Aarogya setu has no security issues says govt on ethical hacker’s
. The allegations are based on amateur attempts to change the location and data correlation to be portrayed as hacking. The app showed similar data to anyone in a particular location Will happen.” “Senior government officials said.
New Delhi: Government officials have refuted claims by the ethical hacker Elliot Alderson that the Arogya Setu App was hacked.
And yes, yesterday:
– 5 people felt unwell at the PMO office
– 2 unwell at the Indian Army Headquarters
– 1 infected people at the Indian parliament
– 3 infected at the Home Office
Should I continue?
— Elliot Alderson (@fs0c131y) May 6, 2020
“There is no hacking or privacy breach in the Arogya Setu. The allegations are based on amateur attempts to change the location and data correlation to be portrayed as hacking. Aarogya setu has no security issues The app showed similar data to anyone in a particular location Will happen.” “Senior government officials said on condition of anonymity. They said such claims were an attempt to attract attention and immoral. Officials said,” To attract attention when we are in the midst of an epidemic. Do not indulge in petty efforts. Ethics is important. “
Alderson claimed that on Tuesday, five people felt unwell in the PMO office, two in the Indian Army headquarters, one in the Indian Parliament, and three in the Home Office. Alderson claimed that on Tuesday a cyber-attacker could find out who is infected and unwell and conducted a self-assessment in the field of his choice. “Originally, I was able to see if anyone was sick in the PMO office or the Indian Parliament. Aarogya setu has no security issues I was able to see if anyone was sick in a specific house if I wanted to,” Alderson tweeted.
The Arogya Setu team released a statement earlier in the day stating that they were alerted by a moral hacker of the possible security issue of Arogya Setu and had discussed the matter with them.
At the point that a user can get COVID-19 stats displayed on the home screen by changing the radius and latitude-longitude using the script, the Arogya Setu team said: “The radius parameters are fixed and only one of the five values Can take: 500 m, 1 km, 2 km. 5 km and 10 km. Any other value 1 as part of the “distance” HTTP header. Gets default m. “
The team further stated that a user can change latitude/longitude to get data for multiple locations. In this way, obtaining data for multiple latitude longitudes is no different from asking many people at their location COVID-19. Aarogya setu has no security issues All this information is already public to all locations and therefore does not compromise on any personal or sensitive data. No personal information of any user has been proved to be endangered by this ethical hacker, ”the team said in a statement….