All systems need human beings, and human beings will find ways around the security that they themselves have built.
Mr.Sharma’s answer is that all this did not involve hacking of the Aadhaar database; and his emails were not hacked. He even crows about the Re. 1 deposited to his account as a benefit, “forgetting” that for a civil servant, the answer “I don’t know where this one lakh (for a computer, Re 1 or Rs. 1,00,000 is same) came from” may not be an answer that the vigilance authorities may buy. The plain fact is Mr. Sharma lost his challenge, and he knows it. Therefore the obfuscation.
So what did the hacker community establish in the RS Sharma challenge? It showed that with his Aadhaar number, it made access to his various private information easily available. It does not take much skill to put in his Aadhaar number and search in various databases for his personal details. With his personal details, it was easy to access his Air India frequent flyer number, which was the security question to one of his email accounts. For anybody who operates a Gmail or Yahoo account, they would know that the hacker was quite close to hacking his account. That he did not do so was presumably because he was ethical, and also because Mr. Sharma never agreed to indemnify people against the criminal consequences of any such act.
Let us forget Mr. Sharma and his antics and look at the larger issue of privacy and Aadhaar. All of us have data that are in different silos. We have our bank accounts, which record our transactions, our circle of friends who are linked by our telephone calls and our emails, our tax records that are accessed by our PAN number, and so on. Each of these silos can be hacked, and if they are, the other silos are not affected. Further, we can change our bank accounts, our IDs, our passwords, etc. and regain our privacy, even if the earlier hack could have led to our past data in that silo being compromised.
Aadhaar has a number of threats to our privacy. One is that it provides a common link to the separate silos, providing a common mode failure in the system. Through my Aadhaar number, all the silos are now connected. That makes the task of hacking the silos that much easier.
If the account by the hackers in the Sharma episode is true, then by answering Mr. Sharma’s security question, his Gmail account could have been hacked. His Aadhaar number was used to identify his Air India Frequent Flyer number, and this was his Gmail security question. And Mr. Sharma, like many of us, uses personal information as a part of his passwords; or as a security question for password recovery.
Mr. Sharma might have ensured security to an extent. After all, he is supposedly a techie, who had headed the UADAI, and therefore presumably knows a little about security. For most of us lesser mortals, we would not have many layers of security – e.g., two factor logging into the Gmail account – using a password and an OTP – and could have seen our email account hacked. Once it is hacked, a huge amount of personal information would also be hacked. So will be our phones, as Google backs up our data by default. And as we store various information on our phones and emails, this can lead to our privacy being compromised in various other ways.
The second problem with Aadhaar is that if the Aadhaar database – and I am not talking about the biometric database, which is what UADAI authority claims is behind seventeen feet walls – is as easily available as the Tribune report showed us, the information connecting all our silos is now available for a small sum of money. Mr. Sharma just showed us why this is so dangerous.
The third threat of Aadhaar is that if the biometric database is compromised, we are all permanently screwed. We cannot withdraw our biometrics from the system. Even if there is a single hack of the biometric database, it means the Aadhaar project is over; it would mean a catastrophic failure of the system. In engineering, you do not build systems in which a single failure means the end of the system. And you do not build a system which has no chance of a recovery from one such failure.
Before paying heed to Mr. Sharma’s and Mr. Nilekani’s eloquence about the beauty of the engineering of the Aadhaar system, let us reflect on the other monolith, the National Security Agency of the US. They surely had as good security experts as UADAI has. One Snowden in such a system could walk away with their entire database, and can compromise all its data.
All systems need human beings, and human beings will find ways around the security that they themselves have built. The chance of failure must take human failure into account. It is people who code security into the system and know in how many ways it can be hacked.
It is not an accident that many countries considered an Aadhaar-like national registry and gave it up. Why Aadhaar persists in India is the combination of naive technological hubris combining with the dream of a security state. A perfect fusion of Big Data meeting Big Brother. That is what we are fighting in India today.
First published on Newsclick.in