer-based training (CBT) is effective and are looking for ways to improve their defenses against users being tricked into inviting malicious attackers into their network," Shier said in a statement. A KPMG report in April revealed that nearly 86 per cent of the consumers in India are concerned about eavesdropping of their conversations or theft or misuse of their messages through their devices. "The proliferation of connected and IoT devices will have a cross-sector impact on areas around data security and privacy. In response to this, regulators will need to establish mandatory data security requirements," said Atul Gupta, Leader-IT Advisory and Cyber Security Leader, KPMG in India. Around 87 per cent of the consumers are concerned that retailers will misuse or improperly distribute their information. According to Gauri Bajaj, Director, Cybersecurity (APAC), Tata Communications, the adoption of cyber security remains a key challenge. "The recent spate of cyber attacks only highlight the security risk that takes place both within and without the organisation. It is imperative that employees are sensitised to the risk of security breaches and trained to respond in such a scenario," Bajaj said. Not just phones, wearable devices like smartwatches are the next frontier for cyber security. "The future of wearable tech in the world of AI and predictive technology will be highly individualized, data driven and analytics intensive. One of the bigger applications of this will continue to be in the healthcare and fitness sector. "However, what is key to make this happen is also building a holistic ecosystem that tracks, guides and designs individualized plans for each individual, at a low cost," said Vishal Gondal, CEO and founder GOQii. It isn't enough to have an IT security team and having a strong culture around security is the next step in maturity for security awareness programmes, say experts. "Use a unique, complex password for banking and other financial online accounts. For others, use a password manager to keep them organised and readily available. Use Two-Factor Authentication (2FA) when available to provide an extra layer of security on accounts," Shier said. Be wary of clicking on emails from unknown sources or deals that look too good to be true. Cyber criminals use look-alike spam to lure in victims with links to bogus websites. Businesses should train employees on how to "spot a phish". "Use a layered business security strategy to provide protection at multiple levels to avoid attacks from different angles. Be wary of IoT devices on any network. Change factory default passwords immediately out of the box," the Sophos executive added. Source
  5. India expected to surpass the UK for second place in payment card fraud Prices for stolen Indian payment cards has also gone up by 150% in 2018 to around $17/card. Payment card fraud statistics for 2018 Image: Gemini Advisory Due to a booming cybercrime scene, India is expected to surpass the UK in 2019 and become the second-most targeted country for payment card fraud, behind the undisputed leader, the US. According to cybercrime statistics compiled by cyber-security firm Gemini Advisory, over 3.2 million Indian payment card records have been compromised and posted for sale online in 2018, a big jump from the previous year, when details for only 800,000 Indian payment cards had been posted on cybercrime forums. INDIA IS THE PERFECT TARGET FOR CYBERCRIME The sudden attention that India is receiving makes a lot of sense. The country is anticipated to overtake China to become the most populous country in the world by 2024, and India's economy is expected to surpass the UK economy by the end of the year. Coupled with a boom of India's middle class and the government's efforts to digitize the country, more and more Indians are now in possession of a payment card. But this sudden rise in valid payment cards has not been accompanied by similar investments in payment card security from the banking sector. Indian banks remain easy to hack, e-banking solutions are riddled with security flaws, and the ATM network is not under the same close observation like ATM networks in other countries, creating a fertile ground for cyber-attacks and financial fraud. CARD FRAUDSTERS RECOMMEND INDIA And the cybercrime scene has noticed. For starters, the country's neglected ATM network is now the place where most groups will try to cash-out stolen funds using cloned cards. "Threat actors in the dark web have previously recommended India as an ideal location for using ATMs to cash out of various compromised European cards with PIN data," Gemini Advisory researchers Stas Alforov and Christopher Thomas said in a report released yesterday. Similarly, because most Indian banks don't employ modern anti-fraud systems, Indian payment cards are also in hot demand, as they can be easily cloned and cashed out en-masse. Alforov and Thomas note that this realization on the side of cyber-criminal groups has led to a 150 percent surge in the sale price of Indian payment cards, which are now in hot demand. From a median price of $6.90 (approx. 478.02 Indian Rupees) in 2017, the average price for an Indian payment card is now at $17 (approx. 1,177.73 Indian Rupees). INDIAN BANKING SECTOR SLOWLY FIGHTING BACK However, the Indian financial sector has noticed cyber-criminals' attention as well, Gemini noted. The most important measure the Reserve Bank of India (RBI) has taken in recent months to combat this sudden rise in payment card fraud was to mandate that all ATMs and point-of-sale (POS) devices become EMV-compatible by January 1, 2019. Gemini says that by introducing and switching to EMV technology, cyber-criminal gangs will have to invest more time, effort, and funds into cloning EMV chip-based cards, rather than having to capture and clone only a magnetic stripe, as they did until recently. But how much the switch to EMV technology will decrease payment card fraud is unknown. The country's population, middle class, and economic boom might keep India as an attractive target for many cyber-criminal groups. Source
  6. A new advertisement for Surf Excel detergent, which shows a girl dropping her Muslim friend at a mosque to pray on Holi, has drawn a huge amount of flak on social media platforms as being anti-Hindu. And, apart from Facebook and Twitter, the keyboard nationalists have also taken to showing their displeasure by review-bombing Excel on the Google Play store. Not Surf Excel though—the negative reviews are turning up on Microsoft Excel. As of now, the number of negative reviews are still pretty low—but the controversy has only just started to brew, and this could well grow with time. One of the latest reviews, which gives the app 5 stars, states, “I used to like this app, until they partnered with Surf and made such a disgusting anti religious ad. Now where ever I read the word Excel I can only think of anti Hindu propaganda. Shame on you for doing this.” There is, of course, no partnership between Microsoft and Surf. The controversy around the Surf Excel ad is needlessly bizarre, as the advertisement promotes religious harmony and doesn’t actually make any negative statement, but logic and rhetoric are often divorced in India. A one-star rating review is much more direct and to the point. The user writes, “boykot sarf excel. hindu birodh hai. pakisthan me ja kar business kar.” (Boycott Surf Excel. It is anti-Hindu. Take your business to Pakistan.) Another, coming in late in the day, writes, “Ye hindu virodhi hai,” meaning “this is anti-Hindu.” This isn’t the first time that an app has seen its ratings plummet due to the anger of Google Play users. In the past, Snapdeal and Snapchat have seen their ratings on the Google Play store affected by angry users. Article Source: HuffPost India btw, here is the beautiful ad by SurfExcel This beautiful Ad has angered Sanghis and they want to Boycott Surf Excel. There are some things Surf Excel cant clean. The Filthy Mind of Bhakts is one of them
  7. Another security lapse involving India's national identity system A lapse in security has led to the leaking of over a hundred thousand Aadhaar numbers, TechCrunch can reveal. One of the web systems used to record attendance of government workers for the Indian state of Jharkhand was left exposed and without a password as far back as 2014, allowing anyone access to names, job titles, and partial phone numbers on 166,000 workers as of the time of writing. But the photo on each record page used the file name as that worker’s Aadhaar number, a confidential 12-digit number assigned to each Indian citizen as part of the country’s national identity and biometric database. The data leak isn’t a direct breach of the central database run by Aadhaar’s regulator, the Unique Identification Authority of India (UIDAI), but represents another lapse in responsibility from the authority charged with protecting its data. Aadhaar numbers aren’t strictly secret but are treated similarly to Social Security numbers. Anyone of the 1.23 billion Indian citizens enrolled in Aadhaar — more than 90 percent of the population — can use their unique number or their thumbprint to verify their identity in order to enroll in state services, like voting, welfare or financial assistance. Aadhaar users can even use their Aadhaar identity to open a bank account, get a SIM card, call an Uber, buy something on Amazon, or rent an Airbnb. But the system has been plagued with problems that have led to starvation in cases, and the illicit trade of citizen data on the underground market. It’s unclear why the Jharkhand government site was accessible to anyone who knew where to look, but little effort had been put in to ensure the security of the system — or even hide it from the outside world. The site was easily found on a subdomain of the state government’s website, but for long enough that it was indexed by Google, which cached copies of not only the site itself, but also its attendance record pages that still contain Aadhaar numbers in each worker’s photo. TechCrunch asked Baptiste Robert, a French security researcher who goes by the online handle Elliot Alderson, to take a look at the site. Robert has prior experience in revealing Aadhaar-related data leaks. Using less than a hundred lines of Python code, Robert demonstrated that it was easy for anyone to scrape the entire site in batches to download their photos and corresponding Aadhaar numbers. TechCrunch verified a small selection of Aadhaar numbers from the site using UIDAI’s own verification tool on its website. (We used a VPN in Bangalore as the page was unavailable in the U.S.). Each record came back as a positive match. After confirming our findings, we reached out to both the Jharkhand government and UIDAI. Jharkhand’s attendance site leaking worker data. At the time of publication, neither had responded, but the website had been pulled offline. The exposure may represent a fraction of the billion-plus users registered with Aadhaar, but uncovers yet another inadvertent disclosure of citizen data from a system that UIDAI claims is impenetrable. Instead of learning from mistakes and mishaps, UIDAI instead has shown a long history of rebuffing evidence of security incidents or breaches with mockery and declaring findings as “fake news,” by claiming to refute evidence without presenting any of its own. The leak of Aadhaar numbers may not be seen as sensitive compared to leaked biometric data. Former attorney general Mukul Rohtagi once called a separate leak of Aadhaar numbers “much ado about nothing.” But it’s raises fears that obtaining and misusing someone’s number could lead to identity theft and fraud — which reportedly peaked last year. Others have expressed concern that the system puts privacy at risk by recording information on a person’s life, which authorities can use to conduct surveillance on ordinary citizens. But the exposure alone contradicts the Indian government’s claims that the Aadhaar system as a whole is secure. In recent years, several security lapses involving data relating to Aadhaar have reignited fresh concerns about the centralized database — including several issues found by Robert. Last year, security researcher Karan Saini, a New Delhi-based security researcher, found a poorly-secured web address used by state-owned utility company Indane that had direct access to the Aadhaar database, allowing him to query results from the system. UIDAI rubbished the reports, baselessly claiming that there was “no truth to this story” in a series of tweets from its official Twitter account, despite evidence to the contrary. In the same year, India’s Tribune newspaper reported that some were selling direct access to the Aadhaar database. UIDAI responded by filing a complaint against the reporter with police. Despite the security concerns, India’s Supreme Court ruled the database constitutional in September after a long-running court battle. Source
  8. Amazon and Walmart have been dealt a big blow in India, one of their most important markets, as the local government tightens rules regarding how foreign ecommerce platforms sell goods and conduct business in the country. Above: Employees of Amazon India Under the current laws, foreign-owned ecommerce companies are not allowed to sell directly to customers (in other words, to operate under an inventory-based model of ecommerce). Instead, they can only provide a marketplace that acts as “an information technology platform” and serves as a facilitator between “buyer and seller.” To bypass this restriction, both Amazon and Flipkart, which sold a majority stake to Walmart last year, have acquired stakes in some of the biggest third-party sellers in the country. For instance, Amazon owns stake in parent companies of Cloudtail India and Appario Retail, while Flipkart until recently controlled WS Retail, the largest seller on its platform. In late December, the Indian government revised the policies to close the loophole. The policies, which go into effect tomorrow, prohibit Amazon and Flipkart from selling goods from companies in which they have a stake. The two companies were hoping the Department of Industrial Policy and Promotion, the government agency that issued the revised policies, would extend the February 1 deadline. But efforts to gain more time were unsuccessful. (At around 6:50 p.m. local time – 8.20 a.m. Pacific, the government said it won’t be extending the deadline.) “The Department had received some representations to extend the deadline of February 1, 2019 to comply with the conditions contained in the Press Note 2 of 2018 series on FDI Policy in e-Commerce issued by the Department. After due consideration, it has been decided, with the approval of the competent authority, not to extend the above deadline,” the government said in a statement today. As a result of this, both Amazon and Flipkart are preparing to comply with the new policies, which, among other changes, means that hundreds of thousands of goods, including Amazon’s own Kindle and Echo speaker lineup, will suddenly disappear from the online sites, multiple people familiar with the companies’ thinking have said. Amazon and Flipkart have explored various options in recent weeks, including holding talks with government officials, and have alerted their merchant partners to ensure they are ready to comply with the new policies, sources said. Commenting on DIPP’s notification today, an Amazon India spokesperson told VentureBeat, “While we remain committed to complying with all laws and regulations, we will continue to look to engage with the government to seek clarifications that help us decide our future course of action, as well as minimize the impact on our customers and sellers.” Flipkart did not respond to a request for comment. But in recent weeks, the company has warned the government that these new policies would cause “significant customer disruption.” Above: A look at how Amazon sells the Echo Dot on its US website and its India website. The revised policies say that Amazon, Flipkart, and any other foreign-owned player (or FDI, foreign direct investment) cannot have a single vendor purchase more than 25 percent of the inventory from the ecommerce’s business-to-business (wholesale) arm and then sell it on the same store. “Earlier, ecommerce players had a marketplace entity and a business-to-business playing entity, which would either sell on the marketplace or sell to other vendors participating in the marketplace,” Arjun Sinha, a New Delhi-based analyst and lawyer who studies policies, explained to VentureBeat. “They [the ecommerce companies] will have to look at these arrangements. Walmart will also need to check how much it can sell on Flipkart’s platform, and how much it can sell to merchants who sell on Flipkart. These structures would need to be relooked at to prevent indirect multi-brand retail,” Sinha said. An industry insider, speaking on condition of anonymity, said that many clauses in the policies are too ambiguous, so it would be especially challenging for Amazon and Flipkart to fully comply with them. For instance, Amazon has more than 400,000 partners in India. It would be a major pain point for the company to audit these partners’ books and ensure that they are playing fairly, the person said. The new policies also prevent Flipkart and Amazon from striking agreements that give third-party merchants exclusive rights to sell their products in the country. A look at the smartphone industry sheds more light on this issue. India is the fastest growing smartphone market, buoyed by Chinese vendors, many of which — including Xiaomi and OnePlus — entered the nation through partnerships with online platforms to cut overhead costs. Smartphones sales are crucial to Amazon and Flipkart, both of which count smartphones among the top three categories for their respective businesses. OnePlus, for instance, exclusively sells its handsets online through Amazon India. The Chinese company, which dominates the premium tier of the smartphone market in India, said this week that it willingly signed that partnership with Amazon. What is at stake? At stake is nothing short of India’s ecommerce market, which is estimated to grow to $200 billion by 2026. Amazon has invested more than $5.5 billion in its India operations, and Walmart paid $16 billion to snag Flipkart. The amendment to the policies could significantly derail the opportunities these companies see in India. Indeed, a draft analysis from global consultant PwC, first reported by Reuters this week, slated that the new ecommerce policy could reduce online sales by $46 billion by 2022. A representative of All India Online Vendors Association (AIOVA), a lobby group of over 30,000 online sellers, said the new policies are not the right solution to help small merchants — supposedly the rationale behind the government’s move — and accused the government of undertaking this task to appease shopkeepers and small business voters ahead of general elections. Some of the clauses mentioned in the new policy — including an ecommerce platforms’ inability to source more than 25 percent of goods from a single vendor — have been in place for more than two years. Ecommerce players worked around these laws for years while the government turned a blind eye, the AIOVA representative said. “Why is the government, months ahead of the elections, turning attention to this now?” the spokesperson asked. Indian government officials did not respond to a request for comment. “Government should realise their work doesn’t stop at policy making, but also requires enforcement. In [the] past, rules have not been enforced, circumvention and self certifications have led to a duopolised market. Government needs to disclose who is stopping these investigations from happening, which is leading to policy intervention,” an AIOVA spokesperson said. But some businesses have expressed approval of the new policy. Kunal Bahl, cofounder and CEO of Snapdeal, an ecommerce company that pivoted to cater to businesses two years ago after negotiations for a merger with Flipkart fell apart, said, “Snapdeal welcomes updates to FDI policy on ecommerce. Marketplaces are meant for genuine, independent sellers, many of whom are MSMEs (micro, small, and medium-sized enterprises). These changes will enable a level playing field for all sellers, helping them leverage the reach of ecommerce.” Retailers with a major presence in the offline market have decried the discounts Amazon and Flipkart have been offering to win customers in recent years. These are among the businesses in support of the new policy. Kishore Biyani is founder and CEO of Future Group, one of the largest brick-and-mortar retailers in India. Biyani said the new policy will force ecommerce players to rethink their entire game plan for India. “There was ambiguity in the previous policy, which some players were taking advantage of,” Biyani said in a televised interview with Indian channel ET Now. “India should always be first with these kinds of policies. Why can’t we build our own Alibaba, and Amazon?” This sense of nationalism was also on display earlier this month when Mukesh Ambani, who is the country’s richest man and runs Reliance Retail, the largest retailer in the country, announced the company’s intention to launch an ecommerce platform to challenge Amazon and Walmart. “We have to collectively launch a new movement against data colonization. For India to succeed in this data-driven revolution, we will have to migrate the control and ownership of Indian data back to India — in other words, Indian wealth back to every Indian,” he said at an event that was attended by Prime Minister Narendra Modi. Vijay Shekhar Sharma, founder and CEO of One97 Communications, which operates India’s largest mobile wallet app — Paytm — and also runs ecommerce arm Paytm Mall, declined to comment on the policy at a recent event in New Delhi. A spokesperson for Paytm said the company had no comment at this time. The government, which is expected to deliver an annual budget as soon as tomorrow, reportedly risks upsetting the U.S. administration with this new hardline approach. According to Reuters, the U.S. government has expressed concerns about the new ecommerce policies. Greg Hitt, speaking on behalf of Walmart, told the outlet that the Indian government should “certainly, as you would expect, have engaged the (United States) administration on this issue.” Update at 3:15 p.m. Pacific: Several Amazon-owned products, including select Echo smart speakers, as well as some travel bags, batteries, office supply items, and chargers under Basics brand, and some kitchen items under Presto and apparels under Shoppers Stop brands, have become unavailable on Amazon’s website. Source
  9. The government ID database, Aadhaar, became a victim to multiple data breaches which are reported to have compromised the database of 1.1 billion citizens of the country who were registered. In 2018, Cybercrime, more threatening than ever, instigated back to back data breaches across the world which endangered the personal records of millions of people and India is reported to be the largest victim of those breaches. The findings of the World Economic Forum's 14th edition of Global Risks Report 2019, stated the risks to which Environmental degradation is being exposed to; out of the top five most impactful global problems this year, four are related to climate. In 2019, geo-economic and geopolitical are the most vital concerns and 90 percent of experts are anticipating further conflict among the major powers. In January, the criminals were reported to be selling access to the personal records of citizens at a cost of 500 Rs for a time period of 10 minutes, while, in March, a leak allowed the names and ID numbers of the registered citizens to be downloaded by anyone. Other recent instances of data breaches include millions of users of Facebook and MyFitnessPal having their personal data compromised. The report by World Economic Forum outlined the deteriorated international relations which pose serious challenges. It highlighted the reduced ability of the world to battle urgent crises. Other aspects put forth by The Global Risks Report includes the rapid worsening of trade disputes, deterioration in economic and geopolitical conditions and worsened international cooperation. Furthermore, the findings of the reports indicated further challenges to multilateral trading rules and agreements. As per the eighty-five percent of the participants to 2019’s survey, heightened risks of "political confrontations between major powers" are expected as the year progresses. Beyond the short term, environmental dangers have continued to dominate the concerns of the survey participants for over 10 years. Referenced from the statements given by Borge Brende, President, World Economic Forum, "With global trade and economic growth at risk in 2019, there is a more urgent need than ever to renew the architecture of international cooperation. What we need now is coordinated, concerted action to sustain growth and to tackle the grave threats facing our world today," Source
  10. MUMBAI (Reuters) - A group representing online sellers in India will appeal against the Competition Commision of India’s (CCI’s) ruling in favour of Walmart-owned Flipkart, the group’s lawyer Chanakya Basa said in a release on Saturday. All India Online Vendors Association (AIOVA), which represents more than 3,500 online sellers, had complained that Flipkart was using its dominant position to favour select sellers. The CCI had rejected this argument in November. The CCI had said Flipkart as well as Amazon did not break regulations through their selection of merchants and brands. The AIOVA will appeal to the National Company Law Appellate Tribunal on Monday against the CCI decision, Basa told Reuters. “We firmly believe we have filed adequate information to prove the existence of a prima-facie case which the hon’ble Commission has failed to take into account. Hence, we are filing this appeal,” Basa said in a statement. The AIOVA has also brought a similar case against Amazon, alleging it favours merchants that it partly owns, such as Cloudtail and Appario. India has a burgeoning e-commerce market, with almost 500 million Indians using the internet in 2018. The market is tipped to grow to $200 billion in a decade, according to Morgan Stanley. Source
  11. NEW DELHI (Reuters) - Global social media and technology giants are gearing up to fight sweeping new rules proposed by the Indian government that would require them to actively regulate content in one of the world’s biggest Internet markets, sources close to the matter told Reuters. The rules, proposed by the Information Technology ministry on Christmas Eve, would compel platforms such as Facebook, its messaging service WhatsApp and Twitter to remove unlawful content, such as anything that affected the “sovereignty and integrity of India”. This had to be done within 24 hours, the rules propose. The proposal, which caught many holidaying industry executives off guard, is open for public comment until Jan. 31. It will then be adopted as law, with or without changes. The move comes ahead of India’s national election due by May and amid rising worries that activists could misuse social media, especially the WhatsApp messaging service, to spread fake news and sway voters. Industry executives and civil rights activists say the rules smack of censorship and could be used by the government of Prime Minister Narendra Modi to increase surveillance and crack down on dissent. Social media firms have long battled efforts by governments around the world to hold them responsible for what users post on their platforms. U.S. and India lobby groups, representing Facebook and other companies, have sought legal opinions from law firms on the impact of the federal proposal, and have started working on drafting objections to be filed with the IT ministry, four sources in the sector said. “The companies can’t take this lying down. We are all concerned, it’s fundamental to how these platforms are governed,” said an executive at a global social media company. An estimated half a billion people in India have access to the Internet. Facebook has about 300 million users in the country and WhatsApp has more than 200 million. Tens of millions of Indians use Twitter. The new rules, the sources said, would put privacy of users at risk and raise costs by requiring onerous round-the-clock monitoring of online content. Internet firm Mozilla Corp said last week the proposal was a “blunt and disproportionate” solution to the problem of harmful content online, and one which could lead to over-censorship and “chill free expression”. The IT ministry has said the proposal was aimed at only making social media safer. “This is not an effort to curb freedom of speech, or (impose) censorship,” Gopalakrishnan S., a joint secretary at India’s IT ministry said on Saturday when the ministry ran a #SaferSocialMedia campaign on Twitter. Facebook and WhatsApp declined to comment. A Twitter spokesperson said the company continues to engage with the IT Ministry and civil society on the proposed rules. “This will be like a sword hanging on technology companies,” said Nikhil Narendran, a partner specializing in technology law at Indian law firm Trilegal. TIGHT REGULATIONS Such regulations are not unique to India. Vietnam has asked tech companies to open local offices and store data domestically, while Australia’s parliament has passed a bill to force companies to give police access to encrypted data. Germany requires social media companies to remove illegal hate speech within 24 hours or face fines. Nevertheless, the proposal would further strain relations between India and global technology firms. They have been at odds since last year due to federal proposals requiring them to store more user data locally to better assist legal investigations. The new rules, called “intermediary guidelines”, also propose requiring companies with more than 5 million users in India to have a local office and a nodal officer for “24x7 coordination with law enforcement”. When asked by a government agency or through a court order, companies should within 24 hours “remove or disable access” to “unlawful” content, they stipulate. The rules also mandate companies to reveal the origin of a message when asked, which if enforced would deal a blow to WhatsApp which boasts of end-to-end encryption to protect user privacy. WhatsApp has battled criticism after fake messages about child kidnap gangs on its platform sparked mob lynchings in India last year. “You have created a monster, you should have the ability to control the monster,” a senior government official said, referring to WhatsApp. “We remain flexible in principle (to suggestions), but we definitely want them to be more accountable, especially the big companies,” the official said. Source
  12. LUCKNOW: When Ashutosh, 24, approached an online agency for a home-tuition job, he was conned into a contract and whisked into a dim-lit room surrounded by women and asked to do body massage. Three others also fell victim to this online fraud. In another bizarre case, Preeti Singh, 38, employed with a bio-fertilizer firm, received an email on resignations of top executives, firm’s bankruptcy details and new products in the pipeline. Later, it was found that mail accounts of the honchos were hacked. These cases are a window to the sudden spurt in cybercrime in 2018 in the city even as violent crimes saw a drastic dip in comparison to 2017. In fact, cybercrime cases rose by 142% over the previous year, according to a police dossier. Also, number of cybercrime cases were less than violent incidents in 2017, but skyrocketed in 2018. In 2017, at least 864 cybercrime incidents, including phishing, card cloning, financial swindling via social networking sites and job-related frauds were reported in the city, but in 2018, cybercrime cases doubled to 2,085. On the other hand, violent crimes — dacoity, murder, rape, kidnapping and loot — accounted for 910 cases in 2017 and declined by 8% in 2018 to 842 incidents. Data shows the cybercrime case count was less than violent crimes in the city till 2017. But rise in digital transactions after demonetization in 2016 and the rapid spread in net connectivity triggered a surge in cybercrime last year. In 2016, cybercrime cases dipped by 40% against violent crimes Number of cybercrime cases rose from 728 in 2016 to 864 in 2017 and galloped to 2,085 in 2018. In contrast, violent crime cases declined from 1,222 in 2016 to 910 in 2017 and further dipped to 842 in 2018. An analysis shows cybercrime cases were 40% less than violent crimes, but the gap narrowed by 5% in 2017, but surged ahead by 142% in the last calendar year. SSP Lucknow Kalanidhi Naithani said after demonetisation, more people began using e-wallets and debit, credit cards and became targets. The addition of 30% new users in the digital medium in 2017 also led to increase in cybercrime, he said. Independent cyber expert Adarsh Dubey, however, says increase in connectivity is not the sole reason. “Police force is poorly equipped. They still depend on old techniques of tracing IP address, then sending it to social media firms for tracing miscreants through ‘dark web’. Policemen are still unaware of crypto currency, block chain frauds and more such cases will be reported, he said. Source
  13. Reliance Jio, the third largest mobile carrier in India, is blocking access to several proxy and VPN sites that allow users to anonymously browse the web and sidestep internet service providers’ content restrictions online. Quartz reported the incident today, following reports from several Redditors in a thread from last week. That’s worrying, because it indicates that Jio – which claims to have 250 million subscribers (PDF) and offers some of the cheapest data plans in the world – is in violation of net neutrality principles that state that ISPs should treat all online traffic equally. The government approved these principles last August. TNW tested the sites listed – Hide.me, VPNbook, Hidester, Kproxy, Proxysite, Proxy.toolur, and Megaproxy – and found them to blocked on Jio. The same sites were accessible via other ISPs and mobile carriers like ACT and Airtel. That could mean Jio is blocking these sites without any government directives. The news follows India’s nationwide ban on more than 800 porn sites last October. At that time, Jio was believed to have begun blocking those sites before other ISPs in the country. Jio hasn’t yet shared a response to our questions about the latest site blocks; we’ll update this post when we learn more. India is notorious for blocking internet access and banning specific sites – not only because of the number of such incidents, but also because of the lack of transparency from the government when it comes to these restrictions. It’s alarming to see this sort of behavior extending to private ISPs. Source
  14. India is days away from officially unveiling what will be the world's tallest statue, standing at an incredible 182 metres tall. Dubbed The Statue of Unity, it is modelled after Sardar Vallabhbhai Patel, who was a key figure in the struggle for Indian independence from British colonial rule in the 1940s. Located alongside the Narmada River in Gujarat, on the western coast of India, it is nearly 30 metres taller than the current record holder — the Spring Temple Buddha in China — and almost double the height of the Statue of Liberty. The project, which cost a reported $580 million, was by announced in 2010 by Prime Minister Narendra Modi, who will be on hand to lead the official unveiling on October 31. Mr Modi said in 2013 that the statue would be "a symbol of India rising". "I want people from all over the world to see this statue just like they go see America's Statue of Liberty or Paris's [Eiffel] Tower," he said. "This was a dream for many years. Many people added new colour to this dream, they gave suggestions and after a lot of churning, this has happened. "Many people have inspired and blessed us and I thank them today." A museum and a hotel will also open next to the statue to encourage visitors and tourism from all over the world, and the project will reportedly generate near on 15,000 jobs. Known as the "Iron Man" of India, Patel was India's first home minister and first deputy prime minister and was a major figure in the unification of the country. Ironically, while he was alive Patel was said to be against the building of statues and memorials to glorify people. Source
  15. The report also recognises India as one of the top 10 improvers in this year’s assessment, for the second successive time. India is the only large country this year to have achieved such a significant shift. India leapfrogged to the 77th rank in the World Bank's latest Ease of Doing Business rankings, jumping 23 notches from last year, a news that is likely to bring cheer for the Narendra Modi-government that is caught in an apparent turf battle with the Reserve Bank of India (RBI). The report also recognises India as one of the top 10 improvers in this year’s assessment, for the second successive time. India is the only large country this year to have achieved such a significant shift. The jump is significant, as it comes after last year’s 30-rung climb when India moved into the top 100 rankings among 190 countries. India has improved its rank by 53 positions in the last two years, and 65 positions in the last four years (2014-18). On the “distance to frontier metric”, a measure to gauge how far an economy’s policies are from global best practices, India’s score improved to 67.23 from 60.76 last year. This means last year India improved its business regulations in absolute terms – indicating that the country is continuing its steady shift towards global standards. The annual report, which ranks countries on business-friendliness, procedural ease, regulatory architecture and absence of bureaucratic red tape, could not have come at a more opportune time for the government that is caught in a perception battle with the RBI's autonomy. India is in the top 10 of Protecting Minority Investors (Rank 7). “India continued its reform agenda, implementing six reforms in the past year. India is now the region’s top-ranked economy,” the World Bank said, ahead of Bhutan (81) and Sri Lanka (100), Nepal (110), the Maldives (139), Pakistan (136) and Afghanistan (167) and Bangladesh (176). India has improved its rank in six out of the 10 indicators and has moved closer to international best practices on seven out of 10 indicators. The most dramatic improvements have been registered in the indicators related to 'Construction Permits' and 'Trading Across Borders'. In the 'Grant of Construction Permits' indicator, India’s ranking improved from 181 last year to 52 in this year’s report—a jump of 129 ranks in a single year. In the 'Trading Among Borders' indicator, India’s rank improved by 66 positions, moving from 146 in 2017 to 80 in 2018. India reduced the time and cost to export and import through various initiatives, including the implementation of electronic sealing of containers, the upgrading of port infrastructure and allowing electronic submission of supporting documents with digital signatures, the World Bank said. In the World Bank Group’s annual ease of doing business rankings, the top 10 economies are New Zealand, Singapore and Denmark, which retain their first, second and third spots, respectively, for a second consecutive year, followed by Hong Kong SAR, China; Republic of Korea; Georgia; Norway; United States; United Kingdom and FYR Macedonia. Many took to Twitter to celebrate the development. "Today, India’s stands at 77 in WB Doing Business 2019. In 3 years, we have improved our ranking by 65 points - no country of India’s size and complexity has achieved this. Demonstrates that in India, transformative changes are possible if we put our minds to it," says Amitabh Kant, CEO of NITI Aayog. "India has done it again! Under the able leadership of Hon'ble PM Shri @narendramodi ji, India jumped the #EaseofDoingBusinessRankings by 23 this year to be ranked at 77. #IndiaMeansBusiness #EoDB," tweeted Suresh Prabhu. "We have made notable improvements in 6 important #EoDB indicators and are steadily moving towards implementation of international best practices. India is now ranked 1st among South Asian countries compared to 6th rank in 2014," he tweeted. The Commerce Minister gave out a list of tweets with graphics that say how India improved on many fronts including the ease of securing construction permits, getting an electricity connection, paying taxes and zero-fee for reducing under the shops and establishments act. Source
  16. Global Internet security firm Quick Heal Technologies has detected more than 180 million threats on desktops and laptops with Windows Operating System in India. According to the quarterly threat report released by the firm on Wednesday, more than 2 million malware, 16,000 ransomware, 13,000 crypto-mining malware, 141,000 exploits, and 40,488 potentially unwanted applications (PUAs) and adware are detected on a daily basis. “More than 18 crore threats were detected on Windows devices of individual and enterprise users between April and June 2018. May was the busiest month, with more than 74 million incidents detected, followed by April and June that witnessed 55 million and 51 million detections respectively,” a Quarterly Threat Report 2018 said. “The absence of appropriate cybersecurity measures has also made users and businesses across India more vulnerable to emerging threats,” it further added. Joint Managing Director and Chief Technology Officer, Sanjay Katkar said in a statement, "Cybercriminals are at a completely different level today than they were a few years ago. They are using novel technologies to drive increasingly-complex attacks and are targeting larger user bases." "The latest threat report highlights this risk that individuals and businesses in India currently face with this evolution of the threat landscape," Katkar said. The Trojan Horse families have registered a quarter-on-quarter growth of four percent in the second quarter of 2018 and remained the most dominant malware in this quarter also. “Individual users and businesses across India need to understand the massive risk that they are exposed to at present. Ignorance is not a viable cybersecurity strategy. The need of the hour is to drive large-scale adoption of cutting-edge security solutions such as those offered by Quick Heal and Seqrite,” he said. However, the rise of cryptojacking remains the biggest worry, as it is getting direct monetary benefits to cybercriminals. “Cryptojacking attacks remain undetected for a long time and can often be used as a platform to launch other complex attacks…over 3 million cryptojacking hits were detected till May 2018, with the number of active mobile cryptojacking variants increasing to 25,” the report said. Quick Heal Quarterly Threat Report, Q2 2018 PDF http://www.quickheal.co.in/documents/threat-report/Quick-Heal-Quarterly-Threat-Report-Q2-2018.pdf Source
  17. PepsiCo really doesn’t want anyone talking shit about its corn puffs online. There is a rumor that Kurkure, a corn puff product developed by the company in India, is made of plastic. The conspiracy theory naturally thrived online, where people posted mocking videos and posts questioning whether the snack contained plastic. In response, PepsiCo obtained an interim order from the Delhi High Court to block all references to this conspiracy theory online in the country, MediaNama reports. Hundreds of posts claiming that Kurkure contains plastic have already been blocked across Facebook, Twitter, Instagram, and YouTube, according to LiveMint, and the court order requires social networks to continue to block such posts. According to MediaNama, PepsiCo petitioned for 3412 Facebook links, 20244 Facebook posts, 242 YouTube videos, six Instagram links, and 562 tweets to be removed, a request the court has granted. Source
  18. INDIAN AUTHORITIES are putting their collective foot down with banks who are still using Windows XP in their ATMs. The Central Banking Authority of India RBI has told banks that they have one year to sort the mess out - that's June 2019 - or they will be fined. In the shorter term, banks have two months in which to upgrade to the latest version of Windows XP, add a BIOS password and disable any USB ports. All pretty obvious stuff, except that so far, there's been something of a disconnect between "obvious" and "actually doing it". Banks should have the latest operating systems up and running on at least 25 per cent of machines by the end of September, and all their ATMs by the end of June 2019. By March 2019, banks are expected to have an anti-skimming method in place to protect cards. And by the end of this year, the target is to have half of machines running up to date services, with 75 per cent by March 2019. The fact of the matter is, despite being an emerging super-state in terms of finance, the cash machine network is one area where there has been a complete failure to move with the times. As such, the banks will have to throw a lot of money at getting their systems up to code. By the time of this deadline, Windows XP will have been beyond End of Life for five years. At the time of writing, Windows XP has a 2.85 per cent market share globally (based on figures from Netmarketshare), but that covers everything from IoT right up to workstations. Nevertheless, it is still used on more machines that Windows 8.1 and significantly more than macOS versions 10.12 and 10.13 combined. The news comes as a rat was discovered last week in an ATM in the North East of India, having been out of service for over three weeks. During that time, the rat had literally eaten itself to death, gorging on 1.3m Rupees (about £14,000). We're not convinced that switching from Windows XP would have made much difference to that one. Source
  19. tao

    After the Miracle

    For a generation, Americans have been outsourcing work to India, where companies like Infosys grew bigger than Facebook and Google combined and created a new middle class. It seemed as though the boom would last forever. On March 15, a new ad campaign appeared on the trains and platforms of San Francisco’s BART system. “U.S. TECH WORKERS!” the ads exhorted in stark block letters beneath an image of a laptop screen displaying a raised fist. “Your companies think you are EXPENSIVE, UNDESERVING & EXPENDABLE. Congress, fix H-1B law so companies must Seek & Hire U.S. Workers!” There were 350 posters in all, bought for $80,000 by an organization called Progressives for Immigration Reform. Some commuters complained that the ads were hostile to immigrants. A BART spokesperson said the ads “contradict our values,” but that it had no choice but to run them. The actual target of the ads went unnamed but was easy to discern: Indian information technology outsourcing companies. Each year, the U.S. government makes available 85,000 H-1B visas, which grant renewable three-year entry for skilled workers, and Indian tech companies have typically been awarded more than two-thirds of them. It’s a small fraction of the 4 million Indians who work in the IT services industry — but a crucial one. And one company, often applying for twice as many visas as its closest competitor, dominates the H-1B process: a Bangalore-based firm called Infosys. Founded in 1981, Infosys has a deep, although usually imperceptible, presence in America. Sixty percent of Infosys’s $10 billion in annual revenue comes from the United States. Infosys operates an IT center for Harley-Davidson in Milwaukee. It built an employee-communication system for Kellogg’s in Battle Creek, Michigan, and the Obamacare exchange for the District of Columbia. For the Minnesota-based school-picture company Lifetouch, which photographs more than half of all American students, Infosys designed and runs a system for scheduling senior portraits. The names of many other Infosys clients are held in confidence — because the company handles so much proprietary information and because clients don’t always want to reveal how much they benefit from Indian labor. Although Bank of America and Apple are not named as clients in Infosys’s annual report, they are reportedly the company’s two largest contracts. Suffice it to say that if you have money in a major bank, or use an iPhone, or buy things online, you’ve almost certainly used software that Infosys designs or maintains. In the company’s early years, Infosys engineers worked as mostly invisible digital construction workers and custodians, writing and testing software code for corporations that didn’t want to do it themselves. Today, its 200,000 employees do almost anything that falls under the ever-expanding umbrella of technology services, but it specializes in bespoke software, customized or built from scratch for the particular demands of specific clients, which is why it needs so many H-1B visas. If, for instance, Infosys is designing software to help a clothing retailer manage its inventory (which it has done for companies from Reebok to Nordstrom), part of the tech team needs to embed itself with the retailer to study its operations and discover precisely what software it requires. More than any other company, Infosys is responsible for lending India its current stereotype as a nation of computer whizzes. It helped transform, for better or worse, the leafy, laid-back city of Bangalore into a gridlocked megalopolis. The company’s founder, Narayana Murthy, and his wife, the author and philanthropist Sudha Murty, are India’s Bill and Melinda Gates. “Infosys created the Indian middle class,” Kris Lakshmikanth, the founder of a Bangalore-based executive search firm, told me. The IT industry it shaped now accounts for 9.3 percent of India’s GDP. But in the past year, Infosys and its competitors entered an unprecedented era of anxiety. “The market is in flux — there’s a lot of noise and confusion,” said Phil Fersht, the founder of HfS Research, the leading analysis firm of the IT services industry. “The level of offshoring of IT services has taken a massive dip since Trump got in.” [...] If interested, please read the rather long, informative (and non-political) article < here >.
  20. The Nipah virus outbreak in southern India this week has prompted the Coalition for Epidemic Preparedness Innovations (CEPI), a global alliance of governments and non-profits, to step up efforts to find a cure for the deadly disease. The virus has claimed the lives of at least 12 people over the past many days in the western coastal state of Kerala, sparking global concerns as the World Health Organization (WHO) has listed the Nipah infection as a public health risk with epidemic potential. On May 24, CEPI said it would grant up to $25 million over the next five years to US pharma firms Profectus BioSciences and Emergent BioSolutions to advance the development of a vaccine against the viral infection, which has proved to be fatal in 70% of cases. Over the past few weeks, many in Kerala have been kept under observation as they are suspected to have contracted the virus. Two persons in the neighbouring state of Karnataka, too, are under observation. “The current outbreak of Nipah in India, the government of which is one of CEPI’s founders, demonstrates that this is a deadly pathogen that has already travelled thousands of kilometres, (and) has serious epidemic potential and the ability to surprise us,” Richard Hatchett, CEO of CEPI, said in a statement. The Nipah virus is spread through contact with the saliva, urine, or excreta of fruit bats, which are its natural hosts. These animals are found all over south and southeast Asia. The first outbreak of the disease occurred in a Malaysian village in 1998, leading to over 100 deaths, including those of many farmers who had contracted it through their pigs. Since then, outbreaks have occurred almost every year in Bangladesh, and twice before in the Indian state of West Bengal. More worryingly, doctors found that the virus could spread among humans via contact with infected patients. Between 1998 and 2015, over 600 cases have been recorded in total, according to the WHO. In 2015, the WHO added the virus to its list of diseases that require urgent research attention. But so far there’s been no cure. The Nipah virus infection’s early symptoms are similar to those that come with influenza, notably fever and muscle ache, but it can then seriously affect the respiratory and central nervous systems, and even lead to encephalitis (brain inflammation). Without a dedicated vaccine, doctors can only treat the fever and neurological symptoms. The CEPI, set up in 2017 to fund the development of the world’s most crucial vaccines, identified the Nipah virus as one of its key targets from the start. With its funding, Profectus BioSciences and Emergent BioSolutions will be working on a vaccine for humans based on virus technology developed over 15 years ago by researchers Christopher Broder and Katharine Bossart at the Uniformed Services University of the Health Sciences. Since 2012, a formulation of the vaccine has reportedly been used in Australia to prevent infections in horses from the Hendra virus, which like Nipah comes under the bat-borne Henipavirus genus. But it could take many years before the vaccine is ready for humans. < Here >
  21. niTe_RiDeR_Pr0

    [POLL] Are you an Indian?

    Hi, Out of curiosity I just wanted to know how many Indians are out there in this forum? And the ratio between Indians & other country members. I am an Indian, my real name is Adithya R and I stay in Bangalore. My native place is Thrissur, Kerala, India. Jai Hind! Cheers & Regards
  22. A new data leak hits Aadhaar, India's national ID database Exclusive: The data leak affects potentially every Indian citizen subscribed to the database. By Zack Whittaker March 23, 2018 -- 20:00 GMT (13:00 PDT) India's national ID database has been hit by yet another major security lapse. Known as Aadhaar, the government ID database is packed with identity and biometric information -- like fingerprints and iris scans -- on more than 1.1 billion registered Indian citizens, official figures show. Anyone in the database can use their data -- or their thumbprint -- to open a bank account, buy a cellular SIM card, enroll in utilities, and even receive state aid or financial assistance. Even companies, like Amazon and Uber, can tap into the Aadhaar database to identify their customers. Enrolling in the database isn't mandatory, but Indian citizens who aren't subscribed are unable to access even basic government services. Other countries are set to follow India's lead. But the system has been dogged with security problems -- including, according to India's Tribune, a data breach. India's ruling Bharatiya Janata political party later called the report "fake news." Now, the database is leaking information on every Aadhaar holder, a security researcher has told ZDNet. A data leak on a system run by a state-owned utility company can allow anyone to download private information on all Aadhaar holders, exposing their names, their unique 12-digit identity numbers, and information about services they are connected to, such as their bank details and other private information. Karan Saini, a New Delhi-based security researcher who found the vulnerable endpoint, said that anyone with an Aadhaar number is affected. Yet the Indian authorities have done nothing to fix the flaw. ZDNet spent more than a month trying to contact the Indian authorities, but nobody responded to our repeated emails. We later contacted the Indian Consulate in New York and alerted Devi Prasad Misra, consul for trade and customs. Over two weeks, this issue was explained in detail, and we responded to many follow-up questions. A week passed, and the vulnerability was still not fixed. At the start of this week, we told the consul that we would publish our story on Friday and requested comment from the Indian government. The consul did not respond to that last email. At the time of publishing, the affected system is still online and vulnerable. For that reason, we're withholding specific details about the vulnerability until it's fixed. (Once it has been fixed, we will update the story with additional details.) The utility provider, which we are not naming, has access to the Aadhaar database through an API, which the company relies on to check a customer's status and verify their identity. But because the company hasn't secured the API, it's possible to retrieve private data on each Aadhaar holder, regardless of whether they're a customer of the utility provider or not. The API's endpoint -- a URL that we are not publishing -- has no access controls in place, said Saini. The affected endpoint uses a hardcoded access token, which, when decoded, translates to "INDAADHAARSECURESTATUS," allowing anyone to query Aadhaar numbers against the database without any additional authentication. Saini also found that the API doesn't have any rate limiting in place, allowing an attacker to cycle through every permutation -- potentially trillions -- of Aadhaar numbers and obtain information each time a successful result is hit. He explained that it would be possible to enumerate Aadhaar numbers by cycling through combinations, such as 1234 5678 0000 to 1234 5678 9999. "An attacker is bound to find some valid Aadhaar numbers there which could then be used to find their corresponding details," he said. And because there is no rate limiting, Saini said he could send thousands of requests each minute -- just from one computer. When Saini ran a handful of Aadhaar numbers (from friends who gave him permission) through the endpoint, the server's response included the Aadhaar holder's full name and their consumer number -- a unique customer number used by that utility provider. The response also reveals information on connected bank accounts, said Saini. Screenshots seen by ZDNet reveal details about which bank that person uses -- though, no other banking information was returned. That seems to contradict a tweet by India's Unique Identification Authority (UIDAI), the government department that administers the Aadhaar database, which said: "Aadhaar database does not keep any information about bank accounts." Another tweet on the same day by Ravi Shankar Prasad, India's minister for electronics and information technology, also said: "Aadhaar does not save the details of your bank account." The endpoint doesn't just pull data on the utility provider's customers; the API allows access to Aadhaar holders' information who have connections with other utility companies, as well. "From the requests that were sent to check for a rate limiting issue and determine the possibility of stumbling across valid Aadhaar numbers, I have found that this information is not retrieved from a static database or a one-off data grab, but is clearly being updated -- from as early as 2014 to mid 2017," he told ZDNet. "I cannot speculate whether it is UIDAI that is providing this information to [the utility provider], or if the banks or gas companies are, but it seems that everyone's information is available, with no authentication -- no rate limit, nothing." That data on the face of it may not be seen as sensitive as leaked or exposed biometric data, but it nevertheless contradicts the Indian government's claims that the database is secure. India's former attorney general Mukul Rohtagi once said that a previous leak of Aadhaar numbers is "much ado about nothing." But access to Aadhaar numbers and corresponding names increases the risk of identity theft, or could lead to impersonation. It's long been believed that identity theft is one of the biggest issues faced by both UIDAI and Aadhaar number holders. It's been reported that linking Aadhaar numbers to SIM cards has led to stolen money and fraud. The controversy surrounding the Aadhaar database has been ongoing. A month ahead of the Indian election in 2014, would-be prime minister Narendra Modi called the database's security into question. "On Aadhaar, neither the team that I met nor PM could answer my [questions] on security threat it can pose. There is no vision, only political gimmick," said Modi in a tweet. Now, his government is currently defending the identity scheme in front of the country's Supreme Court. Critics have called the database unconstitutional. Until the court rules on the case, subscribing to the database won't be mandatory for Indian citizens. But that might not be much solace for those whose information has been already collected. SOURCE
  23. Organic chemist Asima Chatterjee paved the way for Indian women in science and improved the odds of survival for patients with cancer, epilepsy, and malaria. Born in 1917, when India was still a British colony, she grew up in a relatively comfortable middle-class family in Calcutta, where she was encouraged to pursue an education -- although it's unlikely that anyone expected her to pursue it as far as she did. Chatterjee completed a Masters degree in organic chemistry at the University of Calcutta in 1938, and six years later she became the first woman in India to earn a doctorate in science. Around that time, she founded the Department of Chemistry at Lady Brabourne College, a women's college affiliated with the University of Calcutta. Throughout her long and prolific career, Chatterjee's research focused on chemical compounds produced by plants native to the Indian subcontinent. Her work on a group of chemical compounds from the Madagascar periwinkle plant, called vinca alkaloids, contributed to the development of drugs used in chemotherapy to slow the growth of some types of cancer by preventing cells from dividing. Other research led to an anti-convulsive drug called Ayush-56, which helped treat epilepsy, and several anti-malarial drugs. She published around 400 papers and several volumes on Indian medicinal plants and their chemistry. Chatterjee died on November 22, 2006. Today marks her 100th birthday. < Here > If interested, you may also like to read, "Asima Chatterjee: 5 Fast Facts You Need to Know".
  24. Someone high up in Indian politics with something to hide? The Indian government has blocked the Internet Archive in the country - without prior warning or explanation. Users in Delhi and Bangalore, particularly those using the Airtel ISP, are being greeted by the following message when attempting to access the Wayback Machine: "Your requested URL has been blocked as per the directions received from the Department of Telecommunications, Government of India. Please contact administrator for more information." Unfortunately, no one at the ISP seems to know either, or if they do, they aren't telling. For the uninitiated, the Wayback Machine has been taking snapshots of the internet for the past two decades and more, and can, therefore, show previous versions of web pages, of news stories and even revive the last known configuration of a web page long since offline. In total it is estimated it allows users to access 302 billion cached web pages. In the past, India has been responsible for blocking sites including Github and Wordpress (as well as the predictable stuff like porn sites). More recently it blocked video sites such as Vimeo and Daily Motion for ‘failing to control' access to what it described as "Jihadi propaganda". Some experts have speculated that the ban is because the Internet Archive allows citizens to access documents, since removed, from the Aadhaar citizen ID program (sort of like an NI number in the UK) managed by the Unique Identification Authority of India, and heavily criticised for being light on security and heavy on data leaking. "Obviously, we are disappointed and concerned by this situation and are very eager to understand why it's happening and see full access restored," Internet Archive office manager Chris Butler told Medianama. The Internet Archive has said it has had no contact with the Indian government and has had no response to its own enquiries. Inevitably, at some point, the government is either going to have to explain or lift the block. Article source
  25. PayPal’s two labs will support projects in the field of Machine Learning, AI, Data Science, IoT, AR, VR, and basic robotics Bangalore: PayPal, a global online payments provider, today announced the launch of its newest Innovation Labs at the Chennai and Bangalore Tech centres. The lab is the first by PayPal in India and its third after the USA and Singapore. The lab will serve as a platform to promote innovation which is a core value for PayPal globally. These innovation labs will actively support innovation across diverse fields including machine learning, Artificial Intelligence, data science, IoT, penetration testing, software defined radios and wireless communication, VR/AR, computer vision and basic robotics. The facility will also house a diverse range of hardware and gadgets for PayPal employees to experience and tinker. The equipment includes Raspberry Pi with full sensor kit, AlphaBot kit, IoT kit, Amazon Echo, AIY kit, Leap motion, 3D printer as well as Proxmark 3 Kit, HackRF One and Ubertooth One for computer security enthusiasts. “India is a hotbed for innovation given its evolving startup ecosystem, diverse merchant profiles and enormous talent pool. To cater to their needs in the most effective manner, we are delighted to announce the launch of our newest Innovation Lab in India, where the focus will be on fueling new age technology and giving rise to unconventional ideas with the potential to transform the ecosystem we operate in,” said Mike Todasco, Director of Innovation, PayPal. With a focus on three core areas – Productivity, Innovation, and Education, these facilities will serve as spaces to build and refine new and advanced technologies and will create a forum for employees to engage and ideate across a spectrum of themes. “With over one lakh 45 thousand registered patents between 2013-16 to its credit, India’s innovation potential is enormous and will certainly break benchmarks with the right kind of encouragement. Enabling innovation and creating amazing experiences for our customers is at the heart of PayPal’s global success and the Innovation Lab is another step to foster this spirit in our development centers in India,” said Guru Bhat, GM Technology & Head of Engineering– PayPal. These labs will also be integrated with some of PayPal’s on-going initiatives such as the PayPal Incubator, launched in 2013, with the objective of developing and nurturing the next generation of fintech startups. < Here >
×
×
  • Create New...