MIT Researcher gives one point to Aarogya App only for deleting data on time

Aarogya App is the official contact tracking App of India designed by the Government of India. The app is facing massive backlash, and recently, a researcher from MIT, who initially gave two points, has degraded the app and changed the rating to one. 

According to the Times of India, the app which was given two points for collecting useful data and deleting data on time is now reviewed negatively. The reason for snatching away one point is “data minimisation,” i.e., the app extracts more than required data, which will hinder operations. 

Before, the researcher at MIT, another French cybersecurity expert and hacker with the alias name “Elliot Alderson,” said the security of the app is weak, and the hacker will, “know who is infected, unwell, made a self-assessment in the area of his choice.” But, the app developer denied there is any security issue with the app. 

“Alderson claimed that the app is allegedly exposing sensitive health data of millions of Indian citizens. This sensational came a few days after Congress MP Rahul Gandhi criticised the app and described it as a “complicated surveillance system.”

Whereas, Apple and Google have recently released Covid-19 tracing API that connects with other contact tracking apps made by other governments. What makes the API of Apple and Google better than the Aarogya app is that they use only Bluetooth technology, whereas the latter uses both Bluetooth and GPS location.

Whoops! There was an error.
ErrorException (E_NOTICE)
ob_end_flush(): failed to send buffer of zlib output compression (0) ErrorException thrown with message "ob_end_flush(): failed to send buffer of zlib output compression (0)" Stacktrace: #4 ErrorException in /home/streakshot/public_html/vendor/symfony/http-foundation/Response.php:1219 #3 ob_end_flush in /home/streakshot/public_html/vendor/symfony/http-foundation/Response.php:1219 #2 Symfony\Component\HttpFoundation\Response:closeOutputBuffers in /home/streakshot/public_html/vendor/symfony/http-foundation/Response.php:381 #1 Symfony\Component\HttpFoundation\Response:send in /home/streakshot/public_html/public/index.php:58 #0 require_once in /home/streakshot/public_html/index.php:21
4
ErrorException
/vendor/symfony/http-foundation/Response.php1219
3
ob_end_flush
/vendor/symfony/http-foundation/Response.php1219
2
Symfony\Component\HttpFoundation\Response closeOutputBuffers
/vendor/symfony/http-foundation/Response.php381
1
Symfony\Component\HttpFoundation\Response send
/public/index.php58
0
require_once
/index.php21
/home/streakshot/public_html/vendor/symfony/http-foundation/Response.php
    {
        return \in_array($this->statusCode, [204, 304]);
    }
 
    /**
     * Cleans or flushes output buffers up to target level.
     *
     * Resulting level can be greater than target level if a non-removable buffer has been encountered.
     *
     * @final
     */
    public static function closeOutputBuffers(int $targetLevel, bool $flush)
    {
        $status = ob_get_status(true);
        $level = \count($status);
        $flags = PHP_OUTPUT_HANDLER_REMOVABLE | ($flush ? PHP_OUTPUT_HANDLER_FLUSHABLE : PHP_OUTPUT_HANDLER_CLEANABLE);
 
        while ($level-- > $targetLevel && ($s = $status[$level]) && (!isset($s['del']) ? !isset($s['flags']) || ($s['flags'] & $flags) === $flags : $s['del'])) {
            if ($flush) {
                ob_end_flush();
            } else {
                ob_end_clean();
            }
        }
    }
 
    /**
     * Checks if we need to remove Cache-Control for SSL encrypted downloads when using IE < 9.
     *
     * @see http://support.microsoft.com/kb/323308
     *
     * @final
     */
    protected function ensureIEOverSSLCompatibility(Request $request)
    {
        if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && 1 == preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) && true === $request->isSecure()) {
            if ((int) preg_replace('/(MSIE )(.*?);/', '$2', $match[0]) < 9) {
                $this->headers->remove('Cache-Control');
            }
        }
Arguments
  1. "ob_end_flush(): failed to send buffer of zlib output compression (0)"
    
/home/streakshot/public_html/vendor/symfony/http-foundation/Response.php
    {
        return \in_array($this->statusCode, [204, 304]);
    }
 
    /**
     * Cleans or flushes output buffers up to target level.
     *
     * Resulting level can be greater than target level if a non-removable buffer has been encountered.
     *
     * @final
     */
    public static function closeOutputBuffers(int $targetLevel, bool $flush)
    {
        $status = ob_get_status(true);
        $level = \count($status);
        $flags = PHP_OUTPUT_HANDLER_REMOVABLE | ($flush ? PHP_OUTPUT_HANDLER_FLUSHABLE : PHP_OUTPUT_HANDLER_CLEANABLE);
 
        while ($level-- > $targetLevel && ($s = $status[$level]) && (!isset($s['del']) ? !isset($s['flags']) || ($s['flags'] & $flags) === $flags : $s['del'])) {
            if ($flush) {
                ob_end_flush();
            } else {
                ob_end_clean();
            }
        }
    }
 
    /**
     * Checks if we need to remove Cache-Control for SSL encrypted downloads when using IE < 9.
     *
     * @see http://support.microsoft.com/kb/323308
     *
     * @final
     */
    protected function ensureIEOverSSLCompatibility(Request $request)
    {
        if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && 1 == preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) && true === $request->isSecure()) {
            if ((int) preg_replace('/(MSIE )(.*?);/', '$2', $match[0]) < 9) {
                $this->headers->remove('Cache-Control');
            }
        }
/home/streakshot/public_html/vendor/symfony/http-foundation/Response.php
    {
        echo $this->content;
 
        return $this;
    }
 
    /**
     * Sends HTTP headers and content.
     *
     * @return $this
     */
    public function send()
    {
        $this->sendHeaders();
        $this->sendContent();
 
        if (\function_exists('fastcgi_finish_request')) {
            fastcgi_finish_request();
        } elseif (!\in_array(\PHP_SAPI, ['cli', 'phpdbg'], true)) {
            static::closeOutputBuffers(0, true);
        }
 
        return $this;
    }
 
    /**
     * Sets the response content.
     *
     * Valid types are strings, numbers, null, and objects that implement a __toString() method.
     *
     * @param mixed $content Content that can be cast to string
     *
     * @return $this
     *
     * @throws \UnexpectedValueException
     */
    public function setContent($content)
    {
        if (null !== $content && !\is_string($content) && !is_numeric($content) && !\is_callable([$content, '__toString'])) {
            throw new \UnexpectedValueException(sprintf('The Response content must be a string or object implementing __toString(), "%s" given.', \gettype($content)));
Arguments
  1. 0
    
  2. true
    
/home/streakshot/public_html/public/index.php
 
/*
|--------------------------------------------------------------------------
| Run The Application
|--------------------------------------------------------------------------
|
| Once we have the application, we can handle the incoming request
| through the kernel, and send the associated response back to
| the client's browser allowing them to enjoy the creative
| and wonderful application we have prepared for them.
|
*/
 
$kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);
 
$response = $kernel->handle(
    $request = Illuminate\Http\Request::capture()
);
 
$response->send();
 
$kernel->terminate($request, $response);
 
/home/streakshot/public_html/index.php
 
/**
 * Laravel - A PHP Framework For Web Artisans
 *
 * @package  Laravel
 * @author   Taylor Otwell <taylor@laravel.com>
 */
 
$uri = urldecode(
    parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH)
);
 
// This file allows us to emulate Apache's "mod_rewrite" functionality from the
// built-in PHP web server. This provides a convenient way to test a Laravel
// application without having installed a "real" web server software here.
if ($uri !== '/' && file_exists(__DIR__.'/public'.$uri)) {
    return false;
}
 
require_once __DIR__.'/public/index.php';
 
Arguments
  1. "/home/streakshot/public_html/public/index.php"
    

Environment & details:

empty
empty
empty
empty
empty
Key Value
TZ
"Asia/Kolkata"
REDIRECT_REDIRECT_UNIQUE_ID
"YroV71DdXhYX4jC7ZS8UcwAAACM"
REDIRECT_REDIRECT_SCRIPT_URL
"/technology/mit-researcher-gives-one-point-to-aarogya-app"
REDIRECT_REDIRECT_SCRIPT_URI
"https://streakshot.com/technology/mit-researcher-gives-one-point-to-aarogya-app"
REDIRECT_REDIRECT_HTTPS
"on"
REDIRECT_REDIRECT_SSL_TLS_SNI
"streakshot.com"
REDIRECT_REDIRECT_STATUS
"200"
REDIRECT_UNIQUE_ID
"YroV71DdXhYX4jC7ZS8UcwAAACM"
REDIRECT_SCRIPT_URL
"/technology/mit-researcher-gives-one-point-to-aarogya-app"
REDIRECT_SCRIPT_URI
"https://streakshot.com/technology/mit-researcher-gives-one-point-to-aarogya-app"
REDIRECT_HTTPS
"on"
REDIRECT_SSL_TLS_SNI
"streakshot.com"
REDIRECT_HANDLER
"application/x-httpd-ea-php72"
REDIRECT_STATUS
"200"
UNIQUE_ID
"YroV71DdXhYX4jC7ZS8UcwAAACM"
SCRIPT_URL
"/technology/mit-researcher-gives-one-point-to-aarogya-app"
SCRIPT_URI
"https://streakshot.com/technology/mit-researcher-gives-one-point-to-aarogya-app"
HTTPS
"on"
SSL_TLS_SNI
"streakshot.com"
HTTP_USER_AGENT
"CCBot/2.0 (https://commoncrawl.org/faq/)"
HTTP_ACCEPT
"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
HTTP_ACCEPT_LANGUAGE
"en-US,en;q=0.5"
HTTP_IF_MODIFIED_SINCE
"Tue, 18 Jan 2022 01:07:57 GMT"
HTTP_ACCEPT_ENCODING
"br,gzip"
HTTP_HOST
"streakshot.com"
HTTP_CONNECTION
"Keep-Alive"
HTTP_X_HTTPS
"1"
PATH
"/usr/local/jdk/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/X11R6/bin:/root/bin:/opt/bin"
SERVER_SIGNATURE
""
SERVER_SOFTWARE
"Apache"
SERVER_NAME
"streakshot.com"
SERVER_ADDR
"62.210.127.245"
SERVER_PORT
"443"
REMOTE_ADDR
"44.192.47.87"
DOCUMENT_ROOT
"/home/streakshot/public_html"
REQUEST_SCHEME
"https"
CONTEXT_PREFIX
"/cgi-sys"
CONTEXT_DOCUMENT_ROOT
"/usr/local/cpanel/cgi-sys/"
SERVER_ADMIN
"webmaster@streakshot.com"
SCRIPT_FILENAME
"/home/streakshot/public_html/index.php"
REMOTE_PORT
"44106"
REDIRECT_URL
"/index.php"
GATEWAY_INTERFACE
"CGI/1.1"
SERVER_PROTOCOL
"HTTP/1.1"
REQUEST_METHOD
"GET"
QUERY_STRING
""
REQUEST_URI
"/technology/mit-researcher-gives-one-point-to-aarogya-app"
SCRIPT_NAME
"/index.php"
ORIG_SCRIPT_FILENAME
"/usr/local/cpanel/cgi-sys/ea-php72"
ORIG_PATH_INFO
"/index.php"
ORIG_PATH_TRANSLATED
"/home/streakshot/public_html/index.php"
ORIG_SCRIPT_NAME
"/cgi-sys/ea-php72"
PHP_SELF
"/index.php"
REQUEST_TIME_FLOAT
1656362479.3534
REQUEST_TIME
1656362479
argv
[]
argc
0
APP_NAME
"StreakShot"
APP_ENV
"local"
APP_KEY
"base64:ReQmfEFXKLWiEg6BrcO2XKiMoAGvRdQy00AsMsYzrsk="
APP_DEBUG
"true"
APP_URL
"https://streakshot.com"
LOG_CHANNEL
"stack"
DB_CONNECTION
"mysql"
DB_HOST
"localhost"
DB_PORT
"3306"
DB_DATABASE
"streaksh_db"
DB_USERNAME
"streaksh_user"
DB_PASSWORD
".wdnNP8o^nUT"
BROADCAST_DRIVER
"log"
CACHE_DRIVER
"file"
QUEUE_CONNECTION
"sync"
SESSION_DRIVER
"file"
SESSION_LIFETIME
"120"
REDIS_HOST
"127.0.0.1"
REDIS_PASSWORD
"null"
REDIS_PORT
"6379"
MAIL_DRIVER
"smtp"
MAIL_HOST
"smtp.mailtrap.io"
MAIL_PORT
"2525"
MAIL_USERNAME
"null"
MAIL_PASSWORD
"null"
MAIL_ENCRYPTION
"null"
AWS_ACCESS_KEY_ID
""
AWS_SECRET_ACCESS_KEY
""
AWS_DEFAULT_REGION
"us-east-1"
AWS_BUCKET
""
PUSHER_APP_ID
""
PUSHER_APP_KEY
""
PUSHER_APP_SECRET
""
PUSHER_APP_CLUSTER
"mt1"
MIX_PUSHER_APP_KEY
""
MIX_PUSHER_APP_CLUSTER
"mt1"
Key Value
APP_NAME
"StreakShot"
APP_ENV
"local"
APP_KEY
"base64:ReQmfEFXKLWiEg6BrcO2XKiMoAGvRdQy00AsMsYzrsk="
APP_DEBUG
"true"
APP_URL
"https://streakshot.com"
LOG_CHANNEL
"stack"
DB_CONNECTION
"mysql"
DB_HOST
"localhost"
DB_PORT
"3306"
DB_DATABASE
"streaksh_db"
DB_USERNAME
"streaksh_user"
DB_PASSWORD
".wdnNP8o^nUT"
BROADCAST_DRIVER
"log"
CACHE_DRIVER
"file"
QUEUE_CONNECTION
"sync"
SESSION_DRIVER
"file"
SESSION_LIFETIME
"120"
REDIS_HOST
"127.0.0.1"
REDIS_PASSWORD
"null"
REDIS_PORT
"6379"
MAIL_DRIVER
"smtp"
MAIL_HOST
"smtp.mailtrap.io"
MAIL_PORT
"2525"
MAIL_USERNAME
"null"
MAIL_PASSWORD
"null"
MAIL_ENCRYPTION
"null"
AWS_ACCESS_KEY_ID
""
AWS_SECRET_ACCESS_KEY
""
AWS_DEFAULT_REGION
"us-east-1"
AWS_BUCKET
""
PUSHER_APP_ID
""
PUSHER_APP_KEY
""
PUSHER_APP_SECRET
""
PUSHER_APP_CLUSTER
"mt1"
MIX_PUSHER_APP_KEY
""
MIX_PUSHER_APP_CLUSTER
"mt1"
0. Whoops\Handler\PrettyPageHandler