Skip to main content

Indian Government now offering Rs 4 lakh to users who can find flaws and vulnerabilities in Aarogya Setu app

If you’re a hacker or someone who knows coding in regards to apps can now help find bugs in India’s own contact-tracing app Aarogya Setu. In a tweet that was published bu the government, researchers and experts who have the technical knowledge regarding apps are being offered Rs 4 lakhs to help find bugs and issues with Arryoga Setu. This bug bounty is open to all comers including people on Aarogya Setu. The government says, “Everyone, including researchers and users of Aarogya Setu, are encouraged to report any vulnerability impacting the privacy and information security posture of Aarogya Setu application.”

Here's an opportunity for all to join #TeamSetu! Find a bug in the app or suggest improvements and win exclusive cash prizes. #IndiaFightsCorona pic.twitter.com/hTRFCbXjNJ

— MyGovIndia (@mygovindia) May 28, 2020

A few weeks ago, French security researcher Robert Baptiste who goes by the pseudonym Elliot Alderson (a character from the TV show Mr Robot) posted a tweet saying that Aarogya Setu has a few flaws that may lead to a leak in the information collected. After that kerfluffle, the government has now decided to make Aarogya Setu open source. This essentially means that anyone can now inspect and check the source code for the app and make necessary changes where they see fit. This was a necessary move for the government as the public backlash getting worse. 

Researchers who do find bugs in the app will be asked to responsibly disclose those vulnerabilities and even get paid for it. The government has also laid down a few guidelines for people to follow. Basically, the reported vulnerability should only be present in the Aarogya Setu app or its source code or back-end server. They further added that the bug or vulnerability should be able to be exploited by “an unrooted phone running a version of Android supported by Aarogya Setu, with ADB Disabled and with all default Android security features in place.”

In other Aaryoga Setu news, the app is now mandatory for people who are flying. You can read more about that here. There has been a new contact-tracing app called SwissCovid which is based on Google and Apple’s UPI as well, you can check out how it compares to our own Aarogya Setu app here. 



from Latest Technology News https://ift.tt/2ZQRbze
Labels:

Comments

Post a Comment

Popular posts from this blog

YouTube Music Season Recap 2022: How to View the Spring Recap

YouTube is a jump ahead of Spotify with its Season Rewind playlist feature. Well, besides playlists, the service offers you a list of your most played artists, songs, albums, etc in the previous season. It will be a recurring thing and is poised to come out every season. Meanwhile, its biggest competitor Spotify’s Wrapped is a bop every time it lands but is limited to annual appearance. There in lies one big difference between the two approaches. Let’s see what else you could expect out of the new YouTube Music feature. YouTube Season Recap: How it works Source: u/DecentSizedTurd (Reddit) Like the YouTube Recap 2021, this one too would share personalized listening stats. YouTube calls this “an exploration of your top artists, songs, albums and playlists over the last season”. To view it, you just need to go to music.youtube.com/recap or the landing page on the YouTube Music app for Android and iOS. Right now, only some users have got the spring Youtube Music playlist. But the...
Post a Comment
Read more