Buying an MUV can be a tempting proposition, but are you aware of the pitfalls?
A friend of...
These machines need to be tested for any possible security flaws — that is a standard operating procedure which is carried out by the world’s biggest technical conglomerates to make their systems foolproof
An interesting incident regarding Electronic Voting Machines (EVMs) has hit the headlines in recent days. Hari Prasad, managing director of Hyderabad-based Net India Private Limited, was arrested for 'stealing' an EVM.
He 'stole' the machine to demonstrate that the EVM can be tampered with. In fact, he - along with a University of Michigan professor and a Dutch security researcher - has even published a research paper on the vulnerability of the EVM.
In today's world of security, hacking into a system in a lab environment to show its vulnerabilities is an accepted practice. It is called by various names such as ethical hacking, or penetration testing. The only difference in this case is because of the way in which Mr Prasad acquired the machine to test the hacking techniques. Mr Prasad's claim is that he had approached the Election Commission (EC) with a request to allow him access to the machine, but they refused to do so; at the same time
the EC claimed that the EVMs are foolproof and secure. Finding no other way to address an issue which is at the heart of India's democracy, namely free and fair elections, Mr Prasad acquired the machine by other means.
Mr Prasad in my opinion has done a great service to the nation. By showing that the EVMs can be tampered with, he has opened up a dialogue on the vulnerability of the EVMs. The EC on the other hand is blatantly misleading the Indian people saying that these machines are secure. Further, they refused to allow access to these machines to security professionals. If indeed the machines are secure as they claim, why not allow access to security professionals?
In fact, the EC should have hired ethical hackers themselves to find vulnerabilities in their machines.That is the practice followed worldwide by companies whose products can be potentially hacked. The behaviour of the EC reeks of ignorance of current security practices.
That the implications of their behaviour hit at the crux of India's 'free and fair' elections makes that an act against the nation's wellbeing itself.
Our EC has over the years gained a good reputation for conducting the world's largest free and fair elections. But this act nullifies at least some of it. It is high time the EC opens up the machines to public and professional security. There is nothing wrong with having security vulnerabilities provided one has an open mind and they are fixed. Right from Google to Microsoft's products, no popular product in the world has escaped security holes. It is by fixing the security holes that the product keeps becoming more and more secure.
Meanwhile, today's reports indicate that some of the top officials in India have claimed that there is a political conspiracy to discredit India's election process via this hacking attempt. Politicising everything is the nature of India's politicians. It is irrelevant to the discussion whether there is a political angle behind Mr Prasad's act or not. That certainly does not absolve the EC of its lack of attention to security vulnerabilities in the machine. It is also interesting that the EC is not concentrating much on the technical aspects of the vulnerabilities disclosed by Mr Prasad. At least, getting into a deeper technical dialogue on that front and openly showing that the vulnerabilities disclosed by Mr Prasad are not critical would give more credibility to their response.
It is high time this country wakes up to this and fixes the vulnerabilities in EVMs lest politicians take advantage of the vulnerabilities and doctor the elections, assuming they have already not done so in the last elections.
(The author has a B Tech from IIT Bombay, and a PhD from Columbia University, New York. He currently runs a start-up, Teknotrends Software Pvt Ltd that does cutting-edge work in the area of network security).
Mumbai: India's largest life insurer, Life Insurance Corporation of India (LIC), has crossed the mark of one crore individual policies for the current financial year, with first premium income of Rs15,917 crore in the fortnight ended 14 August, 2010, reports PTI.
In the previous year, LIC had crossed this landmark on 31 August, 2009.
Among the largest contributors to this stupendous performance are LIC's western zone with more than 15.86 lakh policies, south central zone with 15.46 lakh policies, northern zone with 15.04 lakh policies, north central zone with 13.54 lakh policies, south zone with 12.78 lakh policies and eastern zone with 12.29 lakh policies, a press release issued here said.
East central zone with 9.52 lakh policies and central zone with 5.98 lakh policies also made valuable contributions, the release said.
During the previous financial year, LIC had completed a record 3.88 crore individual policies, with a market share of 73.02%.
LIC's performance in the current financial year has been record-breaking so far and as on 31st July, it has increased its market share in first year premium to 71.33% as against 64.86% as on 31st March.
Besides having the largest customer base of about 27 crore policy holders, it has an enviable conservation ratio of more than 90% which is a testimony of customers' trust in the organisation and its high-quality customer service, the release said.
Currently, it provides fully computerised and networked service through its 2,048 branch offices and 1,035 satellite offices spread throughout the country.