Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Open Source

India Open Sources Its Contact-Tracing App (techcrunch.com) 23

India has released the source code of its contact-tracing app, Aarogya Setu, to the relief of privacy and security experts who have been advocating for this ever since the app launched in early April. From a report: Ministry of Electronics and Information Technology Secretary Ajay Prakash Sawhney made the announcement on Tuesday, dubbing the move "opening the heart" of the Aarogya Setu app to allow engineers to inspect and tinker with the code. The app has amassed over 114 million users in less than two months -- an unprecedented scale globally. The source code of Aarogya Setu's Android app is live on GitHub with code of iOS and KaiOS apps slated to release in a "few weeks." Nearly 98% of the app's users are on the Android platform. Sawhney said the government will also offer cash prizes of up to $1,325 to security experts for identifying and reporting bugs and vulnerabilities. "Open-sourcing Aarogya Setu is a unique feat for India. No other government product anywhere in the world has been open-sourced at this scale," said Amitabh Kant, chief executive of government-run think-tank NITI Aayog, in a press conference today.
This discussion has been archived. No new comments can be posted.

India Open Sources Its Contact-Tracing App

Comments Filter:
  • by Opportunist ( 166417 ) on Tuesday May 26, 2020 @03:18PM (#60107594)

    Can I compile the code and verify that the app in the app store is indeed binary identical to the one I just compiled from the source?

    • Can I compile the code and verify that the app in the app store is indeed binary identical to the one I just compiled from the source?

      Can you? Or can Somebody? Those are vastly different burdens.

      Near as I can tell if you run Debian the answer is mostly.

      https://wiki.debian.org/Reprod... [debian.org]

      Apps on your phone OTOH, probably not so much. Likely someone else will have to check.

    • by guruevi ( 827432 )

      Why would you need to? You can just inspect the code and see that it is designed to spy on you.
      https://github.com/ubuntulover... [github.com]

      • If you don't compile it and run your own build, then you don't know that it's the code you were looking at. (Even if you do, there are tricks for that, too.)

        • What is binaries are indentical but playstore sent you a spiked one? What if playstore sent the right one, but android had a backdoor to install a spiked one? What if android is safe, but someone installed a spiked version when you were not looking (forgot to lock n slept)?
      • How do I verify that this is the code that was actually used to build the binary I get?

  • Fuck India and their treatment of their Muslim citizens and get the FUCK out of Kashmir!
    • India's current treatment of Muslims is very poor, but turning Kashmir over to Pakistan is a bad idea. Until recently India treated Muslims well, and the ones in Kashmir would have been just fine had they and Pakistan not engaged in a nasty terror war against India. The Indian response has indeed been harsh, but the Muslims and Pakistan started it. If Kashmir had been made part of Pakistan, that would have been a disaster for the large non-Muslim minority. Non-Muslims and even the wrong kid of Muslim (Ahma
    • You don't have a FUCKING clue but still feel the need to mouth off, eh?

      India has the third highest Muslim population in the world. Leave the nut jobs aside and, by and large, Indian Muslims will tell you they live better and are safer than they'd be in many Islamic republics.

      Muslims in India are allowed to practice their own civil law cos the more extremist elements don't want any part of the national common code: https://en.wikipedia.org/wiki/... [wikipedia.org]

      Muslims in many states (though decidedly not on a na
    • Muslim terrorists started this. a) First, they drove away all Hindus [https://indianexpress.com/article/explained/exodus-of-kashmiri-pandits-from-valley-6232410/] b) They stopped allowing other religious people from doing any business in Kashmir c) They sent terrorists from pakistan and poisoned kashmiri muslim youth to kill and plunder. d) Attacked Indian parliament, Taj hotel in bombay and many other tourist places. e) They are directly responsible for starting the jihadi war against India and the killing
      • As a Pakistani, I agree that Pakistan (the gov, army, and ppl) did a lot of bad things in the past. We should (1) learn from our mistakes and let's not repeat it, (2) apologize for it and (3) kick out those fucking terrorists we breed.
  • by batkiwi ( 137781 ) on Tuesday May 26, 2020 @09:07PM (#60108694)

    https://github.com/AU-COVIDSaf... [github.com]

    I believe singapore did as well.

    So this is great, but how is it unprecedented?

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...