Last Updated on May 6, 2020 by Larious
An ethical hacker says that the app which is developed by the Government named Aarogya Setu app has privacy issues. But the developers of the app has given a statement that the functionalities of the app are proper; there are no issues with the privacy of the app.
Aarogya Setu app responds to ethical hacker’s claim of security issues.
The hacker allegedly said that the privacy of 90 million Indian users is not safe due to a security flaw found in the app.
The team of the Aarogya Setu app shared an official statement on Twitter and said, ” no personal information of any user is at stake, and there is no security breach.”
In the statement, the government said, they get the user’s location and store it on a server in a secure, encrypted and in a safe manner while the user does registration and self-assessment. On the app, the user submits his contact tracing data.
The government responds to the hackers who claim that the ” users get the COVID-19 status shown on their Home screen by changing the radius and latitude and longitude. To this, the government said, “the radius parameters are fixed and can only take one of the few values: 500 meters, 1km, 2km, 5km, and 10km. These values are standard parameters posted with HTTP headers.”
Even after the clarification, it looks like the hackers aren’t pleased. So the hacker tweeted and said, “Basically, you said “nothing to see here”We will see. I will come back to you tomorrow.”
The name of the hacker is Elliot Alderson who alerted the government about the security flaw on Tuesday. He asked the government to get in touch with him privately. A few hours later, Elliot tweeted and warned the government that if they do not fix the flaw, he will disclose all the flaws to the public.
Aarogya Setu app was made to spread the information of Covid-19 in India. More than 80 million people have downloaded the app. The app was promoted by the government and Prime Minister Modi also.