Thursday, 19 December 2013

Being 'more' equal

The Incident


The tag Indian Diplomat can only refer to one person these days. 
Devyani Khobragade

India's deputy consul general in New York, Devyani Khobragade has been arrested in the USA. Devyani is the daughter of a retired IAS officer and has served in prestigious foreign missions in Pakistan, Germany and Italy before coming to the US. She has been accused of submitting false documents to obtain a work visa for her maid, Sangeeta Richard.

According to prosecutors, Khobragade claimed she paid the woman $4,500 a month, but the maid says she received only around $600 per month. The maid had walked out of this job in June this year and eventually connected with a non profit organization which has an anti trafficking program.

There is a huge uproar over her arrest and mistreatment despite the diplomatic immunity that the Vienna Convention is said to offer. Vienna Convention gives full diplomatic immunity to ‘diplomats’. 


According to the US, Khobragade has ‘consular immunity’ and not ‘diplomatic immunity’. Diplomatic immunity means that diplomats can get away from prosecution on any crime, even murder, while they are on duty in another country. Consular immunity is said to give immunity only when the crime is related to the consular operations and other related work. This is the reason why the Indian govt is attempting to shift Khobragade to the UN office, which will offer her the full diplomatic immunity.


To add fuel to fire, Khobragade was subjected to indignities such as stripping, cavity searching, repeatedly handcuffed and DNA swabbing. This is the standard procedure for any criminal in the US. 

The US govt refuses either to apologise or to withdraw charges against her. The Indian govt has also taken some stern actions to retaliate against the harassment she was subjected to.

My view

If the US govt had merely arrested her, and treated her with respect unlike other criminals, things would have been better. The fact that she was treated like any other criminal, subjected to stripping, cavity searches etc is shocking. The US govt should have known better, especially with elections in India approaching. I also wonder how the US govt would have responded if the Indian govt had treated their consulate officers with the same procedure for such a petty crime. Over here, according to reports, the standard procedure for criminals is chin music by police officers, apart from the other usual harassments.

There is another side to this story too.

The Vienna Convention has got me thinking. I was reading the famous political allegory ‘Animal Farm’ while this incident was unwinding at a rapid pace elsewhere. May be that is why the clause, ‘diplomats have special immunity’ caught my attention.

Does becoming a diplomat make one ‘more equal’? Is that the right thing? Should there be a demarcation between ordinary citizens and diplomats?

The Indian govt would never have taken the same stance had the incident happened to an ordinary Indian citizen working abroad. Why? Why not?

As George Orwell put it, ‘some animals are indeed more equal than the others’.



PS: For those who haven’t read the Animal Farm, do read it. I endorse it. I will be publishing a book review later.

Sunday, 8 December 2013

Elections'14: My take

This is my personal view of things, the way I feel about our elections and my related worries...

I don't have any soft corner for any party. For me, election works through elimination- eliminating the ones whom you don't want to see in power. It is not that I want someone to be in power. I don't vote to choose who should be in power. Instead, I vote to choose who should not be in power.

This is the first time I am going to vote. And, I am in a dilemma. I simply don't want to vote for anyone. Democracy is a wonder. You have no one to blame but yourself for whatever happens in the country, because it was you who elected them to power. Of course, the politicians might have used many tricks to persuade you into voting for them, but at the end of the day, it was your choice.

May be, we can use the null vote to show our frustration against the lack of alternatives. I like to think what would happen if majority of the voters hit the 'null vote' option. Actually, I am not sure if the null vote is a good thing to happen. One might as well not come for voting if he is to cast a null vote. A negative vote against a candidate would have made more sense, in my view. May be, we can give everyone one 'for' vote and one 'against' vote. It might make elections interesting.

The 2014 Lok Sabha elections is going to be interesting and intriguing. If the results of the Assembly elections in the 4 states are to be taken as a clear pointer, the BJP is likely to form the ruling party.

Everyone is entitled to his own opinion. Here is my take and personal views on our major political parties.

The Congress Party

Flag of the Indian National Congress.svgIn my view, Congress is the Party which would have been ideal to run this country. They had the upper hand and the public support, being the front-runners in politics in the nation. They are the most secular party and in a secular country like ours, that has been the biggest plus in their favour. But, they have destroyed all the goodwill generated by their strong leaders of the past and are now on the verge of ruin. First, they lost the majority and had to form coalition government. Today, they don't even look like returning to power again.

I do like Dr. Manmohan Singh (for his vision and policies which can make India into an economic superpower; but he lacks support to implement his vision), Shri. AK Antony (for his honesty and integrity) and a very few other leaders in the Congress Party. But, goodness and greatness of these few are outweighed by the corrupted many in their regime. Factionism and Corruption have led to the downfall of their party.

To be honest, I want Congress Party to learn a lesson. Electing them to power again would sent the wrong signals. If they introspect, cleanse their party, throw some old guns out of their party, pump some young blood in to revitalize it, and may be, I will think of voting for them the next time.

The Communist Party

CPIM does not have a major presence in most of the Indian states apart from West Bengal and Kerala. In my state of Kerala, the Communist Party is probably more strong than any other Party. They mobilize the masses and they have efficient party workers who will die for their cause. It is a closely knit Party, without any factions and the members of the Party regard themselves as a single family. They appeal to the common man belonging to the lower middle class, and because most of the state's population are in that category, it is no wonder that they are so successful in the state. They have a great number of leaders, many whom I deeply respect. 

I love the variety in the Communist Party. They have a great mix to catch the attention of the voters. There is the 90 year old Shri. V.S Achuthanandan, still very much active and strongly opposing the policies of his own party. There are many who love his attitude and his courage in speaking out openly against his own party. So those people vote for him. This way the party garners the vote of those people who opposes its policies. (I am not sure if this is a strategy deliberately employed by the Party. If it is, then it is a brilliant one. Kerala Congress too has a similar leader in PC George, who stands against whatever his Party stands for, thereby giving itself a chance to secure the votes of the Party critics)

But, I have a few issues with the Communist Party as well. First and foremost, I am against their basic philosophy. I have problems voting for someone who doesn't believe in God. That is not all. The Communist Party is notorious for the violence it employs to silence its opponents. The Communist ideals are not pro-development. Development will suffer, if they come to power. In Kerala, we have had a good mix so far with the Congress and Communist Party coming to power alternatively. This has ensured steady development while safeguarding the interests of the weaker sections of the society.

The AAP

Aam Aadmi Party logo.svgThe X-Factor in our next year's elections, the Aam Aadmi Party led by Arvind Kejriwal, gives the impression that it can achieve bigger things in a very short time. Personally, I feel that it is the best time for a party like AAP to cash-in and ride on the anti-Congress sentiments. They offer a better alternative than the BJP, but, they don't have many major players in their line-up. They also suffer from lack of any significant presence in regions apart from the country's capital. If they can sort it out at the earliest, then I believe that they have a good chance of upstaging both the Congress and the BJP.


It is too early to predict how good they will be. If they brand their politics well, they can form the govt very soon. They may market their brand of politics as the most secular and corruption free to take on the BJP and the Congress. Further, if they take measures like making a minimum educational qualification mandatory for their candidates, it will make things really interesting. Again, it is often power that corrupts people. Abraham Lincoln said once, 'Nearly all men can stand adversity. To test a man's character, give him power.'

The BJP

BJP party symbol
The election symbol of BJP
The biggest player in next year's elections and the only Party likely to form a government on its own, the Bharatiya Janata Party has quite a history. They started as a party to promote and uphold the Hindu identity of the nation. But, they have had to shelve this ideology in order to form coalition governments in the different states. They formed the government in the centre in 1998 and this time too, they are most likely ones to be in power.

They have won the first round of General Elections this year convincingly without any hiccups. They have an able leader in Mr. Narendra Modi, a man whose flamboyance and charisma can inspire anyone. His speeches are enlightening, moving and rhetorical at the same time, much unlike the traditional political speeches we hear in India. If he becomes the Prime Minister, it will indeed be a huge milestone in our democracy, proving that even a person who ran tea stalls can occupy the coveted post.

But, I have my reservations about the BJP. I am concerned about the secularism, or the lack of it, which might come into effect if the BJP comes into power. Will they take the once-shelved ideology and put it into practice? I don't know if my worries are baseless. There are so many things playing in my mind that I am not sure what to think about the party. It might probably be because of the kind of news I have read in the media labelling them as anti-secular. 

Narendra Modi
One thing is certain, if he comes to power, Mr. Narendra Modi will have a lot to prove. There are many who doubt his role in the Gujarat riots and many more who are worried about his pro-Hindutva approach. He can go down as one of the most successful Prime Ministers of the country if he plays it right. We are not known for our charismatic leaders. But, this time, it could be different for the better.
I am worried. The alternative is too frightening. 

If the reports on Narendra Modi are true, if the secular balance we have in our country is affected, then..... I don't want to think about it!


PS:
I would love to hear your view on this topic. :)
Image Courtesy: Google

Saturday, 7 December 2013

The Security of our Security Questions and Passwords

The trend of using Security Questions began in the early 20th century when banks started using them as a supplement to customer signature records. Spaces were provided in the account opening forms to give details like ‘mother’s maiden name’, ‘residence’ etc. They were intended to make sure that people who are not really close to the customer won’t know the answer to the question. Hence, a moderate level of security could be guaranteed in the process. Later, the use of security questions has become widespread on the internet, especially in email accounts and other social media. They are given at the time of registration of examinations and job applications too. Where ever there is a need for password, there is a provision for security question too.

Today, however security questions have become a tool for hacking. This is mainly on account of the low levels of awareness on what makes a good security question. For security questions to protect our account there is a need to protect the security answers as well. While the western world is much more aware about cyber security, India has a lot more ground to cover, especially because of the skyrocketing number of internet users. This will be one major area of concern and there is an urgent need for strong measures in this regard to protect internet users against spam, cheating and fraud.

Now, to know cyber security in detail, you need to know how to hack an account (ethically). If you have tried to hack an account, you will know what all steps need to be employed to protect one. The best hackers are the best in cyber security because they know what it takes to crack one. They know the kind of passwords and security questions that makes the job difficult for a hacker. They are also aware of the pros and cons of the different accounts and the ease of cracking them. For example, many say that hacking a Gmail account is easier than hacking a Yahoo account.

I stumbled upon this field by accident a few years ago. It was a time when almost everything I read dealt with hacking in one way or the other. I also had a relative working in the field of cyber forensics. He would tell me how easy it is to hack an account unless one is very careful. I found it to be fascinating. I started thinking how difficult it would be for someone to hack my account if he tries to do so. Obviously, I knew and still know nothing about professional hacking. But, I wanted to know how an amateur who knows nothing about the technical side hacks an account.

Security Questions

That was when I started my experiments. I had a Google account and I hit the ‘forgot your password’ button. It led me to a new screen where I was asked to enter my security question. To access the security questions, the user should not have used his email account for a minimum number of days, usually a week. At that time, I didn’t have my account connected to my mobile number. So, the only way to reset password was through my security question. It was a simple one at that time. Even someone who didn’t know me could answer it without much of an effort. The moment you answer the security question, the ‘reset password’ option will appear. Thus, it is a really important aspect of cyber security.

I was curious as to what kinds of security questions my friends had. I found it amusing and learnt quite a lot regarding the security of security questions. Some of the security questions where very silly, some easy to answer and only very few where smart. 

Here are a few security questions I encountered:
·         ‘Birth place’, ‘Hometown’ and the like
·         ‘Phone number’
·         ‘Favourite teacher at school’, ‘Best Friend at school’ etc
·         ‘Favourite book’, ‘Favourite cartoon’, ‘Favourite movie’ etc.
·         ‘Mother’s maiden name’, ‘Father’s name’ etc
·         ‘Favourite character in the Harry Potter Series’ etc.

The answers to these questions are not that difficult to find out in this digital age even if the user is a complete stranger, because almost all information is available in social media platforms. It is just a matter of trial and error.

Like all things done with good intention, security questions too can backfire. One can have 5 attempts or so at a single go. This would have been useful for someone who forgot the answer to his security question. But, for someone who is trying to hack into an account this comes as a blessing. For Yahoo, there is a two level security question check. So, it is a bit more difficult one to hack in that respect. Since passwords need careful protection, I do feel that Gmail too should have had multiple level security question verification. Single security question check would ensure that the user does not find it too cumbersome. But, for a person attempting to hack into an account, this makes his job easy.
Tricking a person into revealing security questions

The lessons I learnt during these experiments had a significant impact on the way I set my security questions after that. Since then, I would give different security questions but provide the same answer to all of them. For example, my security question may be as simple as, ‘What is your name’, but the answer would be in no way related to the question. I have a standard answer for all security questions. My relative says that it is the better way of handling security questions because it puts the amateur hackers off. It also eliminates the need of noting down the answer of the security question somewhere.

Having a standard answer for all security questions is one way of doing things. Having strictly personal security questions is the best method as long as no one else (except perhaps, a trusted few) have access to it. Security questions must be easy to remember, especially if you provide different answers for different accounts.

Having a strong password is even more important. We are often asked to enter passwords with minimum one uppercase letter (eg: A, B, C, D etc), one lowercase letter (eg: a, b, c, d etc), one numerical (eg: 1, 2, 3, 4 etc) and one special character (eg: #$, @, % etc). Also, the password should not be similar to the username because that is one area where the automated programs focus on. It is ideal to have long passwords, different for each account and website, as far as possible.

This is because there are programs developed to crack passwords through automated attempts. That is why we are asked to prove that we are not a robot by typing the encrypted code at times when we fail to give the correct password even after many attempts. These programs try all the permutations and combinations of lowercase letters, then the uppercase letters etc. So, when we use passwords with lowercase letters, uppercase letters, numbers and special characters present in it, the number of combinations that the program has to try out makes it an almost impossible task.


RockYou password creation
This is not all. There are a million other occasions when things have gone wrong in the cyber world. A few years ago, a social application website named 'RockYou' suffered a security breach that exposed over 32 million user accounts. They were pretty relaxed with security. Users had to enter only 5 letters for their passwords and didn't have to mix any uppercase/lowercase/numbers or special characters. They also had a database storing all the user passwords in plain text, which the hackers exploited to the hilt. It is often referred to as the 'RockYou Hack' and many other websites have faced similar situations often due to lack of proper security measures.



captcha codes
Today, literally anything can be hacked because technology has grown by leaps and bounds and impossible is nothing. Even the Captcha codes, which were meant to be decoded by humans are now under threat. The field of Artificial Intelligence is now developing at breakneck pace. Computers have become more efficient at cracking Captcha Codes than humans. So, it means that robot programs have any number of attempts at cracking a password. 

There are even programs to decipher the characters we enter into our smartphones through keystrokes. The character will be displayed as we enter it, and programs have been developed to read even that from a large distance. Keylogging is one of the oldest techniques for detecting passwords. There are popular applications like the keylogger which reads the characters we enter into our keyboards. Today, many online transaction services provide a virtual keyboard for users to enter their password to eliminate the risk of harmful websites trying to read the key logs. Users need to be educated about all these potential threats so that they can create strong and competitive passwords (I don't think anything can ever be foolproof in today's world).

Thus, it is very much important to be aware of cyber security and cyber forensics to make sure that we are not victims of hacking, phishing and the like. There is a lot we can learn by ourselves in this field because of the resources available online. We need to educate ourselves as well as spread awareness on this topic in our zone of influence. This will be one area where a lot has to be done because nearly everything is done and achieved through the internet. The security of security questions and the techniques of password-setting are arts that everyone needs to master.





PS: 
1) I guess there is a potential risk of misuse of the information I have provided here. I can only expect you to act responsibly. If you feel like I should remove this post because it may be misused, please let me know. :)

2) Whatever little I have written here are based on my own experiences, incidents I have heard and articles I have read. If there is any factual error or any modifications to be made, please let me know.

Monday, 2 December 2013

The Accused's Side of the Story

Today, the easiest way to get rid of a rival, whether in politics, business or wherever, is to trap him in a well planned and executed fake case. To be honest, it is nothing new and it happens all the time. The earliest such recorded instance might be that of Joseph, the Biblical character we find in the book of Genesis. Even today, we find many Josephs' getting trapped with no way out in fake accusations.


Source: Google
But, the story takes a different turn when it comes to fake accusations of rape attempts. The problem is that, in such cases, the defendant is heavily protected by law. It is extremely difficult to know if the accusation is false, because, if the accusation is false, then it will usually be a well planned one. The trial the accused and his family undergo from the media, civil right groups, friends, co-workers etc can be imagined. And, sadly, the dirt sticks.

Studies have shown that 10- 20% of all rape accusations are false and are aimed at seeking revenge In fact, since the Delhi Case last year, there has been a lot of awareness on this issue, and rightly so. The moment such accusations reach the public, there will be a huge outrage with everyone crying for blood of the accused. To make matters worse, the law is strongly biased against the accused in these incidents on the assumption that there won’t be any false accusations. Even in the courtroom, because of the sensitivity of the issue, the prosecution is required to prove that it is more likely to have happened; it need not prove that it has happened beyond any reasonable degree of doubt. Cases like these also adversely affect the protection and response the real victims receive because the police might become a bit hesitant to help them, being unsure if the accusation is true or not.

Jose Thettayil
Source: Google
There have been several recent cases of such false allegations, with politicians like Mr. Jose Thettayil etc getting caught in it. The point I am making is not regarding the morality of his actions. But, the girl sent those videotapes to all media houses and asked them to make some news out of it. Naturally, they obliged. Later, it turned out that the accusation was baseless, but not before tarnishing his reputation beyond repair. One might argue that he deserved it, but will that justify the irresponsibility shown by the media?

Today, Mr. Tarun Tejpal finds himself in the mix of things. The allegation by the Tehelka journalist might be true, given the initial response Mr. Tejpal gave on the issue to Mrs. Shoma, the former Managing Editor of Tehelka. But, who can say that for certain? If it is false, then Tarun will find himself in an even more precarious situation than Mr. Jose Thettayil was in, because, political parties who were at the receiving end of his sting operations are likely to return the favour.

Following the Nirbhaya incident, there has been a huge increase in the number of false rape cases reported leading everyone to label Delhi as the ‘Rape Capital’. It is because people only check the number of rape cases reported, and not the number of acquittals. I am not saying that India is a safe haven for women and girls. Conditions should definitely be improved. A lot more has to be done in that regard. But, these false cases act as a hindrance and are a major obstacle in our efforts.

In a verdict given on one such false rape case when a 75 year old man was alleged to have sexually abused a maid in her 30’s, the Delhi High Court said things have come to such a pass after the Nirbhaya gang rape in December that the mere statement of a woman about rape is taken as gospel truth, the accused arrested and charge-sheeted. "This led to an unprecedented surge in filing of false rape cases... It is these false cases which play havoc with the crime statistics, leading to the labelling of Delhi as a rape capital," additional sessions judge Mr. Virender Bhat observed while acquitting the accused.  

Expressing the need for courts to be empowered to award compensation to false rape case victims, the judge also lamented that the media turn a blind eye to acquittals in such cases because "nobody bothers to see in how many cases the accused are convicted. The acquittal of an accused is not noticed at all and he continues to be labelled a 'rapist' even after his honourable acquittal."

There are different reasons why such false accusations are made. It can be made for financial gain, to destroy a political or business opponent, to seek vengeance and at times, even to get on newspapers. There are other instances too. For example, it is a common phenomenon during divorce cases in the western countries where women accuse their husband of abusing their child so that she will have the right to the child’s custody. The reasons may vary. But, the effect it has on the accused will always be understated.

Tarun Tejpal
In another verdict in September this year, Judge Nivedita Anil Sharma said, “It is time that we, as a civil society stand up not to only protect, shelter and rehabilitate a victim of rape but also to protect and shelter an accused against whom false allegations of rape have been levelled.”

There are instances like these happening every time. Almost every day, we see the headline, “MAN ACCUSED OF RAPING”, that too, often in the front page. Later, the person may be acquitted by the court. But, that news surprisingly never reaches the media. It is amazing, really. Sensationalism at its peak!

Cases like these are hard for the accused to prove his innocence. It often takes a lot of luck to escape. In one case in the US, the accused escaped because of a voice recording mobile phone application which he had accidentally switched on during the time frame when the incident was alleged to have occurred.

A few days ago, four were held in Jalandhar, in India, for implicating a businessman in a fake rape case. But, he escaped because of a minor mistake a key witness made in his testimony. The witness who was a taxi driver had told the police that he was coming from a place X to Y when he found the victim. The police later found that the statement was false. Sometimes, the victim herself admits to cooking up the whole story. But, not everyone is lucky. Often, the court would have found the accused to be guilty before the true story emerges.
Source: Google

So, what can be done to prevent such cases? I don’t think much can be done about the allegations apart from increasing the punishment for wrongful allegations. But, I do feel that many things can be done to help the accused ease back into normal life, if the accusation turns out to be baseless. For that, certain stringent measures need to be taken.

The fourth estate is the one area where much can be done, because, the news of accusations reach the public through the media. Similarly, media can provide equal coverage for the acquittal as it did during the time of accusation. It would be great if organizations like the Editors guild and the Indian Broadcasting Foundation made it a rule to provide equal priority to the acquittals.

There are other areas too, where we can do something to help the falsely accused. We take all possible measures to protect the identity of the victim in these incidents. Why? It is because of the potential harassment and psychological trauma that the victim might undergo. But, doesn’t the same logic apply to the accused as well? If the allegations are false, can anything ever condone for the negative publicity that the accused has been subjected to? Wouldn’t the accused be in a greater trauma and facing graver repercussions in such cases? So, isn’t it better that everyone, including the government and the media houses apply the same rules to the accused as well.

I feel that, perhaps, it would be better for all to exercise restraint and caution in revealing the identity of the accused until the allegations are confirmed to be true. That might well be the least that we can do to help the falsely accused ease back into normal life. I believe that the magnitude of these incidents and the potential damage that they can cause are such that, they need to be treated with a much greater care.

As the cliché’ goes, the accused is innocent, until proven guilty. So, he has the rights that every innocent man has. The victim has the right to privacy and to be protected, so does the accused.

Source: Google

(Update: A Study by The Hindu explains my point with detailed evidence. The link is given below)