New Versions
of Naavi's E books Available in PDF format at affordable prices
Employee Access is not "Theft"
Sept 25: In an
interesting judgment
in the US, an appeal court has held that an employee who downloaded
confidential data cannot be considered to have either committed an
"Unauhrized access" or has "exceeded his authority". Report
WP Filed in
Bangalore against Government inaction on Cyber Appellate Tribunal
Sept 23:
In a clear demonstration of "Lack of Governance" at the Ministry of
Communications and Information Technology of the Union Government, the
post of the "Chairperson of Cyber Appellate Tribunal" has been lying
vacant since end of June 2011. Though a "Member Judicial" was appointed
in December 2011 and has been available at CAT office all through the
last 9 months, and is otherwise eligible to be appointed as the Chair
person, he has not been designated as the "Chair Person".
As a result many victims of Cyber Crimes are
reeling under undecided cases and the provisions of Information
Technology Act 2000 remain orphaned. The affected victims include some
in Bangalore who have been reeling under a questionable decision from
the then IT Secretary that "Provisions of Section 43 of ITA 2000 can
only be invoked by an individual against an individual. A company can
neither invoke the section nor any body invoke the section against a
company". This has left Karnataka in a situation where the Adjudication
system envisaged under the Act has been rendered useless.
Despite many reminders to DIT
officials, Mr Kapil Sibal, Mr Man Mohan Singh, Mrs Sonia Gandhi, Mr
Rajiv Gandhi as well as the Chief Justice of India, nothing has been
done to address the issue. Now two of the victims in Bangalore have
moved the High Court in a PIL for necessary directions to the
appropriate Government authorities. We may remember that a similar PIL
in Mumbai high court way back in 2003 had resulted in the appointment
of IT Secretaries as the "Adjudicators".
The petition has been admitted on 22nd
instant and notices have been issued to the Union Government for
response. Hope this will finally result in some positive action by the
Government though Mr S.K.Krishnan, the former Justice from Madras High
Court appointed as member judicial will reach superannuation by
November 2011 and Government needs to find another person to replace
him.
Naavi.org congratulates advocate Mr
Chaitanya Gururaj for taking up the cause of the victims and wish him
all the success. For more details Chaitanya can be contacted at
9844237351. Developments can be followed at Karnataka High Court
website (case number WP 37577/2012).
Report
in Hindu (See para vacancy) :
Report in DNA :
Report in TOI
Improper
Information classification leads to loss of 6000 blank VISAs
Sept 21:
In a glaring security breach, 6000 blank VISAs despatched by Nasik
Security Press to Indian High Commission in London has been lost in
transit in London. According to the report the consignment was
classified as "B" and "C" category and clubbed along with News papers.
It was not classified as "A" category in which case it would have been
handled as "Diplomatic Baggage" and collected by a staffer. This is a
typical error of "Information Classification" which is the first lesson
in Information Security. There is a great lesson in the incident which
our Corporates need to learn.
Report
400000 security
vacancies identified!
Sept 21: The
Director General of IND-CERT Mr Gulshan Rai has stated that there is a
severe shortage of skilled professionals in Information Security
domain. According to his estimate there are presently around 32000
people where the requirement is around 400000. Hope this gap will be
recognized by Engineering Colleges who need to take up necessary
programs to generate the required skilled personnel.
Report
FBI confirms what
was suspected for long
Sept 21:
For a long time Naavi has been warning bankers that some of the
reported frauds in banks may not be due to theft of customer's
credentials but by loss of credentials of the bank employees or their
active connivance. FBI has now confirmed that fraudsters are
increasingly targeting bank employees to access their credentials with
targeted phishing.
Report
National IT
Policy Cleared by Central Cabinet
Sept 21:
The Central Cabinet has cleared a "National Information Technology
policy 2012" which addresses several key issues in ICT development in
India at the policy level. Amongst the ey recommendations in the policy
is to provide "mandatory delivery of and affordable access to all
public services in electronic mode". "To adopt and promote open source"
is also part of the policy. Another interesting note is "to strengthen
the regulatory and security framework for ensuring a secure and legally
compliant Cyberspace ecosystem". The objective is to increase the
revenues of IT and ITES industry from US$ 100 billion at present to US$
300 billion by 2020. The policy in general is welcome and we need o
await the implementation measures to be taken by the Government. In the
current political environment the policy is likely to take its own time
in reaching the next level of implementation. Report
Mumbai Police
arrest a Teacher for Uploading false Burma Video
Sept 21: During
the recent incidents where fear was crated aongst the people of North
Eastern states in Bangalore, Pune and other places, certain doctored
video clips were circulated through the internet showing what were
projected to be atrocities committed in Burma. This was turned into
anger against the people of Assam where the illegal Bangladeshi
immigration was being opposed creating a "sense of panic" amongst a
section of the society forcing them to run away to their states.
Several persons have been arrested in this context in Bangalore. Now it
is reported that a teacher in Pune by name Sharif, Ahmed Bashir
Siddiqui has been arrested for uploading the video.
Report
It is not clear what are the charges
pressed. If the intention of uploading was "Distributing it to a large
number f persons for the purpose of provoking them and cause
disharmony" then it is necessary to press charges under Section 66F of
ITA 2008. However if such an intention was not evident and it was a
normal activity where any interesting picture in the media is uploaded
to a Face Book profile, then it would be cruel to pursue serious
charges. The Judge has therefore the onerous task of analysing the
situation and take appropriate decision.
First
Adjudication case in Orissa
Sept 20:
First adjudication complaint in Orissa has been filed by a business man
who was cheated with a false email advising a non existent tender from
SAIL. The respondent is a website tndertiger.com offering certain
information services regarding tenders.
Report
Women accused of
Cyber Crime in Chandigarh
Sept 16:
An young women who lost her car and poured out her frustration in
intemperate language on the Face Book page of the traffic police is now
under danger of being hauled up for Cyber Crimes under ITA 2008.
Report in HT
Government
Bungling on Censorship Exposed
Sept 16:
It is reported that one of the sites blocked by the Government recently
in connection with the purported violence in Burma against Muslims was
a blog maintained by a Mumbai Police Commissioner in which he had
painstakingly explained how the photos distributed to provoke Muslims
were fake. The content would have actually worked to reduce the tension
in the society and promote greater communal harmony. By ordering
blockage of the site, the officials have actually promoted communal
disharmony and committed an offence themselves. It is now time for some
Court to appropriately punish the erring officials. Perhaps a PIL
should be filed to elicit a judicial response to blocking of such sites
which promoted communal harmony.
Report
State Sponsored
Virus to steal Bank information?
Sept 15:
It is believed that "Gauss" a sophisticated malware that steals banking
credentials and self destructs itself which has been operating since
around an year could be a creation of the US Government targeting
Lebanon.
Report
Infected ab-initio
Sept 14:
Microsoft researchers in China have identified that certain computers
supplied by a firm "Hedy", a computer manufacturer in Guagzhou, China
contained a virus "Nitol" in the original equipment status. The virus
connects the computer to a botnet believed to be run b the owners of
3322.org. Microsoft has filed a legal suit in a Virginia court in
this regard.
Report
Technology
Intoxication lands young technologists in jail
Sept12:
Mr Manmohan Sardar, Sumit and Ankit from Moradabad who wanted to
develop hacking expertise as a challenge to Pakistani hacker's
defacement of the CBI website, have ended up in jail after hacking a
mobile recharge website. This is a typical but tragic incident of
misguided young technologists who are immature and ignorant of the
consequences of their impetuous behaviour.
Report
This behaviour is what Naavi has called
"Technology Intoxication". Parents, Engineering Faculty and Corporate
HR personnel need to take note of this deviant behavioural tendency and
address them in their education and training.
Sedition Charge
to be dropped?
Sept 11:
After demonstrating their dictatorial tendencies under the possible
guidance of the corrupt politicians, Mumbai Police excused out of the
need for Police Custody for Mr Aseem Trivedi. Mr Trivedi is however not
pressing for bail and has been committed to judicial custody for a few
more days. It is now being reported that the charges under Section 124A
for sedition is likely to be dropped. It is doubtful if the charge
would stick in a court of law anyway and has already made a hero of Mr
Aseem Trivedi. Just as Government bungled in arresting Baba Ramdev, the
panic driven corrupt politicians appear to be be behaving foolishly and
committing one mistake after another. Maharashtra Home Minister has
reportedly confirmed that the sedition charges would be dropped.
Story in Zeenews :
What is Sec 124A
of IPC?
Sept 11:
Questions are being asked why Mumbai Police slapped Section 124A of IPC
instead of using some section of ITA 2008 to arrest Mr Aseem Trivedi.
According to Section 124A, "Whoever, by
words, either spoken or written, or by signs, or by visible
representation, or otherwise, brings or attempts to bring into hatred
or contempt, or excites or attempts to excite disaffection towards. 2[*
* *] the Government established by law in 3[India], 4[* * *] shall be
punished with 5[imprisonment for life], to which fine may be added, or
with imprisonment which may extend to three years, to which fine may be
added, or with fine."
The section also explains that "The
expression “disaffection” includes disloyalty and all feelings of
enmity. Comments expressing disapprobation of the measures of the
Government with a view to obtain their alteration by lawful means,
without exciting or attempting to excite hatred, contempt or
disaffection, do not constitute an offence under this section."
It is therefore clear that the Mumbai Police
are under a weak ground in proving the offence. They perhaps wanted the
excuse of 124A to terrorize Mr Aseem Trivedi and his likes who
supported Anna Hazare in his campaign against corrupt politicians. When
the entire background of the reasons for arrest was known, it is
surprising that the magistrate considered that there was a reasonable
ground to accept the charges pressed by the Police. If a magistrate has
to blindly commit a person to judicial custody when an arrested person
is brought before him without applying his own mind, there is no
reason to refer the arrest to a magistrate at all. The incident also
projects the magisterial courts in poor light.
Related Story
India Offers to
barter FTA with Data Secure Status
Sept 11:
Indian Government is reported to have offered to agree for Free Trade
Agreement subject to EU accepting the Data Secure Status for the
country. Despite this being of advantage to the BPO industry, the logic
of this barter offer is unacceptable. It is unfair to barter the
physical society interests to the virtual society interests in this
crude manner. Also if we want to have "Data Secure Status" it should be
on the basis of acceptable ground work in that direction and not by arm
twisting using the FTA status.
Report in ET :
Report in ZDnet
Mumbai Police
Redefines the word "Sedition"
Sept10:
The act of arresting Aseem Trivedi is a definite indication that
persons in authority responsible for this arrest are "Dictators" in
their own right. At best the activity of Aseem Trivedi can be
defined as "Anti Corruption". If "Anti Corruption" is "Anti
National" and seditious, then it means that "Corruption" is accepted as
a "National Policy" and as the "Nation". The Police officers as well as
the Magistrate who is responsible for this decision need to explain to
Indian public how "Anti Corruption" is equivalent to "Anti National".
This is a huge blot on the system of law enforcement in
Mumbai.
"Absurd" says PC Chairman
Cyber Cafe and
CCTV
Sept 7:
A Cyber Cafe owner in Pune has been arrested for not maintaining proper
records of visitors following some threat mails having been sent by one
of the users.
Report.
In order to avoid this type of problem, it
is necessary that Cyber Cafe owners need to not only maintain the
visitor's register but for effective monitoring install a CCTV system
to identify the visitors. Naavi has designed a "Cyber Cafe Visitor
system for effective compliance and looks forward to implementation
partners to roll out the product. This would be of use even for Banks
for ATM security. Interested companies may contact naavi through email
Action initiated
against Twitter account holders
Sept 7: It
is reported that the DIT has issued notices on some of the twitter
account holders who allegedly posted inflammatory messages during the
NE exodus to appear before a committee and explain their views. It
appears that certain procedures are being created for the first time
for initiating action under Section 69A of ITA 2008. According to the
rules after the emergent measures, the blocking of websites has to be
reported to a committee which has to ratify the decision. The current
move is a follow up of this.
Report
"Cyber Risk
Management is a Board Level Responsibility"
Sept 6:
The UK Government published new cyber risk management guidance for
businesses on Cyber Security. The simple guidance note raises some key
questions for CEOs and Boards which are an interesting reminder to
Indian corporates too. :The
note
IT Opportunities
in India
Sept 6:
According to an analysis of IT opportunities in India by IDG, Indian IT
industry is expected to grow from $100 billion today to around US$ 400
billion by 2020. However the report indicates that Indian BPO market
growth is slower than that of China which is set to overtake
Philippines shortly. However growth is expected in the Mobile and E
Commerce segments where some healthy growth prospects are projected. It
is however necessary for Indian Governments to take a deeper look at
emerging global competition and initiate appropriate policies that may
preserve the growth rate of the ICT. This may require targeted
incentives to the industry so that they may expand into emerging
business opportunities in terms of new products and services as well as
new countries.
Report
Tallinn Manual
September
4: A group of distinguished Cyber Security experts from NATO
have released a document codifying the international laws applicable to
Cyber Warfare. Referred to as the "Tallin Manual", the document is
presently in draft form is an expression of opinions of a group of
independent experts and is not an official document nor meant to
reflect NATO doctrine. However it is a good study of the law governing
the resort to force by States as an instrument of their national policy.
Details
:
The Manual
Electronic
Service Delivery Bill
Sept 3:
The Electronic Service Delivery Bill which was due for passage appears
to have hit a snag with the panel of legislators raising a legitimate
question as to whether the Bill is required. Naavi had pointed out that
it looked strange that one part of MIT was drafting this bill when
another part of MIT released the rules under Section 6A of ITA 2008
since the objective of both were exactly the same. It is good that the
anomaly has been spotted by the legislators. We need to wait and see
which group of MIT will be able to win this little battle.
Report :
Medianama Summary Report:
PRS Report
For Articles of Earlier Date Browse
through Archives
![[Valid RSS]](image/valid-rss.png "Validate my RSS feed"){kind=small}
![[Valid RSS]](http://www.naavi.org/image/valid-rss.png "Validate my RSS feed"){kind=small}
