The Comptroller and Auditor General of India has found some shocking irregularities in the functioning of Indian Railways, especially in connection with its train coaches and its Integrated Coaching Management System (ICMS). The national auditor has found 1,205 functional train coaches to be ‘over-aged’. The coaches have a life of 25-30 years but some of these coaches were as old as 50 years. There are 17 zones in railways and maximum over-aged coaches were in the Central Railway (CR) zone with 373 coaches being ‘over-aged’.
CAG’s latest report on railways was tabled in the parliament on Friday. The report assumes much significance especially because it comes in the backdrop of the recent Indore-Patna derailment accident in which 150 people were killed and 150 others were injured. Railway Minister Suresh Prabhu had admitted that impact of the accident could have been less if the train had modern coaches instead of old coaches. He had also assured the Parliament he would expedite the process of replacing old coaches with new ones.
CAG has also found several loopholes with railways’ ICMS, especially its statistics regarding condemned coaches. ICMS application was developed by the railways with the objective of monitoring punctuality of mail, express and passenger trains, monitoring status of coaching stock in real time and online.
According to railway rules, life of IRS coaches (wooden body and steel under frame) and steel body coaches are 30 years and 25 years respectively and age of the coach is calculated from the built date of the coach. The national auditor found 2445 coaches had no built year in ICMS database and in 315 coaches, the coach factory turnout date was prior to coach built date.
Pointing out discrepancies, the CAG report observed that in 697 coaches, induction date was shown prior to even their built date. “Out of 71447 coaches of all zonal railways, in 697 coaches the dates of induction into service were shown 1-33 years before the date of built of coaches. Three coaches of North Central Railway had induction dates between the year 2019-2020,” the report stated.
The CAG report also noted that complete data of all the trains was not available in ICMS. It found discrepancies in data of stations, division, yard, base depot, interchange station which indicated inadequate application controls.
A simple solution to end the encryption debate
Criminals and terrorists, like millions of others, rely on smartphone encryption to protect the information on their mobile devices. But unlike most of us, the data on their phones could endanger lives and pose a great threat to national security.
The challenge for law enforcement, and for us as a society, is how to reconcile the advantages of gaining access to the plans of dangerous individuals with the cost of opening a door to the lives of everyone else. It is the modern manifestation of the age-old conflict between privacy versus security, playing out in our pockets and palms.
One-size-fits all technological solutions, like a manufacturer-built universal backdoor tool for smartphones, likely create more dangers than they prevent. While no solution will be perfect, the best ways to square data access with security concerns require a more nuanced approach that rely on non-technological procedures.
The FBI has increasingly pressed the case that criminals and terrorists use smartphone security measures to avoid detection and investigation, arguing for a technological, cryptographic solution to stop these bad actors from “going dark.” In fact, there are recent reports that the Executive Branch is engaged in discussions to compel manufacturers to build technological tools so law enforcement can read otherwise-encrypted data on smartphones.
But the FBI is also tasked with protecting our nation against cyber threats. Encryption has a critical role in protecting our digital systems against compromises by hackers and thieves. And of course, a centralized data access tool would be a prime target for hackers and criminals. As recent events prove – from the 2016 elections to the recent ransomware attack against government computers in Atlanta – the problem will likely only become worse. Anything that weakens our cyber defenses will only make it more challenging for authorities to balance these “dual mandates” of cybersecurity and law enforcement access.
There is also the problem of internal threats: when they have access to customer data, service providers themselves can misuse or sell it without permission. Once someone’s data is out of their control, they have very limited means to protect it against exploitation. The current, growing scandal around the data harvesting practices on social networking platforms illustrates this risk. Indeed, our company Symphony Communications, a strongly encrypted messaging platform, was formed in the wake of a data misuse scandal by a service provider in the financial services sector.
So how do we help law enforcement without making data privacy even thornier than it already is? A potential solution is through a non-technological method, sensitive to the needs of all parties involved, that can sometimes solve the tension between government access and data protection while preventing abuse by service providers.
Agreements between some of our clients and the New York State Department of Financial Services (“NYSDFS”), proved popular enough that FBI Director Wray recently pointed to them as a model of “responsible encryption” that solves the problem of “going dark” without compromising robust encryption critical to our nation’s business infrastructure.
The solution requires storage of encryption keys — the codes needed to decrypt data — with third party custodians. Those custodians would not keep these client’s encryption keys. Rather, they give the access tool to clients, and then clients can choose how to use it and to whom they wish to give access. A core component of strong digital security is that a service provider should not have access to client’s unencrypted data nor control over a client’s encryption keys.
The distinction is crucial. This solution is not technological, like backdoor access built by manufacturers or service providers, but a human solution built around customer control. Such arrangements provide robust protection from criminals hacking the service, but they also prevent customer data harvesting by service providers.
Where clients choose their own custodians, they may subject those custodians to their own, rigorous security requirements. The clients can even split their encryption keys into multiple pieces distributed over different third parties, so that no one custodian can access a client’s data without the cooperation of the others.
This solution protects against hacking and espionage while safeguarding against the misuse of customer content by the service provider. But it is not a model that supports service provider or manufacturer built back doors; our approach keeps the encryption key control in clients’ hands, not ours or the government’s.
A custodial mechanism that utilizes customer-selected third parties is not the answer to every part of the cybersecurity and privacy dilemma. Indeed, it is hard to imagine that this dilemma will submit to a single solution, especially a purely technological one. Our experience shows that reasonable, effective solutions can exist. Technological features are core to such solutions, but just as critical are non-technological considerations. Advancing purely technical answers – no matter how inventive – without working through the checks, balances and risks of implementation would be a mistake.
News Source = techcrunch.com
Delhi Max Hospital twin baby case: Police seek legal opinion after DMC rules out hospital's negligence
A senior officer, privy to the probe, said they were studying the report to ascertain the future course of action.
More than two child rape cases daily in Delhi, experts call for policy for rehabilitation
Till April 30, 282 cases of child rape were reported as opposed to 278 last year during the same period.
Follow on Twitter
Delhi1 week ago
A Start of New Technical Ecosystem by International Blockchain Technology Council
Delhi4 days ago
Army of Poets – Education For All
Amazing7 months ago
वीडियो : सलमान खान की शादी हो या ना हो लेकिन राहुल गांधी ने अपनी शादी को लेकर खोला राज
Delhi1 week ago
Dheeraj Sharma, National President Of NSC to partner with DIYguru for NSC Students
Delhi4 days ago
International Day of Art of Giving – Inspired by Dr. Achyuta Samanta Life to be celebrated worldwide today.
Amazing9 months ago
राम रहीम के बाद इस अय्याश बाबा की वायरल हो रही तस्वीर की सच्चाई आ गयी सामने!
India1 year ago
How BajaTutor is helping Car Racing enthusiasts to build their ATV’s?
Education1 year ago
Haridwar Boy making his way to promote Online Learning in India for GATE / IES Exams