Hi #Aadhaar
! Can we talk about the #BenefitsOfAadhaar for the #India population?
I quickly check your #android app on the #playstore and you have some security issues...It's super easy to get the password of the local database for example...
http://play.google.com/store/apps/details?id=in.gov.uidai.mAadhaarPlus …
-
-
A lot of people asking me how bad is the generation of the local database password in the
#Aadhaar#android#app. I published a small POC here: https://github.com/fs0c131y/AadhaarDatabasePasswordPOC … If you start the application multiple times you will see that the generated password are always the samepic.twitter.com/U5TRTHiWen
Show this thread -
Storing data in a local database is a common practise in the
#Android world. In the#Aadhaar#android app they store: - user password data (hash) - notification - Ki value - EKYC Profile Data - Biometric Prefs - Bio Lock Timeout - App Configurationpic.twitter.com/cCfaAKFVkB
Show this thread -
According to the official documentation, https://aadhaarapi.com/aadhaar-response-format/ …, EKYC Profile Data contains the following data: - User_Id - Aadhar_Id - Name - Dob - Gender - Address - Photo - ...pic.twitter.com/x1TI9uXXTM
Show this thread -
So
@UIDAI you are storing a biometric data on the local database: the photo of the user.Show this thread
End of conversation
New conversation -
-
-
Can you please work on more such issues and highlight these. This would really expose the competence of the people handling aadhaar.
-
Sure, I have more story like this in my backlog
pic.twitter.com/7HI4bAX2l2 -
Our government is trying to be like NSA, by making it mandatory for us (citizens) to link
#Adhaar with bank accounts, sim cards, bills etc.
End of conversation
New conversation -
-
-
What u should do in flight is to ponder over your colonial thug nation's elites who want to kill my country. Your govt officially involved in Aadhaar for nearly a decade through
@SAFRAN. (((@CIA@ROyalFamily))) hijacked our govt by rigged EVMs for it.https://twitter.com/Stupidosaur/status/951222043134980096 … -
And what you are 'analyzing' isn't something fancypants. MANY Indian engineers have highlighted this and many other problems. But since (((
@CIA))) has helpfully elected dictators to power by EVMs, no heed is paid. Aadhaar is colonial project to furstrate, enslave, rob & kill. -
This is war and your colonial country is NOT our ally just a backstabbing fake 'friend'
-
If u really want to help,instead of highlighting passwords etc(which are NOT going to be fixed, unless their plan listen to firangi while ignoring when Indians showed problems), then instead of tagging whole world with the issues before they get fixed ask to
#DestroyTheAadhaar! -
-
Here is how my country India is being screwed by same old colonial thugs of UK France USA. First thread is mainly about USA,
@CIA. Read till end. Some links are deleted after I exposed them but available on http://archive.org https://twitter.com/Stupidosaur/status/927909792273674240 … -
Here's another thread. Direct involvement of USA UK France (Yes Israelis involved too but I was too bored to write that day after writing much).https://twitter.com/Stupidosaur/status/890755792726482944 …
- 12 more replies
New conversation -
-
-
@NandanNilekani Saar your comments -
FIR incoming??
End of conversation
New conversation -
-
-
Recently they filed an FIR for exposing vulnerabilities instead of rewarding a person. I hope you are doing this great work from outside. Great work though!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Yeah - probably over 1.3 billion people. May be they will canonize you some day. :-)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
This is great work. Hope to see more on this! Thanks!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
