Is Aadhar and mobile linking mandatory

1 You shouldnt post personal details online if you are an influential person and then challenge the Internet to do its worst. Anyone with the basic understanding of Internet should know that.
2 I can explain why he is feeling smug. Google Dunning Kruger effect.
Am still waiting for this worst to happen to this TRAI chief. Will it ?

What do we have so far
 
How do people this stupid get into these high positions? I wouldnt trust them to manage a nukkad panwala and they are running TRAI.
Man I keep thinking the same. Gives me immense confidence. Im seriously considering bigger businesses and even active politics. If these mofos can do it, then why cant we ?
 
https://www.financialexpress.com/aa...-s-sharma-gave-out-his-aadhar-number/1264177/

Was Trai chief RS Sharma’s personal data leaked after Aadhaar challenge?

Short answer is No! or maybe not yet so for now the TRAI chief can gloat content in the success of his public challenge. But the failure of anyone to do so is still inconclusive

What was the worst thing that happened to him so far ?

While a few hackers may have claimed to have fished out his personal details using the Aadhaar number, Sharma dismissed such claims saying that such information could have easily been found doing a determined Google search. “Finally, to the so-called hackers who actually challenged me, rather than the other way around: You have found information about me that other users could have obtained by a determined Google search without the benefit of knowing the Aadhaar number,” he said.

RS Sharma also revealed that a few hackers tried to hack his email accounts (unsuccessfully) and to make him subscribe to a large number of services. “Many of these services take reasonable precautions and have sent me innumerable OTPs in their attempt to authenticate my ID.

That’s been a waste on their part and a waste of my time,” he said.

However he added

While Sharma had revealed his Aadhaar details, he advised others to refrain from doing it. “I am not suggesting for a moment that any of you could also publicly share your Aadhaar number. Far from it. Replicating the same challenge doesn’t prove anything more,” he said.
Why ? if nobody could get anything from him then it follows everybody else is safe too right !?!

https://www.financialexpress.com/aa...ge-is-a-case-of-misplaced-enthusiasm/1263097/

What the TRAI Chairman has perhaps forgotten is that the central data repository at the Unique Identification Authority of India (UIDAI) may be secure, but several third-party vendors are now increasingly accepting Aadhaar as a key document — and that opens it up for misuse, especially given the weak cyber security laws in the country.
So the problem is with 3rd party vendors. If yu want to be safe don't use aadhar then. Course the problem starts when they say its mandatory.
 
Sending money knowing IFSC and account number isn't a problem is it. If you buy anything on this board then that is what people want you to do anyway :D

Why didn't anyone make a withdrawal ? That is the problem with this challenge

If the govt was serious they would have put up a bounty and following verification of the exploit offered legal immunity.

Doing it the TRAI chief's way is doing it on the cheap. People aren't going to give up secrets for free nor will they attack when everybody is watching for an exploit.

The TRAI chief's bravado doesn't quite cut it unfortunately. If he doesn't get compromised are you safe too and if he is then what does it say about the security of the project itself.

The results of this exercise remains inconclusive in the end.
 
Nope. That's just some tacky add-on implemented after many months. I'll try to find the link which discussed the holes in it.
 
Sending money knowing IFSC and account number isn't a problem is it. If you buy anything on this board then that is what people want you to do anyway :D

Why didn't anyone make a withdrawal ? That is the problem with this challenge

If the govt was serious they would have put up a bounty and following verification of the exploit offered legal immunity.

Doing it the TRAI chief's way is doing it on the cheap. People aren't going to give up secrets for free nor will they attack when everybody is watching for an exploit.

The TRAI chief's bravado doesn't quite cut it unfortunately. If he doesn't get compromised are you safe too and if he is then what does it say about the security of the project itself.

The results of this exercise remains inconclusive in the end.

They are not doing anything big / bad because he is connected. I can think of a few ways Aadhaar can be misused. Like, take a duplicate aadhaar copy of his real aadhaar number, put my face instead of his, take it to bank, and take a huge loan of 1 crore by showing doctored documents etc. All banks do is verify aadhaar and verify signature. Signature can be anything what I like since bank will think i am someone having similar name to his. Doing this, i will get 1 crore, but i will get a bunch of determined police on my heels too. So ethical hackers probably know this too well to bother with it. No one wants to be on the run 24/7 looking over their shoulder when they have a good career.

Edit: If the govt really wants to find holes in aadhaar they should give indemnity to hackers or give them freedom from being arrested or convicted. Then only we will see the true results of a leaked aadhaar number.
 
Waiting for Mr.J's to post more about this one time VID.[DOUBLEPOST=1533205524][/DOUBLEPOST]
That is just one of the major issues. Plus no compliance....
The problem with saying 3d party vendors is it also applies to credit cards isn't it. Any website that has customers credit card info can also be hacked. A chipped card makes it harder to re-use. As does net banking. No details stored at the 3rd party site at all.
 
Last edited:
So I had read these two which were written back in Jan/Feb after announcement of VID:

Why the UIDAI's introduction of virtual ID won't really change much - https://www.medianama.com/2018/01/223-aadhaar-virtual-id/
Virtual Aadhaar ID: too little, too late? - https://www.thehindu.com/news/national/virtual-aadhaar-id-too-little-too-late/article22423218.ece

This one is new:
Aadhaar Virtual ID is a proactive move to fix privacy holes but might be useless without critical updates - https://www.firstpost.com/business/...useless-without-critical-updates-4299257.html

This one is not much about VID as much it is about UIDAI's idiocy.
With Virtual ID, UIDAI admits what it has been denying: Leaked Aadhaar numbers are a problem - https://scroll.in/article/864571/wi...-denying-leaked-aadhaar-numbers-are-a-problem
 
The entire system is broken to begin with. Poor technology and security practices, Bureaucratic red tape coupled with rampart corruption, Arrogant claims of unbreakable systems just to gain acceptance from ignorant people and worthless idiot(s) passing off as technology expert.

There is no fixing a system that started as a pilot project/experiment and then suddenly forced down everybody's throat by a new regime without it ever reaching any semblance of maturity.

In any case

https://scroll.in/article/891975/th...ollowness-of-governments-claims-about-aadhaar
 
Back
Top