by ShirsenduK on 1/4/18, 4:46 AM with 26 comments
by throwaway312383 on 1/4/18, 11:38 AM
These concerns were generally met with great hostility; UIDAI has relentlessly pursued to silence people sometimes by threatening them with legal proceedings.
ORF compiled a list of leaked UID numbers (~100 million) sometime back. Many UID numbers were dumped onto the Internet by clueless public servants. UIDAI promptly sent them a cease-and-desist order (or something to that effect).
https://www.youtube.com/watch?v=xU0bTAa_djc
UIDAI was implemented, very un-democratically, first by the former ruling coalition, and is now being promoted to ridiculous levels by the current political elites. All this has been done under the watchful eyes of the billionaire, Nandan Nilekani. He was able to engineer this junk system past both the legislative houses and courts multiple times over the course of the previous decade. UIDAI has only receive mandate well after it was already pushed out onto the people through underhanded tactics.
Usha Ramanathan and others have been following this development from the start. It's increasingly becoming obvious that UIDAI was really only a means for creating a new Orwellian state, where everything can be turned off at the whim of some perturbed politician; where all your phone/bank numbers are at the mercy of some wrathful God in Delhi (and likely as not outside of it). This theory goes well with recent statements coming from the Indian state apparatus about the abolition of cash/untracked assets.
by reallymental on 1/4/18, 10:47 AM
I won't add to the toxicity of the comments found in the article.
Has anybody who has worked on the Aadhar system have a presence on HN? The cynic in me wants to believe that the 'system' was nothing more than a simple crud app with the front end locked away under a username and password. Minimal effort, minimum spent.
Even large Non-Tech corporations are known for really insecure systems, insufficient password protection, easily guessed usernames etc. all in the name of saving some $ on development. And to think this DB was not even meant for profit in the first place!
Did they (the org that built Aadhar) commit the same mistakes or does this look like an inside job (purely for profit, with no malicious intent)?
I want to be wrong. I want this to be an 'attack' rather than just an 'pay for access' method.
by vasundhar on 1/4/18, 1:22 PM
UIDAI (Outlook) : https://www.outlookindia.com/website/story/uidai-denies-biom... Tribune's Response. http://www.tribuneindia.com/news/nation/uidai-says-tribune-s...
by codeisawesome on 1/4/18, 11:14 AM
by option_greek on 1/4/18, 11:47 AM
If I had to design this, I would have added a two factor access to each citizens data which can only be accessed with their consent. But this model doesn't let the government departments access all the data at will.
by edent on 1/4/18, 12:26 PM
So, "These groups targeted over 3 lakh village-level enterprise (VLE) operators" is referring to 300,000 operators. That gives you an idea of the scale here.
by contingencies on 1/4/18, 11:23 AM
This now makes all the numbers useless, since all the data stored may have been duplicated and the means to produce fakes is already out of the box. Somehow, the world's greatest bastion of humility will not submit to omnipresent technical surveillance - should we be at all surprised? India is famously corrupt. Even with rate limiting, search scope limitation, and other techniques it would appear that such data can never be truly secured.
by known on 1/5/18, 5:05 AM