Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
mas.to / Profile picture
@kingslyj
May 1, 2022 17 tweets 18 min read Read on X
Scrolly
3 of 60 days before the new @IndianCERT poiicy comes into effect.

And nobody seems to have tried to use these NTP servers that are supposed to provide reliable and secure time service to the whole country...
@IndianCERT Not just the whole country, even MNCs with infra in other countries need to rely on these servers because...

"it is to be ensured that their time source shall not deviate from NPL and NIC"

From cert-in.org.in/PDF/CERT-In_Di… Image
@IndianCERT The National Informatics Centre @NICMeity NTP server is pretty much impossible to find.

Searching for "NTP" or "NTP Server" on all nic.in sites shows nothing except some old magazine articles that they've archived in their "library"(which BTW doesn't use HTTPS) ImageImageImageImage
Searching for "Network Time Server" on nic.in sites throws up some Directorate of Coordination Police Wireless and Indian Navy tenders/handbooks and even NCERT textbooks.

*NOTHING* about these all important NTP servers that the whole country is supposed to use. ImageImageImageImage
National Physical Laboratory @CSIR_NPL has relatively easy to find page for their NTP servers.

nplindia.in/clockcode/html…

And this gimmicky clock page which would have been cool in the 90s but doesn't account for 21st century browser privacy settings.

nplindia.in/clockcode/html… Image
So we now have one of the two recommended NTP servers the nation is supposed to use - time.nplindia.org

Let's try guessing the other NTP server...

There's a DNS entry for ntp.nic.in but it doesn't work! #DigtialIndia Image
These NTP servers are IPv4 only. There are no AAAA records.

So if your infra is on IPv6 you cannot sync with these time servers. Image
Guess @CSIR_NPL and @NICMeity aren't taking the @DoT_India IPv6 transition timeline seriously because they have been constantly kicked down the road for many many years now.

Let's see what happens on 30th June.

dot.gov.in/sites/default/… Image
Oh well forget IPv6...

2 out of 3 of @CSIR_NPL's NTP servers are down!

And if ntp.nic.in is the @NICMeity NTP server, that is down too.

Effectively 3 out of 4 NTP server IPs that the country is supposed to use are unusable. #DigitalIndia #FAIL Image
@CSIR_NPL @NICMeity If this stupid #AtmanirbharNPT rule was implemented at present...

The whole country's NTP traffic would be directed to just one IP address - 14.139.60.102

(And no it isn't anycasted.)

Image
@CSIR_NPL @NICMeity Also these are the 3 @CSIR_NPL NTP servers

14.139.60.107
14.139.60.106
14.139.60.102

All of them are on the same NKN /24 subnet.

A subset of which has been assigned to NPL. ImageImage
@CSIR_NPL @NICMeity Detailed @CSIR_NPL NTP server status...

14.139.60.106 - Unresponsive.

14.139.60.107 - Unreachable!(Machine powered off?)

15:36:07.646780 IP 14.139.60.97 > 192.168.1.4: ICMP host 14.139.60.107 unreachable, length 84

14.139.60.102 - Up & Running.
#DigitalIndia Image
@CSIR_NPL @NICMeity The routing to all 4 IP addresses seems to be a mess too.

Traffic from an Airtel IP to NKN/NPL goes via Jio.

Does NKN not peer with NIXI?

How much is Jio being paid for this transit?

Traceroute to 14.139.60.102 Image
@CSIR_NPL @NICMeity Traffic from Airtel IP to @NICMeity's ntp.nic.in also transits Jio.

Last hop - 49.44.220.188

inetnum: 49.32.0.0 - 49.47.255.255
netname: RELIANCEJIO-IN
descr: Reliance Jio Infocomm Limited
country: IN
org: ORG-RJIL1-AP Image
Thanks to a Twitter troll, I had to stop being lazy and look up National Knowledge Network/ NKN's peers and upstreams.

Jio has indeed landed a monopoly of sorts as the only ISP peer/upstream for the
NKN INTERNET GATEWAY NETWORK.

bgp.tools/as/9885#connec… ImageImage
The official FAQ has finally made @NICMeity's NTP servers public. (h/t @ncrguys)

samay1.nic.in 164.100.255.122

samay2.nic.in 164.100.255.123

Why couldn't they just have samay.nic.in pointing to the 2 IPs is beyond me.

Also #stopHindiImposition? Image
Also @NICMeity's NTP server name that I had discovered and wasn't functional/responding when the rules were released. ntp.nic.in has been updated and points to samay1.nic.in IP.

So it wasn't some secure/secret/private NTP server.
Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with mas.to /

mas.to / Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @kingslyj

mas.to / Profile picture
May 11
What a joke!

All this big talk about moving away from @Microsoft @Azure within a week for this most bullshit-iest of reasons when Ola's workload is primarily on @awscloud .

This thread will show document all the critical resources of @Olacabs that are hosted with @awscloud...
⁃Since LinkedIn is owned by Microsoft and Ola is a big customer of Azure, we’ve decided to move our entire workload out of Azure to our own @Krutrim cloud within the next week. It is a challenge as all developers know, but my team is so charged up about doing this.
@Microsoft @Azure @awscloud @Olacabs This is @Olacabs website www-dot-olacabs-dot-com

DNS with @awscloud Route 53.

CDN with @awscloud Cloudfront ;; QUESTION SECTION: ;www.olacabs.com. IN A ;; ANSWER SECTION: www.olacabs.com. 21 IN CNAME d2km9f2275q5od.cloudfront.net. d2km9f2275q5od.cloudfront.net. 20 IN A 18.155.49.85 d2km9f2275q5od.cloudfront.net. 20 IN A 18.155.49.12 d2km9f2275q5od.cloudfront.net. 20 IN A 18.155.49.50 d2km9f2275q5od.cloudfront.net. 20 IN A 18.155.49.80 ;; AUTHORITY SECTION: d2km9f2275q5od.cloudfront.net. 71273 IN NS ns-1519.awsdns-61.org. d2km9f2275q5od.cloudfront.net. 71273 IN NS ns-1719.awsdns-22.co.uk. d2km9f2275q5od.cloudfront.net. 71273 IN NS ns-325.awsdns-40.com. d2km9f2275q5od.cloudfront.net. 71273 IN NS...
@Microsoft @Azure @awscloud @Olacabs www-dot-olacabs-dot-com redirects to olacabs-dot-com.

Also hosted with @awscloud.

The entire 108.156.0.0/14 IP range is owned by AWS,
;; QUESTION SECTION: ;olacabs.com. IN A ;; ANSWER SECTION: olacabs.com. 1 IN A 108.158.251.101 olacabs.com. 1 IN A 108.158.251.72 olacabs.com. 1 IN A 108.158.251.61 olacabs.com. 1 IN A 108.158.251.88
NetRange: 108.156.0.0 - 108.159.255.255 CIDR: 108.156.0.0/14 NetName: AMAZO-4 NetHandle: NET-108-156-0-0-1 Parent: NET108 (NET-108-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Amazon.com, Inc. (AMAZO-4) RegDate: 2020-12-11 Updated: 2020-12-11 Ref: https://rdap.arin.net/registry/ip/108.156.0.0 OrgName: Amazon.com, Inc. OrgId: AMAZO-4 Address: Amazon Web Services, Inc. Address: P.O. Box 81226 City: Seattle StateProv: WA PostalCode: 98108-1226 Country:...
Read 15 tweets
mas.to / Profile picture
Apr 12
Ok people! Listen up!

It's been 10 days since I started screaming into the void here and no main stream media outlet has bothered to report anything except parroting @DigiYatraOffice PR talking points.

It's time to kick this whole effort up a notch.

The plan is to build a consumer education website.

A one stop shop for everything DigiYatra.

(Un)Covering all aspects from technical/legal/privacy/investors/contractors etc.

Every little bit of information that can be sourced will be consolidated in one central respository.
This is too much effort for one person to handle.

So it will be a crowd sourced volunteer run project.

If this website is something you believe in would like to help make happen..

Drop a reply with your skills and what you can help with and I'll tag you in the next stages,
Read 4 tweets
mas.to / Profile picture
Apr 2
Yet another #DigitalIndia #FAIL

The idiots at @DigiYatraOffice didn't realise their package name didn't match their org/domain.

in.dataevolve.digiyatra /


ie. "Official" DigiYatra app was no different from malicious apps pretending to be them. play.google.com/store/apps/det…

Image
@DigiYatraOffice Google doesn't allow you to change your package name.

So they have no choice but to force everyone to install their "new" app to lend their app some semblance of credibility.

/

More like #WeFuckedUp

org.digiyatra.org
play.google.com/store/apps/det…

Image
@DigiYatraOffice And this gets even better...

What is this "Dataevolve" company that built and likely was controlling the "official" @DigiYatraOffice app all these years?

It's an OPC Pvt Ltd aka "One Person Company" not very different from a Sole Proprietorship concern. Image
Read 69 tweets
mas.to / Profile picture
Jan 17
LATE BREAKING: @UIDAI Director (Authentication and Veririfcation Division) has written to various agencies last month(Dec '23) stating that Aadhaar is not valid proof for Date of Birth. Image
@UIDAI Maharashtra govt dragged UIDAI to court because an accused in a murder case had 2 different Aadhaar cards and claimed to be a juvenile based on the date of birth in one of them.

And UIDAI suddenly gained enlightenment that their @13footwall secured database is "in toto" garbage. It is further stated that in toto the capturing of date of birth is entirely based on information submitted by the resident and hence, burden of proving the date of birth of any person lies with the concerned resident.
@UIDAI @13footwall Literally *EVERYTHING* recorded by @UIDAI is "as claimed by the resident, on the basis of documents submitted by them"

So how can Aadhaar verify someone's IDENTITY and ADDRESS "on the basis of documents submitted by them" but not verify the DATE OF BIRTH from very same docs? Image
Read 5 tweets
mas.to / Profile picture
Sep 21, 2023
Another #SwiggyScam 🧵

Recently noticed that all Swiggy txns were for whole figure amounts, while other card txns still had paisa amounts.

Dug a bit and discovered @Swiggy used charge the exact amount to the paisa once upon a time but have since started salami slicing. Image
@Swiggy And it's not Swiggy just stealing a few extra paisa per order.

Eg.
626.57+35.24+2.00+28.00-52.99+33.09 = 671.91

Instead of adding 9 paisa to round up to the whole rupee, @Swiggy charges Rs.3.09 extra instead.

Absolutely no justification for this. Image
@Swiggy At Swiggy's scale, even 10 paisa per order would add up crores of rupees per year.

And this amount is being tacked on **AFTER** tax.

So how are they accounting for crores of extra income they are literally stealing without providing any service to or even informing customers?
Read 12 tweets
mas.to / Profile picture
Feb 26, 2023
So much WTF from this out of touch dinosaur in just one article...

financialexpress.com/industry/learn…
"India needs culture of honesty, just like China" --NRN

In the coin flip test, the four least honest countries were China, Japan, South Korea and India.

scmp.com/lifestyle/arti…
Translation:

We have too much democracy., and need more authoritarianism and regulatory capture by the likes his infosys co-founder @NandanNilekani who controls all aspects of #DigitalIndia by proxy. despite being the same size as India in the late 1940s, Chin
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(