Calling all techies
- Thread starter pratikb
- Start date
- Status
Mr.J
Innovator
We've zero hope in government. Government agencies stuck in 80s and 90s is par for the course.
Yeah seriously. Don't you know who he is.
Simple fact of the matter is folks who find vulnerabilities in Indian govt sites are not appreciated by Govt organizations. Look at what happened to that journalist who exposed UIDAI data getting sold for 500 bucks. What happened? UIDAI registered a police case against her.
The french guy is better off - at least he won't go to jail cos of finding issues on Indian websites cos he's beyond the reach of the retarded government agencies and bureaucrats.
The french guy is better off - at least he won't go to jail cos of finding issues on Indian websites cos he's beyond the reach of the retarded government agencies and bureaucrats.
^He's not wrong. People in Twitter and Facebook are good evidences. Many people, so-called "influencers" and those with thousands of followers have been bought out by political parties with many belonging to the BJP group. Congress and others should also have their own share. There were some news long ago during the country's election time I think about someone leaving such groups but was threatened or something. This person was in the BJP camp and divulge some informations about their activities.They're all part of the political parties IT cells.
Pays much better than coding at the homegrown IT firms.
blr_p
Oracle
Thats the whole trouble.
You guys would ask all others for sacrificing their time for country,society
You would question doctors going on strike
Farmers asking for raise in the sale price
But when it comes to self,all this comes up.
What that french guy got to do with our country’s IT infra?
You guys would ask all others for sacrificing their time for country,society
You would question doctors going on strike
Farmers asking for raise in the sale price
But when it comes to self,all this comes up.
What that french guy got to do with our country’s IT infra?
Exactly, Security though obscurity and security though legality is the norm here.
The whole trouble is that when you report such issues, you expect them to be fixed. But the best thing you can expect is them not giving a damn and the worst thing is to be locked up in jail (especially if its a govt site) and your whole life being destroyed to keep your mouth shut.
Just for the record, one of our TE members was threatened with legal action by the owner of a music streaming site in India when he reported a serious vulnerability that exposed the entire user DB and said he would make public disclosure after giving them time to fix.
He got immunity from retaliation by Govt of India. That's what he got.
Like who is asking who to sacrifice time for the country? I would like some elaboration.
Who is objecting to that as long as they are not interfering with the rights of other people? The problem in India is that protests are not voluntary as they should be and they are forced on people who don't want to be part of it. For example, one Ola employee in Hyderabad who got fired for fraud used his contacts to force a strike and grounded their entire fleet even though none of them wanted any part of it.
Last edited:
blr_p
Oracle
And free publicity for his effort. If that was allowed there would be no shortage of people wanting to help locally.
If you cannot say anything then there is no gain
And that refutes my answer how? I suggest you read my answer again and properly. Did I say that he is french? I said he has got immunity. He is an anonymous entity which means that Indian govt cannot act to shut him up.
Let me also ask you how/why you are so cocksure that he is not an alias for some person on this very forums? How are you also sure that that there aren't 100's or even 1000's of such anonymous entities from this country indulging in such activities.
Just for the record, typical software programmers in India working at IT companies don't understand security. The proof of its is that many of the govt sites are built by companies like TCS and Infy and get deployed often with glaring security vulnerabilities.
It is why security expects exists are a separate role in many companies that do care about security of their systems.
FYI, the same security researcher recently exposed that a telangana govt benefits portal is vulnerable to a basic SQL injection attack and exposing aadhaar number and other profile data of nearly 1 crore beneficiaries of various programs. Their response was to bring down the whole site.
If somebody with a traceable identity in India had reported it, they would probably be in jail by now with all manner of ridiculous allegations under various sections made out against them.
Last edited:
you are talking as if paying taxes to the govt is not enough. Why would some hardworking IT guy should spend his valuable time to penetration testing BSNL or Aadhar? if you feel so strongly about it, why dont you start doing it yourself?
hahaha
About Infosys, didn't the Aadhaar morons threw them under the bus after the news of it's poor security spread? lol.
Last edited:
rakesh_ic
Herald
Nothing really. It was meant to be a wake up call to the IT folks in the forum. But after reading it all, I am sleepy again while I had already got calls from my folks for my presence at the IT firm I work.
in india, ethical or not, hackers are treated like criminals. there is an Info Tech act to lock people up for 5-10 years for unauthorized breach of computer systems along with a fine of 5 lakh rupees. 10 years in prison is a long time. its like a death knell for your career. So no wonder Indian IT super hackers or whatever they have been called in that twitter post don't want to touch govt systems.
- Status