Thursday, May 24, 2012 | 12:01:11 AM
Home | About Us | Privacy Policy | Editorial | Contact Us | Feedback | Anonymous Tip | Advertise | In The Press | RSS
Nose for news? Techgoss pays Rs. 1000 for 250-word news items, photos. Anonymity Guaranteed. Email Editor.     
Just GossComment | 

Bank Vs Techie news
By Bala Shah

What happens when a well meaning security expert finds a flaw in the computing system of one of India’s most successful banks - ICICI?  Indian CTO Yash, like all responsible techies and security experts, had taken steps to ensure that the code to hack this weakness was not available to the wrong people. On Dec 23, 2011,  Techgoss had detailed how ICICI, instead of thanking him and fixing the problem, sent Yash an email asking him to remove his findings from his blog.

Since his research on ICICI was published in Dec, 2011, Yash, in Jan, 2012, had blogged about an alleged security issue with international bank HSBC.  On Feb 3, 2012, Techgoss had published a report on how a few rogue elements (most probably keeping their bosses in the dark) in the Indian branch of HSBC tried to intimidate the security expert.  Techie Yash’s blog has details of how HSBC contacted his hosting provider to remove the video and even sent goons to his house in South India.  Yash’s blog has all the details of how goons landed up at his house.

Latest update on this is more positive.  Mainstream media has picked up this story.  On Feb 8, 2012, one of India’s most respected media house Moneylife did a detailed article on the threats facing online banking in which Moneylife quoted Yash extensively


In fact, many banks 'shut out' security expert, Yash KS, who has demonstrated how sites of several Indian banks are vulnerable. Mr Yash shot the video showing how Trojan can breach bank sites and uploaded it on public platform so that the lenders can increase the level of security. All these banks responded immediately by blocking and successfully removing the video from public domain like YouTube but failed to enhance security levels of their sites.

Mr Yash says, "Citibank has never responded when I contacted them to talk about malware. But when I posted my videos online, they mitigated the risk to some level within 10 days. It’s a good response. (However) Before fixing it, they blocked my video in YouTube saying it is harmful content."  


Now that one of the most credible finance websites in Asia – Moneylife - has picked up Ethical Hacker Yash’s research, it is less likely that any bank would resort to sending goons to his house to threaten him.


(2/9/2012)
PrintE-MailDiscussDiggFacebookSaveWrite to Editor
Techgoss Team

Editor: DJ Varma
Email | MSN Messenger

Reporters:
Bala Shah,Nitin Paul,Yasmin Ahmed

Anonymous Tip: Email

Feedback Letters: Email
 
 
Copyright 2010 Techgoss.com
Our Technology Partner: 
Best Viewed in resolution 1024 x 768 pixels