No security breach in Aarogya Setu app, claims govt

New Delhi, May 6: The government on Wednesday said no data or security breach has been identified in Aarogya Setu after an ethical hacker raised concerns about a potential security issue in the app.

The app is the government's mobile application for contact tracing and disseminating medical advisories to users in order to contain the spread of coronavirus.

On Tuesday, a French hacker and cyber security expert Elliot Alderson had claimed that "a security issue has been found" in the app and that "privacy of 90 million Indians is at stake".

Dismissing the claims, the government said "no personal information of any user has been proven to be at risk by this ethical hacker".

"We are continuously testing and upgrading our systems. Team Aarogya Setu assures everyone that no data or security breach has been identified," the government said through the app’s Twitter handle.

The tweet gave point-by-point clarification on the red flags raised by the hacker.

"We discussed with the hacker and were made aware of the following... the app fetches user location on a few occasions," it said, but added that this was by design and is clearly detailed in the privacy policy.

The app fetches users’ location and stores on the server in a secure, encrypted, anonymised manner - at the time of registration, at the time of self assessment, when users submit their contact tracing data voluntary through the app or when it fetches the contact tracing data of users after they have turned COVID-19 positive, it said.

On another issue that users can get COVID-19 stats displayed on the home screen by changing the radius and latitude-longitude using a script, Aarogya Setu said that all this information is already public for all locations and hence does not compromise on any personal or sensitive data.

"We thank the ethical hacker on engaging with us. We encourage any users who identify a vulnerability to inform us immediately...," it said.

Responding to Aarogya Setu's clarification, Alderson tweeted, "I will come back to you tomorrow".

New Delhi, Jun 25: The Supreme Court on Thursday asked the Centre and the CBSE to issue fresh notification in connection with Class 12 exams, clarifying the option between internal assessment and exams later.

The observation from the top court after it was informed that the CBSE has decided to cancel the remaining board exams for Class 10 and Class 12.

A bench comprising Justices AM Khanwilkar, Dinesh Maheshwari and Sanjiv Khanna asked the Centre to clarify the issue of taking the option between internal assessment and exams later.

"Clarify the date of results," said the bench, noting that the CBSE will have to submit a fresh draft notification cancelling class 12 Board exams and affidavit on Friday morning, before the top court continues to hear the matter again at 10.30 a.m.

The apex court also sought clarity on the beginning of the new academic year.

It told Solicitor General Tushar Mehta, representing the Centre, that the CBSE is willing to conduct exams when the situation is conducive, but this may vary from state to state. "Will the decision be taken by a central authority or will the state government take the decision? How are you going to deal with that situation?"

Mehta replied that the decision must be taken according to the situation. To this, the bench said should not the solution be pan-India?

"You have not said when you will decide on this issue, and when you will take stock of these things. Some time frame will have to be given," noted the bench.

Continuing its queries, the bench said: "What about state regional board exams... the CBSE does not hold all the exams. The state Board is also there."

Mehta replied that the instructions from the controller of examinations are that exams are controlled centrally. "State boards assist the CBSE," he replied.

The bench observed that the government should modify the draft notification and include the state board issue. "Clear the stand that decision will be taken at the central level and not at the state level... other courses will have to be delayed till CBSE exam results come out," it said.

Mehta replied the assessment results will be published now, and if a student wants to opt to give the exam, then that will be conducted later. The top court asked Mehta to bring this on record and redraft the notification.

New Delhi, Jan 9: JNU students who tried to march towards the Rashtrapati Bhavan on Thursday protesting the violence on the university campus were stopped by police and later detained.

The police also resorted to baton charge to control the mob who tried to block the traffic at Janpath. Using loudspeakers, the police also appealed to the crowd to maintain peace.

Before the students tried to proceed towards the Rashtrapati Bhavan, a delegation of JNU Students' Union and JNU Teachers' Association also met Human Resource Development (HRD) Ministry officials and demanded the removal of Vice-Chancellor M Jagadesh Kumar from his post.