Newsbytes
  • India
  • Business
  • World
  • Politics
  • Sports
  • Technology
  • Entertainment
  • Auto
  • Lifestyle
  • Inspirational
  • Career
  • Bengaluru
  • Delhi
  • Mumbai
  • Videos
  • Visual Stories
  • Reviews
  • Phone Reviews
  • Fitness Bands Reviews
  • Speakers Reviews
  • Find Cricket Statistics
Hindi
More
In the news
SpaceX
Elon Musk
Space News
OnePlus
Telegram
Realme
Latest Mobile Phones
Newsbytes
Hindi
Newsbytes
User Placeholder

Hi,

Logout


India
Business
World
Politics
Sports
Technology
Entertainment
Auto
Lifestyle
Inspirational
Career
Bengaluru
Delhi
Mumbai
Videos
Visual Stories
Reviews
Phone Reviews
Fitness Bands Reviews
Speakers Reviews
Find Cricket Statistics

More Links
  • Videos

Download Android App

Follow us on
  • Facebook
  • Twitter
  • Linkedin
  • Youtube
 
Home / News / Technology News / Elliot Alderson: The hacker who started the Aadhaar security controversy
Technology

Elliot Alderson: The hacker who started the Aadhaar security controversy

Elliot Alderson: The hacker who started the Aadhaar security controversy
Written by Shiladitya Ray
Edited by Bhavika Bhuwalka
Jul 30, 2018, 01:36 pm 4 min read
Elliot Alderson: The hacker who started the Aadhaar security controversy

TRAI chairman RS Sharma is in the midst of a storm now after his Twitter challenge on Aadhaar's security majorly backfired. Hackers have already exposed several personal details about Sharma, and has even deposited money in his bank account. The entire episode is an extension of the debate on Aadhaar's security, precipitated by French ethical hacker Elliot Alderson. Who is he? We elaborate.

Latest
Sharma left red-faced again; was Alderson right about Aadhaar?

Despite UIDAI rubbishing claims that Sharma's personal details were stolen from the UIDAI database using his Aadhaar number, the episode isn't over yet. Now, TOI has reported that ethical hackers have also deposited Re. 1 to Sharma's bank account, and have found Sharma's other bank accounts, IFSC codes, and even a particular payment history. All this is reminiscent of Alderson's earlier warnings about Aadhaar.

Origins
It started in March when Alderson hacked the Aadhaar app

It all started in March when Alderson, whose real name is Baptiste Robert, hacked into the Aadhaar app within a minute and reportedly gained access to 22,000 Aadhaar card details. Despite Alderson's findings, UIDAI remained adamant about the robustness of Aadhaar's security. Notably, this wasn't the first instance of Alderson hacking into government portals.

Context
Alderson finds a loophole, makes his findings public

Initially, Alderson had found a loophole in the Aadhaar's Android application which revealed that users' biometric data was being saved in a local database by app developers whose password wasn't too difficult to obtain. "These cards can be found on the internet. They are not on the UIDAI server. Everything is public, no hack is required," he said.

Twitter Post
Alderson had shared his findings on Twitter

How to bypass the password protection of the official #Aadhaar #android #app in 1 minute.
For this attack, the attacker need a physical access to the phone, rooted phone is not needed and yes this is the latest version of the app.
cc @uidai @ceo_uidai pic.twitter.com/7aZ0fvr0Wv

— Elliot Alderson (@fs0c131y) March 13, 2018
Motive
Alderson is a French security expert and app developer

Alderson is a French security expert who is a network and telecommunications engineer by profession. He claims to have no ulterior motive behind his revelations other than highlighting serious security vulnerabilities so that they can be patched at the earliest. To be transparent about the whole process, Alderson openly communicates with the concerned organizations on Twitter, and often publicly posts DM conversations with them.

Inspiration
Alderson is inspired by renowned whistleblower Edward Snowden

The French developer draws inspiration from renowned whistleblower Edward Snowden. "By nature, I'm curious and I like to understand how things are working which often leads by finding security flaws," he said. The 28-year-old cybersecurity expert does not have any sort of team behind him and follows a "standard process" to find security flaws.

Feathers in cap
Aadhaar not the only platform Alderson has exposed

On February 25, Alderson accessed the database of the Telangana government's benefit disbursement portal TSPost. This contained personal information of 56 lakh beneficiaries of the National Rural Employment Guarantee scheme and 40 lakh beneficiaries of social security pensions. He had also earlier highlighted that Paytm was seeking root access to users' devices, after which the mobile payments company removed the root request.

Trivia
Not impossible to achieve almost 100% privacy online: Alderson

Previously, Alderson has discovered vulnerabilities in the online portals of Punjab Police, Indian Postal Service, Apollo Hospitals, and BSNL. He says that even though it is "complicated," it is not entirely impossible to achieve almost 100% privacy online. Interestingly, his username has been inspired by a character by the same name from the television series Mr. Robot, who is also a vigilante hacker.

UIDAI's claims
However, the UIDAI's claims might have some truth too

Yet, for all of Alderson's alleged successes, it's important to note that the UIDAI's defense against Alderson's claims also holds some ground. UIDAI points out that all the information pulled was available on the public domain owing to Sharma's long history of public service. For instance, Sharma's mobile number was pulled from the NIC website, his email from the IIT-Delhi alumni portal, etc.

Share this timeline
Facebook
Whatsapp
Twitter
Linkedin
Shiladitya Ray
Shiladitya Ray
Mail
Budding social scientist with a keen interest in social studies of science and the sociology of knowledge. Cinephile. Liverpudlian. Metalhead.
Bhavika Bhuwalka
Bhavika Bhuwalka
Mail
Latest
Twitter
Aadhaar Card
Punjab Police
Data Leak
Telecom Regulatory Authority Of India
Related
Latest
'Billy in Dilli': Here's how 'Stranger Things' characters 'explored' India
'Billy in Dilli': Here's how 'Stranger Things' characters 'explored' India Entertainment
Abortion ruling: US companies reach out to women employees
Abortion ruling: US companies reach out to women employees World
Shah Rukh Khan's 30 years in Bollywood: 'Pathaan' poster released
Shah Rukh Khan's 30 years in Bollywood: 'Pathaan' poster released Entertainment
Modiji endured silently for 19 years: Shah on SC decision
Modiji endured silently for 19 years: Shah on SC decision Politics
2022 Wimbledon draw: Here is all you need to know
2022 Wimbledon draw: Here is all you need to know Sports
Twitter
Suriya, Jyotika to back Sai Pallavi's upcoming film 'Gargi'
Suriya, Jyotika to back Sai Pallavi's upcoming film 'Gargi' Entertainment
BTS's Jungkook, Charlie Puth drop new song 'Left and Right'!
BTS's Jungkook, Charlie Puth drop new song 'Left and Right'! Entertainment
Garena Free Fire codes for June 23: How to redeem
Garena Free Fire codes for June 23: How to redeem Technology
Twitter 'Notes' long-form blogging feature announced: How will it work
Twitter 'Notes' long-form blogging feature announced: How will it work Technology
Saurabh Verma lauded for refusing misogynistic Layer'r SHOT ad, reacts
Saurabh Verma lauded for refusing misogynistic Layer'r SHOT ad, reacts Entertainment
More News
Aadhaar Card
What is masked Aadhaar, how to download it
What is masked Aadhaar, how to download it India
Centre issues notification on linking Aadhaar with voter ID
Centre issues notification on linking Aadhaar with voter ID India
Centre withdraws advisory to use masked Aadhaar at public places
Centre withdraws advisory to use masked Aadhaar at public places India
Govt plans one unique ID to access multiple digital IDs
Govt plans one unique ID to access multiple digital IDs India
Government to provide consent form for sharing of Aadhaar details
Government to provide consent form for sharing of Aadhaar details India
More News
Punjab Police
Gangster Lawrence Bishnoi admits to planning Moose Wala Murder: Police
Gangster Lawrence Bishnoi admits to planning Moose Wala Murder: Police India
Was Karan Johar on Lawrence Bishnoi's hit list for extortion?
Was Karan Johar on Lawrence Bishnoi's hit list for extortion? Entertainment
Moose Wala killing: Lawrence Bishnoi sent to 7-day police custody
Moose Wala killing: Lawrence Bishnoi sent to 7-day police custody India
Moose Wala murder: Pune Police arrests 2 suspects from Gujarat
Moose Wala murder: Pune Police arrests 2 suspects from Gujarat India
Moose Wala killing: Suspected shooter nabbed, 9th arrest so far
Moose Wala killing: Suspected shooter nabbed, 9th arrest so far India
More News
Data Leak
Cyberattack targets Acer's Indian aftersales systems, steals 60GB of data
Cyberattack targets Acer's Indian aftersales systems, steals 60GB of data Technology
Here's why security researchers think Amazon's Astro bot isn't safe
Here's why security researchers think Amazon's Astro bot isn't safe Technology
Researcher discovers FBI terrorist watchlist exposed online for three weeks
Researcher discovers FBI terrorist watchlist exposed online for three weeks Technology
T-Mobile investigating alleged data hack affecting 100 million customers
T-Mobile investigating alleged data hack affecting 100 million customers Technology
Government claims Co-WIN data of 150 million Indians wasn't leaked
Government claims Co-WIN data of 150 million Indians wasn't leaked Technology
More News
Telecom Regulatory Authority Of India
5G in India: Understanding 5G spectrum auction and process involved
5G in India: Understanding 5G spectrum auction and process involved Technology
Tamannaah Bhatia, Virat Kohli issued notices for promoting online rummy
Tamannaah Bhatia, Virat Kohli issued notices for promoting online rummy Entertainment
Jio to make all domestic calls free from January 1
Jio to make all domestic calls free from January 1 Business
TRP scam: Mumbai Police arrests Republic TV CEO Vikas Khanchandani
TRP scam: Mumbai Police arrests Republic TV CEO Vikas Khanchandani India
#Lockdown: Airtel extends validity for over 80 million 'under-privileged' customers
#Lockdown: Airtel extends validity for over 80 million 'under-privileged' customers Business
More News
Related
Aadhaar uncertainty looms large over lakhs due to NRC limbo
Aadhaar uncertainty looms large over lakhs due to NRC limbo India
Next News Article
Next News Article

Love Technology news?

Subscribe to stay updated.

Science Thumbnail
India News Business News World News Politics News Sports News Technology News Entertainment News Auto News Lifestyle News Inspirational News
Career News Bengaluru News Delhi News Mumbai News Mukesh Ambani Indian Premier League (IPL) Karnataka Samsung Xiaomi West Bengal
Bihar Virat Kohli Rohit Sharma Haryana Narendra Modi Arvind Kejriwal Tamil Nadu Gujarat Yogi Adityanath YouTube
Instagram Hollywood News Uttar Pradesh Kerala Netflix Bollywood News Mamata Banerjee Maruti Suzuki Rahul Gandhi Elon Musk
Shah Rukh Khan Chelsea FC OPPO Akhilesh Yadav Indian Cricket Team Apple Manchester United Salman Khan Cryptocurrency OnePlus
Amitabh Bachchan ICC Women's World Cup Vivo India vs Sri Lanka
About Us Privacy Policy Terms & Conditions Contact Us Ethical Conduct Grievance Redressal News News Archive Topics Archive IPL 2022 Schedule IPL 2022 Points Table Find Cricket Statistics
Follow us on
Facebook Twitter Linkedin Youtube
All rights reserved © NewsBytes 2022