India’s federal election commission has fixed flaws on its website that exposed data related to citizens’ requests for information related to their voting eligibility status, local political candidates and parties, and technical details about electronic voting machines.
The bugs allowed access to the RTI requests, download transaction receipts, and responses shared by the officials without properly authenticating user logins.
Some of the exposed data included the RTI filing date, the questions asked, the applicant’s name and mailing address, the applicant’s poverty line status, and RTI responses.
The bugs were fixed earlier this week following CERT-In’s intervention.
The Election Commission of India did not respond to a request for comment.
An Indian state government has fixed security issues impacting its website that exposed the sensitive documents and personal information of millions of residents.
The bugs existed on the Rajasthan government website related to Jan Aadhaar, a state program to provide a single identifier to families and individuals in the state to access welfare schemes.
One of the bugs allowed anyone to access personal documents and information with knowledge of a registrant’s phone number.
The state’s Jan Aadhaar portal, which launched in 2019, says it has more than 78 million individual registrants and 20 million families.
The portal aims to offer “One Number, One Card, One Identity” to residents in the northern state of Rajasthan for accessing state government welfare schemes.
On the agenda for this edition is Disney’s innovative VR treadmill, OpenAI fixing its “lazy” AI and MIT’s high-capacity, fast-charging organic battery tech.
We also cover Apple’s new stolen device protection feature, AI startup Rabbit’s nifty hardware and app makers debating launching apps tailor-made for Apple’s Vision Pro headset.
Apple’s new device protection: Romain writes about Apple’s new stolen device protection feature, which, when turned on, requires Face ID or Touch ID biometric authentication for some actions, like accessing stored passwords and credit cards.
Vision Pro apps a maybe: After Netflix said it wouldn’t release a dedicated app for the Apple Vision Pro, other app makers, including YouTube, are following in its footsteps.
Bonus roundLamborghini licenses MIT battery tech: Writing for TechCrunch+, Tim reports that Lamborghini has licensed new battery tech from MIT that could overcome the limitations of the lithium-ion batteries in wide use today.
OpenAI is always making slight adjustments to its models and pricing, and today brings just such an occasion.
It’s also a popular API, being lower cost and faster than GPT-4 on a lot of tasks.
Hence the steady ratcheting down of prices — though it’s also a natural result of streamlining the models and improving their infrastructure.
GPT-3.5 Turbo also gets a new model version, 0125 (i.e.
And the company also released a new version of its free moderation API — which identifies potentially harmful text.
We’ve covered Lego Fortnite since it launched last month, when the new title lured in 2.4 million simultaneous players.
A little over a month after its launch, Lego Fortnite’s content was beginning to run dry for players who dove in headlong in December (present company included).
More on our latest update here: https://t.co/p28TYzZD49 pic.twitter.com/fzquiEGRVj — LEGO Fortnite (@LEGOFortnite) January 23, 2024Building-oriented players also get some tweaks to make things go more smoothly.
Some of those experienced are made by Epic itself, like Lego Fortnite, but most are “user-made” with Epic’s beefy game development toolkit.
So far, Lego Fortnite is Fortnite’s most compelling alternative offering — and a game that’s likely to build more momentum as the updates keep rolling in.
In a phone conversation on Thursday, Hyundai Motor India spokesperson Siddhartha P. Saikia said the company would provide a statement.
The bug exposed the customer’s personal information through the web links Hyundai Motor India shared with customers over WhatsApp after receiving their vehicles for servicing at an authorized service station.
TechCrunch shared the details of the bug with Hyundai Motor India on the same day, and requested Hyundai Motor India fix the bug within seven days due to its simplicity and severity.
Established in 1996, Hyundai Motor India is among the top three carmakers in the country, alongside Maruti Suzuki and Tata Motors.
Hyundai Motor India has a network of over 1,500 service stations in the country.
Ubiquity, the networking and video surveillance camera maker, has fixed a bug that users say mistakenly allowed them access to the accounts and private live video streams of other customers.
Reports first emerged on Reddit that some customers received push notifications on their phones featuring Ubiquiti account-related information and private video streams belonging to other customers.
Another person said they logged into their Ubiquiti account but were presented with the account data of another customer.
“I logged in and I seem to be someone else,” said one person on the Ubiquiti subreddit.
Ubiquiti is a cloud and technology company that makes routers, network switches, security and video surveillance gear, which can be remotely controlled and operated through its centralized cloud offering.
Apple has released its first batch of rapid security patches to fix vulnerabilities that are under active exploitation or pose significant risks to its customers. With these patches, users can…
It’s not uncommon for platforms like Patreon to offer creators a means of receiving funds from their supporters. However, this recently fixed security bug shows that even privacy-focused platforms can…
