Aarogya Setu app responds to ethical hacker’s claim of security issues.
In the statement, the government said, they get the user’s location and store it on a server in a secure, encrypted and in a safe manner while the user does registration and self-assessment. On the app, the user submits his contact tracing data. The government responds to the hackers who claim that the ” users get the COVID-19 status shown on their Home screen by changing the radius and latitude and longitude. To this, the government said, “the radius parameters are fixed and can only take one of the few values: 500 meters, 1km, 2km, 5km, and 10km. These values are standard parameters posted with HTTP headers.” Even after the clarification, it looks like the hackers aren’t pleased. So the hacker tweeted and said, “Basically, you said “nothing to see here”We will see. I will come back to you tomorrow.” The name of the hacker is Elliot Alderson who alerted the government about the security flaw on Tuesday. He asked the government to get in touch with him privately. A few hours later, Elliot tweeted and warned the government that if they do not fix the flaw, he will disclose all the flaws to the public. Aarogya Setu app was made to spread the information of Covid-19 in India. More than 80 million people have downloaded the app. The app was promoted by the government and Prime Minister Modi also.
