Hi #Aadhaar
! Can we talk about the #BenefitsOfAadhaar for the #India population?
I quickly check your #android app on the #playstore and you have some security issues...It's super easy to get the password of the local database for example...
http://play.google.com/store/apps/details?id=in.gov.uidai.mAadhaarPlus …
-
-
It can be good also to remove the "developer" endpoint from the release apk...pic.twitter.com/3kNwIJUWRO
Show this thread -
-
Woohoo! sounds like a lot of people are interested by
#Aadhaar. I know what I will do during my flight now
Show this thread -
A lot of people asking me how bad is the generation of the local database password in the
#Aadhaar#android#app. I published a small POC here: https://github.com/fs0c131y/AadhaarDatabasePasswordPOC … If you start the application multiple times you will see that the generated password are always the samepic.twitter.com/U5TRTHiWen
Show this thread -
Storing data in a local database is a common practise in the
#Android world. In the#Aadhaar#android app they store: - user password data (hash) - notification - Ki value - EKYC Profile Data - Biometric Prefs - Bio Lock Timeout - App Configurationpic.twitter.com/cCfaAKFVkB
Show this thread -
According to the official documentation, https://aadhaarapi.com/aadhaar-response-format/ …, EKYC Profile Data contains the following data: - User_Id - Aadhar_Id - Name - Dob - Gender - Address - Photo - ...pic.twitter.com/x1TI9uXXTM
Show this thread -
So
@UIDAI you are storing a biometric data on the local database: the photo of the user.Show this thread
End of conversation
New conversation -
-
-
"When you're too lazy to learn stuff so you copy/paste unsecure code into critical apps"

-
ROFL, i was making a joke but... I had stackoverflow in mind

- 1 more reply
New conversation -
-
-
People with
#Vyapam level training and job experience, clearly. -
Engineers from Infosys basically
-
Tweet unavailable
-
Lol, I know few who work there. They are not the finest
-
Infosys like other companies has a team of brilliant coders who do these kind of of jobs. Not everyone is on that level
-
Tweet unavailable
-
The problem with sarcasm is, a lot of people do not understand it.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
