Home » News » Apps » Indian Government now offering Rs 4 lakh to users who can find flaws and vulnerabilities in Aarogya Setu app

Indian Government now offering Rs 4 lakh to users who can find flaws and vulnerabilities in Aarogya Setu app

By Digit NewsDesk | Updated on 30-May-2020
Indian Government now offering Rs 4 lakh to users who can find flaws and vulnerabilities in Aarogya Setu app
Digit NewsDesk Digit NewsDesk
30 May 2020 17:44
HIGHLIGHTS

Researchers and experts can now win Rs 4 lakh by finding bugs and vulnerabilities in Aarogya Setu.

This was tweeted out by the Indian government.

There a few guidelines to follow

If you’re a hacker or someone who knows coding in regards to apps can now help find bugs in India’s own contact-tracing app Aarogya Setu. In a tweet that was published bu the government, researchers and experts who have the technical knowledge regarding apps are being offered Rs 4 lakhs to help find bugs and issues with Arryoga Setu. This bug bounty is open to all comers including people on Aarogya Setu. The government says, “Everyone, including researchers and users of Aarogya Setu, are encouraged to report any vulnerability impacting the privacy and information security posture of Aarogya Setu application.”

A few weeks ago, French security researcher Robert Baptiste who goes by the pseudonym Elliot Alderson (a character from the TV show Mr Robot) posted a tweet saying that Aarogya Setu has a few flaws that may lead to a leak in the information collected. After that kerfluffle, the government has now decided to make Aarogya Setu open source. This essentially means that anyone can now inspect and check the source code for the app and make necessary changes where they see fit. This was a necessary move for the government as the public backlash getting worse. 

Researchers who do find bugs in the app will be asked to responsibly disclose those vulnerabilities and even get paid for it. The government has also laid down a few guidelines for people to follow. Basically, the reported vulnerability should only be present in the Aarogya Setu app or its source code or back-end server. They further added that the bug or vulnerability should be able to be exploited by “an unrooted phone running a version of Android supported by Aarogya Setu, with ADB Disabled and with all default Android security features in place.”

In other Aaryoga Setu news, the app is now mandatory for people who are flying. You can read more about that here. There has been a new contact-tracing app called SwissCovid which is based on Google and Apple’s UPI as well, you can check out how it compares to our own Aarogya Setu app here

Digit NewsDesk

Digit NewsDesk

Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. View Full Profile

New Mobiles
Apple IPhone 15Redmi 12 5GRealme 11 Pro+ 5GApple IPhone 15 PlusNothing Phone 2
Top-10s
Best Mobile Phones under 15,000Best Mobile Phones under 20,000Best Mobile Phones Under 10,000Best Mobile PhonesBest 5G Mobile Phones
Terms of Use Privacy Policy About Us Advertise with us Contact Us SiteMap Current / Past Issue Magazine Subscription
9.9 Group

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

We are about leadership – the 9.9 kind Building a leading media company out of India. And, grooming new leaders for this promising industry.

logo logo logo logo logo logo
Copyright © 2007-24 9.9 Group Pvt.Ltd.All Rights Reserved.
Digit.in
Logo
Digit.in
Logo