In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Friday, December 28, 2012

2738 - Criminals can hide data in plain sight


27 August 2012 Last updated at 23:04 GMT
Viewpoint: Criminals can hide data in plain sight
By Prof Alan Woodward Department of Computing, University of Surrey


It may not look like it but this promotional image of James Bond has been treated to contain a message hidden within it
Is there a hidden threat right under our noses? Each day billions of messages are sent over the internet.
Not surprisingly, some contain very sensitive information and much effort goes into making sure these messages are unreadable by anyone other than the intended recipients.
This is the essence of cryptography. But, there is another option: hiding messages in plain sight, the electronic equivalent of invisible ink.
We can think of all messages as falling into one of three categories:
  • "Sense" - where the message is sent "in the clear" and anyone intercepting the data can read it as easily as a valid recipient.
  • "Nonsense" - where the intercepted data is turned into nonsense so that only someone with the right key can convert the message back from nonsense to sense. This is cryptography.
  • "Missense" - where the message is embedded in some innocuous looking data so that no one would suspect there was a hidden message. This is known as steganography.
Although you don't realise it, you are probably using steganography already in your everyday electronic lives as it is used extensively to "digitally watermark" electronic data with information such as the copyright owner.

Encoding James Bond
The James Bond image had text hidden within it using a piece of free sofware easily found on the internet.
Digital images in many formats can have the data that describes each element of the picture altered very slightly without perceptible changes to the image.
Suppose you changed on only one "bit" in each element in order to hide data: without the original for comparison no-one would notice anything unusual.
When you know which elements to look at and which bits were changed you can extract the hidden data and hence you secret message.
In case you are wondering, the text hidden inside the image reads: "This is a secret message that I want no-one to read."
New technologies have emerged that are capable of holding considerable amounts of information, whilst having no perceptible effect on the object being digitally watermarked. Photographs, music and even e-books all use forms of this technology, as a deterrent to bootleggers.


Missing missense
Whilst digital watermarks are intended to hold information such as copyright data, the techniques can also be used to embed hidden messages in digital objects, and this poses a problem for any law enforcement agencies trying to conduct surveillance.
If something is sent "in the clear", you can set up filters to look or words of interest and use those to trigger a closer look at the data in question.
Even better if something that looks like nonsense. It is quite likely to be of interest. After all if someone has gone to all the trouble of encrypting data to make it look like nonsense then you can assume that it is something the sender values, and hence something worth paying much closer attention to.
However, anything that is sent as "missense" is highly likely to be missed, as it will look to all the world like some innocent piece of data.
It is the classic conjuring trick of misdirection. This matters in the modern world as the volumes of data that any eavesdropper has to sift through are vast.

Spotting "missense" might involve combing through a files' data rather than looking at what it appears to show
No-one can analyse every piece of data that could potentially be captured and so if a piece of data looks like, say, a picture but actually it contains a secret hidden document, no-one will know to conduct further analysis on that picture.
Governments and the military are not the only ones who want to pass messages securely.
Criminal code
Obvious candidates are terrorist groups and organised crime. Those who may have reason to think they may be under surveillance may find steganography very appealing, as such messages need not be passed using simple email.
Imagine, for example, someone posting apparently innocent photographs on a social media site, but the item actually contains the secret message.
The whole world can see it but only those who know where to look can see the intended message.
And what about a disgruntled employee using his/her work email to send a picture of the children to a friend but actually they are shipping out your most commercially sensitive information?
Your intellectual capital could be disappearing before your eyes and you'd never know it even if you read all of their emails.
Reading between the letters
It is sometimes difficult to know even what type of object can hide a message. Some very innovative forms have emerged in recent years.

“I think it inevitable that the bad guys on the internet are already using these techniques. There are freely available tools... and these tools continue to advance”

One of those I found most impressive was where the spacing of letters on a web page varied very subtly but in such a way that it conveyed hidden messages. You could read the pages quite normally and learn all about the tourist spot or whatever was being described, but all along you were looking at hidden data that you didn't recognise as such.
There is also a way of having the best of both worlds: encrypt a secret and then embed it using steganography. In this way, even if the hidden message was detected, it could not be read.
However, whilst the research into digital watermarking continues to mature, the research into detection of hidden messages is still in its infancy.
Decoding encrypted messages (so called cryptanalysis) has long been studied, with efforts such as those at Bletchley Park during World War II being rightly celebrated.
Detection of hidden messages - known as steganalysis - has no such pedigree. In part this is because various studies of large data sets on the internet failed to detect the use of steganography, and so it is not considered a threat. But, if the hiding techniques used were advanced enough, the immaturity of the detection techniques means that these studies were fundamentally flawed.
So will message hiding ever be widely used? I think it inevitable that the bad guys on the internet are already using these techniques.
There are freely available tools to enable you to do all of what I have described above, and these tools continue to advance.
What is required is proper funding of the detection techniques, or at the minimum, some more reliable method of determining if steganography is being used for hiding messages en masse, if we are to have a proper understanding of the threat.
Alan Woodward is a visiting professor at the University of Surrey's department of computing. He has worked for the UK government and still provides advice on issues including cybersecurity, covert communications and forensic computing.