Our Sean O'Brien on #Aadhaar security: "Whenever a security researcher looks at an official government Aadhaar app, there are blatant privacy problems and sloppy cyber-security, such as sending data over the Internet unencrypted." http://www.businesstoday.in/opinion/columns/bad-aadhaar-cybersecurity-tramples-on-the-right-to-privacy/story/270425.html #privacy #security
That's a great report! If UIDAI has data on 1.3 billion Indians, you shouldn't say billions in the part about the black market. There's also a mistake in the concluding sentence.
@escapist unfortunately those typos were added by whomever posted to the website, along with a few others, which is one reason we posted the original draft: https://privacylab.yale.edu/sites/default/files/draft-sean_obrien_op-ed_aadhaar.pdf
The two I mentioned are in the PDF.
@escapist also, Aadhaar doesn't quite have 1.3 billion Indians yet, last reliable numbers were 1.19-1.2 billion... so we are aware of the numbers.
Getting every last Indian resident in Aadhaar will likely be an exponentially difficult task, especially with the well-known hardware/software problems with the fingerprint scanners.
Oh, I got that number from the report so it is something else to correct.
@escapist we'll approach the issue if it's a big source of confusion but these things happen often with press pieces and the major points still stand. Thanks for reading and promoting the piece though!
link to draft version of this piece, with hyperlinks to supporting evidence: https://privacylab.yale.edu/sites/default/files/draft-sean_obrien_op-ed_aadhaar.pdf