Sumeet Singh » india

Mumbai Terrorist Attacks: Analysis

sumeet — Mon, 01 Dec 2008 17:50:09 +0000

Bruce quite rightly, and crisply sums up the analysis of Mumbai Terrorist Attacks. Read Here

Terror in Mumbai

sumeet — Thu, 27 Nov 2008 08:13:08 +0000

Mumbai Mayhem

While watching the series of attacks in Mumbai last night, I could do nothing but hope that things would be not as bad. By morning, the news showed 80 Dead and several hundreds injured. By afternoon, it was a hostage drama.

While people make facebook groups, write blog posts and discuss the failure of Indian security system, the bottomline remains – there is nothing one can do but to hope. Hope that one day, India will invest time in checking its security system instead of sending missions to moon, India will make it safe for her population than handling pirates at the high seas, India will remember the 13 bomb attacks this year than just those buttered speeches by LK Advani and Sonia Gandhi, and India will one day value her people’s life than just counting them as dead bodies.

To those affected directly and indirectly, I feel sorry and helpless. I feel guilty for spending about half of my expected life span in the country and yet not being able to contribute to making it a better place. On this day, while Mumbai Police – so called one of the top 10 tries to combat terror, I read this:

Where the mind is without fear and the head is held high;
Where knowledge is free;
Where the world has not been broken up into fragments by narrow domestic walls;
Where words come out from the depth of truth;
Where tireless striving stretches its arms towards perfection;
Where the clear stream of reason has not lost its way into the dreary desert sand of dead habit;
Where the mind is led forward by thee into ever-widening thought and action-
Into that heaven of freedom, my Father, let my country awake.

Slap Drama

sumeet — Tue, 29 Apr 2008 04:11:33 +0000

For the better half of the last weekend, i was forced to listen to how Harbhajan slapped Sreesanth and how Sreesanth cried on the field. In fact for anyone who did a mistake of flipping through a news channel felt that the slap was in front of them, and not on field. And now since yesterday, news channels have started discussing the ban imposed on Harbhajan and how it coincided with sacking of the infamous Mr Gill. Considering the ban on Harbhajan is going to last for next few days on TV, looks like I will be back to studying walrus mating habits on Animal Planet.

Blackberry In India: Beware!

sumeet — Mon, 17 Mar 2008 20:33:49 +0000

Indian government either needs a session on risk perception. It has this tremendous capacity to recognise a threat from a cow to a smartphone.

The way things are turning out in India, we will soon see DoT ordering NIC to maintain a national mail server where all our emails will be mirrored and scanned for keywords that reflect terrorism. Atleast people can look up to NIC to snoop around in other’s email and ask for backup just incase an email is deleted from their servers!

Learnings from India: How not to secure personal data

sumeet — Mon, 04 Feb 2008 20:36:31 +0000

The last few years have seen alarming rise in demand for security products and services within India especially related to data security. Be it firewalls, VPN boxes and encryption solutions, or ISO 27001 and SOX consulting, the demand has only increased. There is not one reason amounting to this growth. Contractual clauses for BPO segment have become harsher. Fear of data breach within companies has increased. Salesmen (or Pre-Sales consultant as they are known these days) have mastered the art of selling expensive yet ineffective solutions. And so on. But do the solutions protect private data of consumers better than before? Probably not to the extent it should be protected. And yet, there are not as many cases of privacy violation in cyberlaw courts in India as one thinks there would be. The problem with Indian way of securing information and assuring privacy is many folds.

First, the casual attitude infecting our system day after day seems to have spread to our use of technology. Walk into a transport department office and you will find servers containing sensitive personal information about license holders lying next to dustbins, under the table as a foot rest and if better, under a heap of files. It is not difficult to steal such information. It is just that this information has been made public through so many channels that its not even worth stealing it anymore. The hospitals do not feel responsible for protecting personal and sensitive information about its patients. Information that is supposed to be confidential, is conveniently passed on to the media for few minutes of fame.

Second, we, as Indians, take great pleasure in enjoying personal lives of fellow country men/women. Be it Mr Pandher or Mr Telgi, we all have enjoyed their sub-conscious talks. For no other reason, the media, rebuking all social norms of privacy of individuals, takes great pride in showing the tapes which are ideally supposed to be classified. Now this has nothing to do with data security in general, but does hint at the possible privacy violations in India going untouched. Infact, What Mr Pandher did in Noida did not demand his psycho-analysis test to be aired on national television. Similarly, Mr Telgi’s status of HIV+ had nothing to do with his stamp paper scam.

Third, the biggest challenge in India yet remains “people”. Each of the data breaches, barring one, that have occurred in the past 5 years in India has an element of social engineering. With an open, multi-cultural society, people have started trusting others with information a bit more than the acceptable level. So much so, that it is a routine for most of us to share our personally identifiable information with unauthorized individuals. Stand outside a call centre with a bunch of fancy credit card forms, and 25 year olds will throng the place carrying their salary slip, driving license and just about every other personal information. Most of them would not know the name of the agent who is collecting the forms. All of them actually wouldn’t care.

Not too behind in the “private information made public” race are the DSA agents for telecom companies that companies appoint to collect information and feed into their system for various legitimate purposes such as new connections, up-selling/cross-selling, retention and collections.
As a bonus, we are also blessed with sharing of out personal information with 250 odd domestic call centres in and around Delhi at no extra cost. I haven’t really come across a descent chap who hasn’t got a grudge against telemarketers. Initiatives such as Do Not Call registry are bound to fail in absence of strict penalties. The regulatory bodies have clearly not come down on telemarketers for implementing Do Not Call. If that was not enough, the database propagation of a number into Do Not Call registry takes about 30-45 days – another example of redundant technology.

As our country grows and generates electronic information, the demands for security and privacy increase. Regulatory bodies and law enforcement bodies need to be brought up to the mark for information security acts. A comprehensive data protection law is required at the least to safeguard privacy of individuals. And last, each one of us needs to understand repercussions before sharing sensitive information online, and get ready for information age.