Last Updated : Nov 24, 2020 03:49 PM IST | Source: Moneycontrol.com

Aarogya Setu app | Only snippet not ‘back-end code’ released by Centre: Security experts

A good way to identify true back-end code experts say is that it will allow one to run their own versions of the app in question. What is given now they say is snippets of the open-sourced front-end.

Moneycontrol News

Criticism has emerged against the “back-end code” of Aarogya Setu app released by the Ministry of Electronics and Information Technology (MeitY), as security experts say that details released are “not what it is claimed to be,” Mint reported.

Anivar Aravind, an advisory board member at the Software Freedom Law Center (SFLC), told the paper that what had been released were “non-functional code snippets.”

“It is client-side code loaded onto the app from a web address and not the server functions or the data-handling part. The back-end code, which handles the data, including the data schemas, has still been kept secret," he said.

Close

Aravind challenged Karnataka’s mandatory imposition of the Aarogya Setu app in the state High Court due to privacy concerns.

COVID-19 Vaccine

Frequently Asked Questions

View more
How does a vaccine work?

A vaccine works by mimicking a natural infection. A vaccine not only induces immune response to protect people from any future COVID-19 infection, but also helps quickly build herd immunity to put an end to the pandemic. Herd immunity occurs when a sufficient percentage of a population becomes immune to a disease, making the spread of disease from person to person unlikely. The good news is that SARS-CoV-2 virus has been fairly stable, which increases the viability of a vaccine.

How many types of vaccines are there?

There are broadly four types of vaccine — one, a vaccine based on the whole virus (this could be either inactivated, or an attenuated [weakened] virus vaccine); two, a non-replicating viral vector vaccine that uses a benign virus as vector that carries the antigen of SARS-CoV; three, nucleic-acid vaccines that have genetic material like DNA and RNA of antigens like spike protein given to a person, helping human cells decode genetic material and produce the vaccine; and four, protein subunit vaccine wherein the recombinant proteins of SARS-COV-2 along with an adjuvant (booster) is given as a vaccine.

What does it take to develop a vaccine of this kind?

Vaccine development is a long, complex process. Unlike drugs that are given to people with a diseased, vaccines are given to healthy people and also vulnerable sections such as children, pregnant women and the elderly. So rigorous tests are compulsory. History says that the fastest time it took to develop a vaccine is five years, but it usually takes double or sometimes triple that time.

View more
Show

related news

Follow our LIVE Updates on the coronavirus pandemic here

Karan Saini, another security researcher said the codes given out now “doesn’t allow you to glean any kind of useful information about the functioning of Aarogya Setu, apart from a few superficial snippets.” He added that the current code is ‘open sourced’ and only shows client-side functions of the app, while concerns were about what data is being processed and how it is being stored and accessed.

A good way to identify true back-end code, experts say, is that it will allow one to run their own versions of the app in question. What is given now they say is snippets of the open-sourced front-end.

These questions are part of a longer debate around the transparency and privacy concerns surrounding the Aarogya Setu app. MeitY did not respond to queries, as per the report.

Check here for the latest updates on all COVID-19 vaccines

The government on November 20 said that it has released the backend code of Aarogya Setu in the open domain to help people understand the functioning of the COVID-19 contact-tracing app and allay apprehensions they may have around privacy and security.

Aarogya Setu was launched by the Government of India on April 2 with active involvement of the best of the minds from the Indian industry, academia and government working round the clock to build a robust, scalable and secure app, it said.

The app is now being maintained and supported by the National Informatics Centre (NIC).

Follow our full COVID-19 coverage here
First Published on Nov 24, 2020 03:49 pm

tags #Aarogya Setu #Business #coronavirus #India #tech