Newsbytes
  • India
  • Business
  • World
  • Politics
  • Sports
  • Technology
  • Entertainment
  • Auto
  • Lifestyle
  • Inspirational
  • Career
  • Bengaluru
  • Delhi
  • Mumbai
  • Videos
  • Visual Stories
  • Reviews
  • Phone Reviews
  • Fitness Bands Reviews
  • Speakers Reviews
  • Find Cricket Statistics
Hindi
More
In the news
Elon Musk
Apple
OnePlus
NOTHING
Latest Laptops
Newsbytes
Hindi
Newsbytes
User Placeholder

Hi,

Logout


India
Business
World
Politics
Sports
Technology
Entertainment
Auto
Lifestyle
Inspirational
Career
Bengaluru
Delhi
Mumbai
Videos
Visual Stories
Reviews
Phone Reviews
Fitness Bands Reviews
Speakers Reviews
Find Cricket Statistics

More Links
  • Videos

Download Android App

Follow us on
  • Facebook
  • Twitter
  • Linkedin
  • Youtube
 
Home / News / Technology News / Elliot Alderson: The ethical hacker who exposed Aadhaar's security flaws
Technology

Elliot Alderson: The ethical hacker who exposed Aadhaar's security flaws

Elliot Alderson: The ethical hacker who exposed Aadhaar's security flaws
Written by Bhavika Bhuwalka
Mar 24, 2018, 06:48 pm 3 min read
Elliot Alderson: The ethical hacker who exposed Aadhaar's security flaws

A few weeks ago, French security researcher Baptiste Robert, who is better known by his Twitter username Elliot Alderson, hacked into the Aadhaar app within a minute and reportedly gained access to 22,000 Aadhaar card details. This was not the first government platform he broke into. Who is Alderson and why has he been tearing apart Indian web portals?

Motive
Alderson is a French security expert and app developer

Alderson is a French security expert who is a network and telecommunications engineer by profession. He claims to have no ulterior motive behind his revelations other than highlighting serious security vulnerabilities so that they can be patched at the earliest. To be transparent about the whole process, Alderson openly communicates with the concerned organizations on Twitter, and often publicly posts DM conversations with them.

Inspiration
Alderson is inspired by renowned whistleblower Edward Snowden

The French developer draws inspiration from renowned whistleblower Edward Snowden. "By nature, I'm curious and I like to understand how things are working which often leads by finding security flaws," he said. The 28-year-old cybersecurity expert does not have any sort of team behind him and follows a "standard process" to find security flaws.

Context
Here is how the Aadhaar fiasco started

Initially, Alderson had found a loophole in the Aadhaar's Android application which revealed that users' biometric data was being saved in a local database by app developers whose password wasn't too difficult to obtain. "These cards can be found on the internet. They are not on the UIDAI server. Everything is public, no hack is required," he said.

Twitter Post
Which led to Alderson accessing 22,000 Aadhaar details in 1min

How to bypass the password protection of the official #Aadhaar #android #app in 1 minute.
For this attack, the attacker need a physical access to the phone, rooted phone is not needed and yes this is the latest version of the app.
cc @uidai @ceo_uidai pic.twitter.com/7aZ0fvr0Wv

— Elliot Alderson (@fs0c131y) March 13, 2018
Feathers in Cap
Aadhaar not the only platform Alderson has exposed

On February 25, Alderson accessed the database of the Telangana government's benefit disbursement portal TSPost. This contained personal information of 56 lakh beneficiaries of the National Rural Employment Guarantee scheme and 40 lakh beneficiaries of social security pensions. He had also earlier highlighted that Paytm was seeking root access to users' devices, after which the mobile payments company removed the root request.

Trivia
Not impossible to achieve almost 100% privacy online: Alderson

Previously, Alderson has discovered vulnerabilities in the online portals of Punjab Police, Indian Postal Service, Apollo Hospitals, and BSNL. He says that even though it is "complicated," it is not entirely impossible to achieve almost 100% privacy online. Interestingly, his username has been inspired by a character by the same name from the television series Mr Robot, who is also a vigilante hacker.

Twitter Post
Alderson's latest revelation relates to the Narendra Modi app

When you create a profile in the official @narendramodi #Android app, all your device info (OS, network type, Carrier …) and personal data (email, photo, gender, name, …) are send without your consent to a third-party domain called https://t.co/N3zA3QeNZO. pic.twitter.com/Vey3OP6hcf

— Elliot Alderson (@fs0c131y) March 23, 2018
Share this timeline
Facebook
Whatsapp
Twitter
Linkedin
Bhavika Bhuwalka
Bhavika Bhuwalka
Mail
Latest
Security
Punjab Police
Data Leak
Edward Snowden
Elliot Alderson
Latest
England vs India: Rishabh Pant hits fifth ton, scripts history
England vs India: Rishabh Pant hits fifth ton, scripts history Sports
How has Cheteshwar Pujara fared in SENA countries? Key stats
How has Cheteshwar Pujara fared in SENA countries? Key stats Sports
2022 Wimbledon: Novak Djokovic overcomes Miomir Kecmanovic
2022 Wimbledon: Novak Djokovic overcomes Miomir Kecmanovic Sports
5 books of Leo Tolstoy you have to read!
5 books of Leo Tolstoy you have to read! Lifestyle
2022 Wimbledon: Ons Jabeur thrashes Diane Parry in third round
2022 Wimbledon: Ons Jabeur thrashes Diane Parry in third round Sports
Security
How to secure your WhatsApp: Check latest features and settings
How to secure your WhatsApp: Check latest features and settings Technology
J&K Police shoots down Pakistani drone carrying explosives in Kathua
J&K Police shoots down Pakistani drone carrying explosives in Kathua India
Russia-Ukraine crisis: PM chairs high-level meet to review security preparedness
Russia-Ukraine crisis: PM chairs high-level meet to review security preparedness India
Man tries to break into NSA Ajit Doval's residence; detained
Man tries to break into NSA Ajit Doval's residence; detained India
Tips to safeguard your home from burglars
Tips to safeguard your home from burglars Lifestyle
More News
Punjab Police
Gangster Lawrence Bishnoi admits to planning Moose Wala Murder: Police
Gangster Lawrence Bishnoi admits to planning Moose Wala Murder: Police India
Was Karan Johar on Lawrence Bishnoi's hit list for extortion?
Was Karan Johar on Lawrence Bishnoi's hit list for extortion? Entertainment
Moose Wala killing: Lawrence Bishnoi sent to 7-day police custody
Moose Wala killing: Lawrence Bishnoi sent to 7-day police custody India
Moose Wala murder: Pune Police arrests 2 suspects from Gujarat
Moose Wala murder: Pune Police arrests 2 suspects from Gujarat India
Moose Wala killing: Suspected shooter nabbed, 9th arrest so far
Moose Wala killing: Suspected shooter nabbed, 9th arrest so far India
More News
Data Leak
Cyberattack targets Acer's Indian aftersales systems, steals 60GB of data
Cyberattack targets Acer's Indian aftersales systems, steals 60GB of data Technology
Here's why security researchers think Amazon's Astro bot isn't safe
Here's why security researchers think Amazon's Astro bot isn't safe Technology
Researcher discovers FBI terrorist watchlist exposed online for three weeks
Researcher discovers FBI terrorist watchlist exposed online for three weeks Technology
T-Mobile investigating alleged data hack affecting 100 million customers
T-Mobile investigating alleged data hack affecting 100 million customers Technology
Government claims Co-WIN data of 150 million Indians wasn't leaked
Government claims Co-WIN data of 150 million Indians wasn't leaked Technology
More News
Edward Snowden
UK government approves Wikileaks founder Julian Assange's extradition to US
UK government approves Wikileaks founder Julian Assange's extradition to US World
Signal's user count surges after Musk recommends it over WhatsApp
Signal's user count surges after Musk recommends it over WhatsApp Technology
#SnoopingRow: RTIs reveal UPA intercepted 9,000 calls, 500 emails monthly
#SnoopingRow: RTIs reveal UPA intercepted 9,000 calls, 500 emails monthly India
Indian Govt must slap penalty for Aadhaar misuse: Edward Snowden
Indian Govt must slap penalty for Aadhaar misuse: Edward Snowden India
Elliot Alderson: The hacker who started the Aadhaar security controversy
Elliot Alderson: The hacker who started the Aadhaar security controversy Technology
More News
Elliot Alderson
Aarogya Setu 'most secure app', says government amid privacy concerns
Aarogya Setu 'most secure app', says government amid privacy concerns India
#WeeklyRecap: New MacBook, Surface notebooks, Unacademy breach, and more
#WeeklyRecap: New MacBook, Surface notebooks, Unacademy breach, and more Technology
Aarogya Setu for feature phone, landline: How to use it
Aarogya Setu for feature phone, landline: How to use it Technology
Hacker flags 'security issue' in Aarogya Setu, government responds
Hacker flags 'security issue' in Aarogya Setu, government responds Technology
Dating app for Trump fans leaks users' data on launch-day
Dating app for Trump fans leaks users' data on launch-day World
More News
Next News Article
Next News Article

Love Technology news?

Subscribe to stay updated.

Science Thumbnail
India News Business News World News Politics News Sports News Technology News Entertainment News Auto News Lifestyle News Inspirational News
Career News Bengaluru News Delhi News Mumbai News Mukesh Ambani Indian Premier League (IPL) Karnataka Samsung Xiaomi West Bengal
Bihar Virat Kohli Rohit Sharma Haryana Narendra Modi Arvind Kejriwal Tamil Nadu Gujarat Yogi Adityanath YouTube
Instagram Hollywood News Uttar Pradesh Kerala Netflix Bollywood News Mamata Banerjee Maruti Suzuki Rahul Gandhi Elon Musk
Shah Rukh Khan Chelsea FC OPPO Akhilesh Yadav Indian Cricket Team Apple Manchester United Salman Khan Cryptocurrency OnePlus
Amitabh Bachchan ICC Women's World Cup Vivo India vs Sri Lanka
About Us Privacy Policy Terms & Conditions Contact Us Ethical Conduct Grievance Redressal News News Archive Topics Archive IPL 2022 Schedule IPL 2022 Points Table Find Cricket Statistics
Follow us on
Facebook Twitter Linkedin Youtube
All rights reserved © NewsBytes 2022