At an age, when most of the youngsters are baffled by the vast number of career choices at their disposal, one young man decided to follow his heart and do what he loves doing the most. Northeast Today gets in touch with security analyst Indrajeet Bhuyan, who have immersed as one of the best security analyst from the Northeastern region with many achievements and laurels at his disposition.
NET: How was your childhood influenced by computers?
IB: I was born and brought up in Guwahati and during my school days, computer classes excited me a lot. I always had a special fondness towards computers. Games, MS Paint, word, excel, HTML – that’s how my days passed from 1st Standard to 10th Standard.
NET: Were you a studious student or would you like to call yourself as innately curious?
IB: It was basically a curiosity. A new computer at home for a student who always wished to own one ! I had the freedom to use it on my own. No rules, no teachers, no syllabus, nothing. That was the time, when I wanted to know each and everything about it. I was curious to know how softwares and websites work and this curiosity brought me to where I am today.
NET: How did you develop this love for hacking? Are you a self learner ?
IB: I was observant and very curious, a crazy fellow when it came to computers! I was always interested in knowing how things work and it used to give me immense joy when I found the reason. I guess this helped me to develop a profound love towards the world of computers and hacking.
My first introduction with the computer was in my classroom. It could not quench my thirst for learning computers. It was only when my sister passed matriculation; a computer came to my home. And then the 18.5 inch screen showed me the window to the world.
Once, I saw few Indian sites getting hacked by some international hackers, who wrote abusive messages about India. At that time, I felt helpless and wanted to know how it was done and that’s how I started working on it and the rest is history. I’m a self learner. I learnt the basics which were covered during my school curriculum. Internet too, helped me a lot in learning the extra bit that I always wanted to learn. And thanks to some of my friends, who helped me learn more about Information Security.
NET: What are your achievements till date? Throw some light on the bank flaw which you recently discovered?
IB: Previously it was discovered that sending a huge message (greater than 7MB in size) on Whatsapp could crash a victim’s device and app immediately. I along with my friend Saurav Kar, achieved the same by making a code of just 2kb in size.
When Whatsapp Web was launched, I found a privacy flaw in WhatsApp that could expose an user’s profile photo to complete strangers, even if the user have set it to be viewable to contacts only. I also discovered that both Whastapp mobile application and Whatsapp web were not synced properly due to which even a deleted photo from whatsapp mobile application could be accessed by the whatsapp web.
I have contributed Security to companies like Apple, Samsung, HTC, Reverbnation, Photobucket, Game4U, Stack Overflow, Hike etc. I am the only person till date to get acknowledged by the popular Digit Magazine. I was acknowledged by the CEO of The Viral Fever for helping them secure their site when they released their popular web series ‘Pitchers ‘. I was also selected to speak about it in Ground Zero Summit- Asia’s Foremost Information Security Conference, New Delhi, besides being invited to present my paper on the same in ToorCon, San Diego, California. Regarding the bank flaw which came to my notice, it was a flaw in automatic passbook printing machines used by Indian banks. Using this flaw, an attacker can view the bank balance and entire transaction of any bank user in India.
NET: What do you feel about the size of ethical hackers in Northeast? What is the basic need of the hour?
IB: Well, the number is very less here in Northeast but that never means it lacks potential. Even if there are a few, they do not get proper platform and a good coverage. Talking about the basic need of the hour, I think a good platform and appreciation of good work is needed.
Hackers are looked down upon by many. Hacking is a tool and it depends on how it is used. Today, if cyber criminals are misusing the it, there are ethical hackers, security researchers who are preventing them from misusing it. So if someone is developing their interest towards hacking, they should be encouraged to use it properly rather than preventing them from learning it at all.
NET: At such a ripe age, to be able to do something that wins everyone’s heart, how does it feel?
IB: It leaves me overwhelmed and grateful. When people bestows their love and appreciation towards me, it instills a feeling in me that I should work harder and try my best to contribute more and more in this field. I would like to take this opportunity through your esteemed magazine to thank everyone for their love and support.
NET: Your message to the budding hackers of our region?
IB: Rather than watering the leaves, water the roots! When we first learn to hack, we generally start doing cyber wars, hack websites, use hacking techniques that others have invented, and use exploits that others created without really knowing how it works. Instead of doing this, try to know how things actually works. Channelize your talents and skills to do something which is good for everyone.
Check Indrajeet Bhuyan’s website at www.hackatrick.com