New Delhi: The French hacker under the pseudonym Elliot Alderson on Wednesday claimed that the Arogya Setu application is vulnerable to security breach which he said was rebuffed by the government.
This followed hours after Electronics & IT Minister Ravi Shankar Prasad as well as the Aarogya Setu team denied the existence of security issues in the app.
The hacker under the alias “Elliot Alderson” avowed that after his initial tweet, the Arogya Setu team fixed the security issues before asserting early on Wednesday that there was no issue with the app.
Also read: Users' data is safe, no security breach: Aarogya Setu app
However, the ethical hacker late on Wednesday put out a tweet with a promise to write a technical report on the application. He tweeted "I don't know why people are still asking what were the issues, everything is already public: 1) In the previous version of the app, an attacker was able to get the content of any internal file of the app, the local database included.
-
I don't know why people are still asking what were the issues, everything is already public:
— Elliot Alderson (@fs0c131y) May 6, 2020 " class="align-text-top noRightClick twitterSection" data="
1) In the previous version of the app, an attacker was able to get the content of any internal file of the app, local database included.
2) Yesterday, an attacker was able to [..] https://t.co/MVKc4wOSA9
">I don't know why people are still asking what were the issues, everything is already public:
— Elliot Alderson (@fs0c131y) May 6, 2020
1) In the previous version of the app, an attacker was able to get the content of any internal file of the app, local database included.
2) Yesterday, an attacker was able to [..] https://t.co/MVKc4wOSA9I don't know why people are still asking what were the issues, everything is already public:
— Elliot Alderson (@fs0c131y) May 6, 2020
1) In the previous version of the app, an attacker was able to get the content of any internal file of the app, local database included.
2) Yesterday, an attacker was able to [..] https://t.co/MVKc4wOSA9
2) Yesterday, an attacker was able to know who is infected, unwell and made a self-assessment in the area of his choice.
3) Basically, I was able to see if someone was sick at the PMO office or the Indian parliament. I was able to see if someone was sick in a specific house if I wanted. And yes yesterday, 5 people felt unwell at the PMO office, 2 unwell at the Indian Army Headquarters, 1 infected people at the Indian parliament, 3 infected at the Home Office".
-
And yes, yesterday:
— Elliot Alderson (@fs0c131y) May 6, 2020 " class="align-text-top noRightClick twitterSection" data="
- 5 people felt unwell at the PMO office
- 2 unwell at the Indian Army Headquarters
- 1 infected people at the Indian parliament
- 3 infected at the Home Office
Should I continue?
">And yes, yesterday:
— Elliot Alderson (@fs0c131y) May 6, 2020
- 5 people felt unwell at the PMO office
- 2 unwell at the Indian Army Headquarters
- 1 infected people at the Indian parliament
- 3 infected at the Home Office
Should I continue?And yes, yesterday:
— Elliot Alderson (@fs0c131y) May 6, 2020
- 5 people felt unwell at the PMO office
- 2 unwell at the Indian Army Headquarters
- 1 infected people at the Indian parliament
- 3 infected at the Home Office
Should I continue?
