The Aarogya Setu app users have many suggestions for the developer and government, as this app not only looks incomplete but also stands vulnerable to hacking. Within 500-meter range if a person is identified as COVID-19 positive or died due to symptoms of for the same, there is no alert. Letting GPS & Bluetooth leads battery drainage and overheating the phone and thus most of the user’s not willing to keep Bluetooth at always on mode. People have been forced to link AADHAR with SIM, so may utilize technology to track & trace via cellular usage only. Or bring some better technology.
Meanwhile, The Arogya Setu, app has been hacked by a software engineer from Bangalore. An ethical hacker, who goes by the name Jay, said he was looking for ways to avoid putting the app on his phone. So, he decided to sit down and scratch it apart to prove how easy it is to fool it, he claimed that India’s contact tracing app is super easy to hack. The government, in response, said it’s impossible and the app can’t be hacked. Well, let’s just say that their claims didn’t really age well because the Aarogya Setu app stands hacked right now.
The hacker told one of the media houses that he didn’t like the fact that installing this app is slowly becoming mandatory in India. As he started working on the app at 9 AM, he first managed to bypass the code for registration, thereby eliminating the need to enter his phone number. He did some more lopping and managed to bypass the page that requested personal information like name, age, gender, travel history, and COVID-19 symptoms too. He even carved his way out of giving the app his permission to access things like GPS and Bluetooth, two things without which the app can’t do much. And just like that, he managed to install the app without giving away any of his details and he was marked “safe” even though he didn’t give any permission for it to run on his phone. By 1 PM, he was done with it. All this shows just how easy it is to hack your way around the app and effectively anybody with a little knowledge can do it. With such vulnerabilities, one can guess how easy it is to fake some one’s COIVD-19 status on the app. The apps reliability is questionable. Now its very easy to display fake COVID result, which completely breaks the purpose of having it on your phone.
Aarogya Setu is a mobile application developed by the Government of India to connect essential health services with the people of India in our combined fight against COVID-19. The App is aimed at augmenting the initiatives of the Government of India, particularly the Department of Health, in proactively reaching out to and informing the users of the app regarding risks, best practices and relevant advisories pertaining to the containment of COVID-19.
The idea of having this app is very good. But, a lot of work needs to be done with reference to being serve the purpose it envisages. A few points. 1. User must be able to assign/ pick his/ her GPS location. When on the movement, app should collect real time GPS tracking data by asking prior permission. Many users believe that the app works only up to 5 meters, not picking up the mobile No on the helpline. Apart from that, data has to be spent round the clock, so Jio has changed its plan from Rs 399 to Rs 550 / -. This app spies many video photos of PM. COVID-19 Collector Commissioner or any local MLA MP has not been given a number for help. No one seems to have received any help with its assistance. Fear remains because a person beyond few meters if suffering COVID-19, you won’t be knowing about it.
Many users believe that the app needs lot of improvement. It doesn’t buzz or notify when you are in contact with a COVID-19 positive person. Also, if the contact person is later on tested positive, the app should have feature to notify the extent of contact along with date and time and whether quarantine is needed. This will help the user take prompt action.