The official #Aadhaar #android app is sending an SMS to authenticate the user. In general, to avoid abuses, you add a sending rate limit. The user has to wait 2 minutes before resend the SMS. @UIDAI did not implement this kind of limit in the app. What are the consequences?
-
-
Write the script.
-
the script
-
That's my boy
-
This media may contain sensitive material. Learn more
End of conversation
New conversation -
-
-
Did you confirm their sms platform is not doing the ratelimiting after a few attempts ? Because app/client-sided limitation rhymes with bypass and I wouldn't rely on it either

-
Yes, I was able to test it few days ago. Now, the all service seems to be down. As they can't update the app, this is the only solution.
End of conversation
New conversation -
-
-
As u know I recommend to
#DestroyTheAadhaar ASAP not just remove a petty little app with less 1-5 million downloads in a population of billion+ where 50% don't even have a basic phone. But in spirit of learning, scientific spirit and some critique I do try to follow what u say. -
So do help me grasp this one, which I have some problems understanding what you are trying to say. I'll try to break down my confusion into specific questions:
-
1) I can understand that Aadhaar app is trying to send an OTP for auth, because that's a parameter of authentication as well as eKYC API, but non-mandatory (that's terrible) as far as I understand. Do you mean OTP it sends is an SMS it first receives or does it send own TOTP?
-
I guess what he is trying to say is that a built in limit for the number of SMS retries the App would make before timing out as a security measure.
- End of conversation
New conversation -
-
-
Stop blaming
@UIDAI &@ceo_uidai#Aadhaar app is UNESCO certified best app#AadhaarMythBuster /sThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
This is not flaw. This was basically designed in such a way that even a beginner could hack it... When everyone will have everything, there won't be no more hacking. Exploitation of data will result in a banana [dont ask me how] and
@UIDAI will start selling banana.pic.twitter.com/M64JeE5zUxThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
They won't lose money. OTOH, they get back a fraction of all the $$ they spend on his scam called Aadhaar.https://twitter.com/fs0c131y/status/955405527906910208 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@UIDAI@ceo_uidai Pretty sure you guys are immature in handling this project or this much massive amounts of secure data. Pull the app down for god's sake. You are making the nation look defenseless.@PMOIndia Digital India is nothing if you can't keep the data secureThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Sadly they wont give a shit :/
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Chup be chuche
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@ShashiTharoor this is a very genuine security concern that both the government and media choose to ignore... I hope you can help voice this. The implications of this vulnerability is huge and potential risks the personal details of every Indian. -
Can you explain how do?
-
Sir, you're talking about this one incident...
@fs0c131y has shown more than few vulnerabilities that risk data...
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

