Skip to main content


Showing posts from June, 2012

Transparency Portals - An invitation to Identity theft

Pleased as punch So, you read with glee the number of cylinders your minister was using. He should not be using so many subsidised cylinders? Fine Guess what? Your name, address and number of cylinders and when you ordered them is there too. Privacy Disaster This portal is a disaster from a privacy perspective. The idea was very poorly thought through. Imagine an e-commerce company just dumping customer data on the web, amillion people would be baying for blood. One of the Gas companies has embedded dealer ids in the URL query string itself. which allows for ralatively easy automated scraping. I could do a data scrape on ALLcustomers all over INDIA and filter for customers who use a certain number of cylinders. A perfect database to to do direct marketing. Not scared yet? Identity Theft It is an even more perfect database to commit identity theft. All your basic identity/citizenship documents are predicated on your gas connection. Authentication to your bank. Gas bill