Share this page!

V. Anand | வெ. ஆனந்த் Profile picture
Twitter logo
31 Mar, 4 tweets, 1 min read
A full accounting of this disaster will come out soon.
Not looking good. There is more, much more than what has been reported so far.
5 years ago: Sure, you do SQL backups, but have you ever tried restoring them?

Now: We do SQL backups, but misconfigure the AWS backup bucket so badly, that we did not even configure cloud watch logs, and this allows hackers to spawn VMs to check restore and siphon off data.
Looks like I will be writing the best external root cause story after all.

Totally Phree... Yay....

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with V. Anand | வெ. ஆனந்த்

V. Anand | வெ. ஆனந்த் Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @iam_anandv

V. Anand | வெ. ஆனந்த் Profile picture
31 Mar
Tracking media reports on the "Let us break end-to-end encryption by adding hashes" is a time sink. But someone has to do it, so that others need not.

Our first winner in "Not knowing what the subject is" is Money control, which contains these gems:

/1
If two people talking to each other is "National Security risk", it gets better.

No discussion on technology. No discussion on Diffie-Hellman. No discussion on OTR deniability. Just some abstract idea on middle ground.

Basically Baba Ramdev Charlatan territory

/2
We are also back to Clipper chips and key escrows here.

Again notice the lack of one single technical term here. If only we could find a wish fulfilling tree that can work like magic...

/3
Read 7 tweets
V. Anand | வெ. ஆனந்த் Profile picture
9 May 20
If 100 rupees of grain is sent via the PDS distribution channel and only 60 rupees goes to the beneficiary, economists talk about 40% leakage and corruption.

Now if AEPS fails 40% of the time, what is the corruption and leakage? This is world beating technology?
For all practical purposes, transfer costs of moving money from one bank account to another is Zero. NEFT and RTGS are dated systems, but they work reliably.

But AEPS is not NEFT, RTGS. It adds 3 more layers.
The Aadhaar Mapper and 2 Seeding Layers.
Seeding Layer 1 is adding your UID to the benefit scheme.
Seeding Layer 2 is adding your UID to your bank account.

And then Transfer is not to the destination bank account directly but by an intermediate switch called the Aadhaar Mapper.

We have not yet come to distribution.
Read 8 tweets
V. Anand | வெ. ஆனந்த் Profile picture
3 Apr 20
The amazing thing about people criticizing the PM for suggesting lamps and plates is that they simply don't understand him. He has taken the corono crisis to not only increase his follower count, but has also turned them into a cult.
Cults are immune to facts and figures and in fact revel in the irrational and thrive in opposition to the cult. They are fundamentally anti-intellectual and by pass it fully to appeal to the emotions and thereby create long lasting loyalty.
The plate banging and diya lighting are demands to sacrifice rationality. Once done, the follower fully merges with the cult. They may retain their wisdom on other things but their loyalty to the PM is sealed.

(Read Second Foundation, The Mule by Asimov to understand this).
Read 4 tweets
V. Anand | வெ. ஆனந்த் Profile picture
14 Mar 20
I wrote an analysis on how NRC will actually happen and the various stages in it in @LiveLawIndia.

Hint: Hyderabad (the 127 notices) is the template and not Assam.

And yes, #Aadhaar would be at the heart of it, with biometric blacklists of "D" Category.

/1
Biometric blacklists are already a feature and @UIDAI has built it.

"We can not only cancel Aadhaar but also ensure through the offenders' biometric data that they never apply for it again, preventing their re-entry into the system,"

ndtv.com/india-news/aad…
Once marked as "D", the next step would be cancel the number and also the services that is linked with it, using the provisions of the Aadhaar act.

That means "all authentication" stops and all service that needs authentication (PDS) will stop!
Read 6 tweets
V. Anand | வெ. ஆனந்த் Profile picture
6 Mar 20
For those of you wondering, why the #Yesbank moratorium has messed up fintech's and their clients - a short thread:

1. Yes bank had one of the best banking APIs allowing API based banking. The moratorium hence is "Losing the API".
2. Until today, I did not know that I had a Yes bank account b/c I used @Razorpay to generate a virtual account and linked it w/ POS vendors like PayTm, ezeTap etc.

3. Now all settlements from POS vendors are locked, till I move it to other bank accounts.
4. So in essence the cost to fintech's multiplies because their API should now work w/ not-so-great-API, semi-automated processes of other banks.

5. It also points to the folly of using direct banking APIs. If you had linked your ERP to Yes bank APIs, you are toast.
Read 5 tweets
V. Anand | வெ. ஆனந்த் Profile picture
14 Feb 20
What happened to the NRC Data? A slightly technical analysis on the Missing NRC data in @asiatimesonline that I wrote is up.

asiatimes.com/2020/02/articl…

If you want more technical details, then read further on this thread.
@asiatimesonline 1. There are 3 domains that we could trace
nrcdrafts.com
thefinalnrc.in
thefinalnrc.com

All of these entries' DNS was changed to 127.0.0.1
(See Screenshots below on timeline)
@asiatimesonline 2. Unlike other media orgs which reported that the data is on nrcassam.nic.in, which is *wrong*, the data actually comes from these 3 domains.

All of them were changed to 127.0.0.1 1 month ago. So if the @HMOIndia knew where to look, this would not have been a surprise.
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @iam_anandv has new unrolls!

Check out other threads from @iam_anandv!

Read all threads by @iam_anandv