If you click on the Details button you can access to the list of the subordinate organizations with: - the number of employee registered - the attendance marked countpic.twitter.com/4BQISa98Lb
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
If you click on the Details button you can access to the list of the subordinate organizations with: - the number of employee registered - the attendance marked countpic.twitter.com/4BQISa98Lb
2/ All the organizations dashboard are public. Few examples: - http://ncdrc.attendance.gov.in - http://mhmcgm.attendance.gov.in - http://sklumajnp.attendance.gov.in - http://nssta.attendance.gov.in Just google "site:http://attendance.gov.in " and you will find everythingpic.twitter.com/Mhpv7bzatH
Here, https://pastebin.com/77cLH9GJ , a list of 100 #AEBAS dashboardspic.twitter.com/vKzcHd2Jbl
3/ You can access to the list of the organization devices, http://nicpune.attendance.gov.in/reports/device/devlocation/003770/012925 … You can obtain: - device ID - device type - device location - Last active date - RD and device status - Attendance marked on the device - Average response timepic.twitter.com/6etUCTjFSn
4/ You can obtain the office location of all organization who use #AEBAS http://cpcern.attendance.gov.in/submis/regemp/index/ …
You can get:
- office address
- employee registered
- Aadhaar verified
- Department verifiedpic.twitter.com/1RrYRwSsjZ
#AEBAS: next time, if you don't want people to access a webpage don't comment the link, remove it...
All this information is supposed to by public because citizens can see how govt. employees are doing. If there is any vulnerability & you can access non-public info, that is an issue. Not what you are presenting here. Public info.
Good but do I have the right to be surprise that a tracking system of 600+ organisations which represent almost 300K employees give some much data publicly?
This information can be extracted from Govt. in offline mode also because of Right to Information of our tax money. Most of this information is public knowledge because they are all Govt offices, etc.
I got your point, I'm still surprise by this amount of data. By the way, before writing "Think security" on your website can I suggest you to update your Wordpress...pic.twitter.com/PUP9QN5Dxl
Thanks. Will do. Govt offices in India usually had very low attendance. Govt did this to make Govt employees accountable. There are bigger data exposure issues in India. The entire voter DB is public info with address details, etc.
For example at https://ceo.maharashtra.gov.in/Search/SearchPDF.aspx … - select: Mumbai City 187 - Colaba 190 - Colaba Et voilà, Citizen's name, father/husband, house, age, sex: https://ceo.maharashtra.gov.in/searchpdf/pdf/SA187/A1870190.pdf … But then, this dataset has always been in public domain.
Thank you, I will check that.
These data are suppose to be public. They work for people. People can monitor them directly. i guess so.
So it's normal to monitor more than 600+ organisations and almost 300K employees?
Yes its supposed to be. . . its a feature not a bug. . .
Lol dude, don't give them free security advice
You are on the RAWs list of most wanted persons. Coz you keep exposing their stupidity! And FYI Not everyone in India is this shitty with handling computers and data.
It's R&AW....
RaAW!
Hope this is fine 
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.