![]() How does the Narendra Modi app work? It has a great many features, including a newsfeed, a social network, a survey component, etc., and also has gamification in the form of badges. Understanding this will require some patience, so with sleeves rolled up, let’s dive in. This “non-hack” - since it exploits some very basic flaws, making it like picking a lock made of paper - is a significant one because it sits at the intersection of various trends like digital citizen-government interactions, exploding mobile usage especially by first-time technology users, data security, and legal protection. It is this: this flaw was reported more than a year ago and even now hasn’t been properly fixed. #Apphack ed tvKhatri’s website went down as well (and still was, at the time of writing this article), though it isn’t clear whether that was intentional or not.Įxcept for a handful of smaller players, none of the leading Indian newspapers, TV channels or online news portals covered the news. After radio silence from the site all through the day as social media users pilloried it for having deleted the article without any explanation, it put out a clarification later that evening. Yet within hours, the story had vanished entirely from YourStory’s site, with the site implementing an HTTP 302 to redirect visitors to its home page instead. #Apphack ed androidThe app Khatri was referring to was the official Android app of Indian Prime Minister Narendra Modi ( NaMo app, for short), with over 7 million users. The privacy of more than seven million users is at stake if this gets ignored.” This is just the summary of this huge security loophole which I want to report. “Not only that, I can make any user on the platform follow any other user on the platform. I successfully managed to extract the personal phone numbers and email ids of ministers like Smriti Irani (screenshot at the end of the article). The data includes phone number, email, name, location, interests, last seen etc. ![]() “I am able to access private data of any user on the app. ![]() In it Javed Khatri, a 22-year old mobile developer from Mumbai, makes the following claim: The morning of December 2, news portal YourStory published an unsigned story titled “22-year-old hacker from Mumbai hacks Narendra Modi app, exposes threat to 7 million user data”. Want to read our free stories and try our newsletters? Register or Loginĭata security shouldn’t be political. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |