Jun 2015 21

India is home to billion dollar IT industry, numerous e-Governance projects, world’s largest bio metric database, and many tech driven services. The single major problem with all these technological projects at national and state levels is the danger of theft and fraud. Government of India (GoI) did realize this, and as they do with all services, introduced a policy called National Cyber Security Policy 2013.

Well, the story ends with the formation of policy, 2 years after the policy was drafted, there is no sign of National Cyber Coordination Centre (NCCC), and National Critical Information Infrastructure Protection Centre (NCIIPC). Both these agencies were supposed to take care of national IT infrastructure, mainly falling under GoI. [..]

Jun 2015 17

Since last one month, I started logging the websites I visit and use, mostly those which require user to login. To my surprise I have account at over 50+ different websites. The number may be much more, considering I wasn’t able to recall all those websites where I created account just because that was the only way to get in, and later on never used it. This may be the case with many internet users. [..]

May 2015 10

Since the time Edward Snowden leaked classified information, the focus has been on how governments across the world use surveillance to keep tap on digital activities. Lately, I have been reading about it, and have come to the conclusion there is now way around it, but precautions can be taken if one is worried about his/her digital privacy.

Encryption in software/hardware largely boils down to the developers, if they wish, they can strongly encrypt the communication/data. For example, WhatsApp has partnered with Open Whisper Systems to provide end-to-end encryption.

There is a very good reason to trust this partnership as TextSecure, the technology which WhatsApp uses to encrypt messages, is open, and it allows anyone to go through the code to understand what exactly has been implemented, and whether that matches up to the expectation of tech community at large.

On the other hand, if you seen encryption tool like BitLocker provided by Microsoft to premium Windows version for free, isn’t open. That sends out a strong message of whether to really rely on such software when encrypting the laptop or desktop running Windows. Ubuntu does somewhat better job at this, but Apple again has this close system FileVault, which again raises concern.

If you are really worried about privacy, and want to make sure that the system you are using is secured, then you may want to consider following, which I have summarized after reading few blogs at The Intercept:

  1. Websites: Make sure the website you visit has a valid SSL. It is very simple to check, just look for the green icon on left of the website domain of the website after the page has been loaded, if it’s green, you are good to go. In case the SSL isn’t valid, then it will through up warning message even before the page loads. For those website which never used SSL, visitor should either opt out of the website or try avoiding data transfer task like creating account, submitting private information etc.
  2. Apps: It’s difficult to provide third party encryption directly to desktop or mobile apps. For desktop, you may want to move to web based alternative for the application you are using, this may sound tricky, but at least with web encryption you may feel safe about your data. If you make use of messenger a lot, then why not opt for TextSecure, and there are many other alternative you can consider for secure voice/data communication, all provided by Open Whisper Systems. For Apple devices, you have Signal.
  3. Hardware: Try encrypting your laptop/desktop/smartphones/tablets. Android has this support. For Windows you will have to make use of third party or BitLocker. Apple provides FileVault. This won’t fully ensure privacy/encryption, but gives you some sense of responsibility.

If you follow above three suggestions, then you can securely encrypt your hardware device you use to send out the messages/data or to do the voice communication. In turn, 99% of your daily activity will be encrypted.

These are just few suggestions that I have tried to summarize, at the end when using any tech products to communicate or to store your data, it all boils down to the trust factor between the service provider, and the seeker. In this digital world, having basic encryption understanding is surely handy.

Apr 2015 14

Within a year or two, market will be flooded with smartphones that will come equipped with Android forked OS. Since 2008, we have seen that App Stores play an important role in providing OTT services, and for Android, Google Play Store is the best way to reach out to your customers.

Now, when aggressive players like Cyanogen and OnePlus are going all about developing there own platform, and want to get out of Google’s umbrella, then it surely means they will also be opting out of Google Play Store, as no one want to lose out on the profits.

Few solutions for new Android App Store:

Go Solo:

Both Cyanogen and OnePlus might want to set up there own app store, but I don’t think this sounds like a good idea. As it takes time and infrastructure to attract developers. Samsung did try this option, but it has failed to excite developers. Also, since the base OS is same, it also doesn’t make sense to have another app store besides Google Play store.

An Open App Alliance:

This can be done, if all companies come together to form an open app store, that works not only on Cyanogen and Oxygen OS, but also on traditional Android OS. This also offers an excellent platform for other OEMs too, who are always looking to bite Google’s revenue from app store. If successful,  this can be profitable and can pinch Google a lot, and will also attract future OEMs. [..]

Apr 2015 11

Aadhaar under UIDAI provides unique identification for each resident across India. As per the dashboard, more than 80 Crore Aadhaar has been issued till date. The important question now is, how India can make use of this large database to solve social issues other than just catering to Government’s (GoI) welfare schemes, its primary target.

My take is that it can be perfectly used as National Electronic Health Record (NEHR). If GoI can come up with an interface (with API support) using which the health care provider or the doctors can punch in the Aadhaar ID and then submit all the health treatments done on a particular patient, then he/she will has access to all health records anytime anywhere.

GoI recently launched the beta version of DigitalLocker, which can be easily used to integrate this service. Govt. of Maharashtra has already taken the lead by launching state version of this system called Maha DigitalLocker. There will be questions of privacy, security etc, but all can be technically resolved, as the implementation gets going. [..]

Page 1 of 2812345...1020...Last »