No clarity on why Google included UIDAI number in Android setup wizard in 2015 | Top Stories
Google’s admission that it had in 2014 inadvertently coded the 112 distress number and the UIDAI helpline number into its Setup Wizard for Android devices triggered another controversy on 4 August, as India’s telecom regulator had only recommended the use of 112 as an emergency number in April 2015.
After a large section of smartphone users in India saw a toll-free helpline number of UIDAI saved in their phonebooks by default, Google issued a statement, saying its “internal review revealed that in 2014, the then UIDAI helpline number and the 112 distress helpline number were inadvertently coded into the Setup Wizard of the Android release given to OEMs for use in India and has remained there since”.
However, the Telecom Regulatory Authority of India (TRAI) recommended only in April 2015 that the number 112 be adopted as the single emergency number for the country.
According to Google, “since the numbers get listed on a user’s contact list, these get transferred accordingly to the contacts on any new device”.
Google has yet to comment on the new development.
Meanwhile, French security expert Elliot Alderson, who has been at the core of the entire Aadhaar controversy, tweeted on Saturday: “I just found something interesting. I will probably do a full disclosure tomorrow”.
“I’m digging into the code of the @Google SetupWizard app and I found that”.
“As far as I can see this object is not used in the current code, so there is no implications. This is just a poor coding practice in term of security,” he further tweeted.
I’m digging into the code of the @Google SetupWizard app and I found that. In the gsf package, this unused LoginData object contains the attributes mEncryptedPassword and mPassword ♂️ pic.twitter.com/5SMAkvWOVz
— Elliot Alderson aka “Vested Interest” (@fs0c131y) August 4, 2018
On 3 August, both the Unique Identification Authority of India (UIDAI) as well as the telecom operators washed their hand of the issue.
While the telecom industry denied any role in the strange incident, the UIDAI said that some vested interests were trying to create “unwarranted confusion” in the public and clarified that it had not asked any manufacturer or telecom service provider to provide any such facility.
Twitter was abuzz with the new development after a huge uproar due to Telecom Regulatory Authority of India (TRAI) Chairman RS Sharma’s open Aadhaar challenge to critics and hackers.
Ethical hackers exposed at least 14 personal details of the TRAI Chairman, including mobile numbers, home address, date of birth, PAN number and voter ID among others.