Come on! HTTP?! I'm sure you are able to rectify this and use HTTPS instead.pic.twitter.com/elRQVlU5bT
-
-
Show this thread
-
Moreover, the personal data are encoding with base 64. This is not encryption! Decode this data is very easy as shown in the example.pic.twitter.com/yDWawN2YiR
Show this thread -
The IP address of http://membership.inc.in is 52.77.237.47. This server is located in Singapore. As you are an
#Indian political party, having your server in#India is probably a good idea.pic.twitter.com/tbspCtOPfB
Show this thread
End of conversation
New conversation -
-
-
Hi! My name is Rahul Gandhi. I am President of
@INCIndia .When you sign up for membership on my official App, I give all your data to my friends in Singapore companies. Ps. Thanks mainstream media, you're doing a great job of burying this critical story, as always. -
Sweetheart there is a difference between... with consent and RAPE ...



-
Look like
@INCIndia is filling guilty after RAPE....
#DataChorCongresshttps://twitter.com/ndtv/status/978184576492285952 …
End of conversation
New conversation -
-
-
@thewire_in@RahulGandhi@the_hindu Do we have any kind of privacy in this country or anyone could get our data and store them on foreign servers. I guess privacy is just like a happy wife, a myth in India. -
If you are using a smart phone then there is no privacy in any corner of the world bro.
-
Yeah I guess you are right bro.

End of conversation
New conversation -
-
-
Are they not stealing data without consent of the user like an other political party?
-
Nope. They're sending data that the user gave to their own servers, nothing more. Just that they haven't encrypted the data, so it is rather easy for a digital eavesdropper to get that data.
End of conversation
New conversation -
-
-
Still using http. Outdated Congress


-
If the data is encoded, http is good enough. But base64 encoding is a terrible choice.
-
What makes you say that
@Giveanid_ ? Are you saying "some other encoding technique plus http" is a good idea? -
Yes it’s okay if you are not concerned about the integrity of data. That is, you can inject bad data and make it corrupt, but you still can’t see the data.
-
My friend encoding is no good for either integrity or confidentiality. No matter from what angle you look at it. Encoding (no matter what kind) is reversable and therefore serves no security related purpose. And combine it with http, just shouts lazy and irresponsible.
-
-
And where is it I wrote that "only encoded data is reversible" Or "Encrypted data is not reversable"? Let me clarify more Encoding-> Anyone can reverse Encryption-> Only authorities with the valid key can reverse. Thus ideal for maintaining confidentiality.
-
You said 'Encoding... is reversible and therefore serves no security related purpose'. Your statement is ambiguous and the latter part of your statement is factually incorrect. You have since tweeted a clarification about which we can both agree.pic.twitter.com/uoF0oPCvyB
- 2 more replies
New conversation -
-
-
So >>> what about this - your comment please Mr.
@RahulGandhi ?? |@divyaspandana - pls drum some knowledge into your boss. He is becoming a global joke alongwith@sampitroda &@siddaramaiah - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.