Archive for India

NordVPN And SurfShark To India: We’re Outta Here!

Posted in Commentary with tags on June 14, 2022 by itnerd

Frequent readers will recall that India brought in strict new laws that require VPN operators to retain data on who uses their services, or else, and VPN companies considering their options including leaving the company. Which is the route that ExpressVPN took. And now it seems others are joining them in exiting the country. Starting with NordVPN:

“Moreover, we are committed to protecting the privacy of our customers. Therefore, we are no longer able to keep servers in India,” Laura Tyrylyte, head of public relations at NordVPN, told TechCrunch.

“Our Indian servers will remain until 26 June 2022. In order to ensure that our users are aware of this decision, we will send notifications with the full information via the NordVPN app starting 20 June. As digital privacy and security advocates, we are concerned about the possible effect this regulation may have on people’s data. From what it seems, the amount of stored private information will be drastically increased throughout hundreds or maybe thousands of different companies. It is hard to imagine that all, especially small and medium enterprises, will have the proper means to ensure the security of such data,” she added.

Joining them in heading to the exits is SurfShark:

Surfshark’s physical servers in India will be shut down before the new law comes into power. Up until then, users will be able to connect to servers in India as usual. After the new regulations come into effect, we’ll introduce our virtual Indian servers – which will be physically located in Singapore and London. Users will be able to find them in our regular list of servers. 

Virtual servers are functionally identical to physical ones – the main difference is that they’re not located in the stated country. They still provide the same functionality – in this case, getting an Indian IP. 

Users in India who don’t use Indian servers will not notice any differences – they will still be able to connect to whichever server outside the country they please. Meanwhile, Surfshark will continue to closely monitor the government’s attempts to limit internet freedom and encourage discussions intended to persuade the government to hear the arguments of the tech industry. 

This isn’t really going well for India as I think they expected VPN companies to roll over and comply. But that’s not happening. And the fact that some VPN companies are pulling their servers from the company, it will encourage other VPN companies to do the same. That makes India look rather lame. And it may make them rethink this rather than lose face. Though I can see a scenario where India barrels ahead to make a point. We’ll have to see which direction that they decide to go in.

ExpressVPN To India: We’re Outta Here!

Posted in Commentary with tags on June 3, 2022 by itnerd

I’ve been writing about India’s demands to VPN providers to keep and provide data to the Indian Government on what Indian VPN users are doing, and how VPN operators are thinking twice about being in the country as a result. The Indian Government has even said do what we want you to do or get out. Well, ExpressVPN has decided to get out:

In a blog post, the British Virgin Island-based company said that with the introduction of the new cybersecurity rules by the Indian Computer Emergency Response Team (CERT-In), it has made a “very straightforward decision to remove our Indian-based VPN servers.” While ExpressVPN is the first to pull its services from India, other VPN providers like NordVPN have also taken a similar stance. 

The guidelines, released by CERT-In on April 26, asked VPN service providers along with data centers and cloud service providers, to store information such as names, e-mail IDs, contact numbers, and IP addresses (among other things) of their customers for a period of five years. The government said it wants these details to fight cybercrime, but the industry argues that privacy is the main selling points of VPN services, and such a move would be in breach of the privacy cover provided by VPN platforms. 

ExpressVPN described the cybersecurity rules as “broad” and “overreaching.” “The law is also overreaching and so broad as to open up the window for potential abuse. We believe the damage done by potential misuse of this kind of law far outweighs any benefit that lawmakers claim would come from it,” ExpressVPN said. It added that while CERT-In’s rules are intended to fight cybercrime, they are “incompatible with the purpose of VPNs, which are designed to keep users’ online activity private.” Indian users of ExpressVPN will still be able to use its service via “virtual” India servers located in Singapore and the UK. “We will never collect logs of user activity, including no logging of browsing history, traffic destination, data content, or DNS queries. We also never store connection logs, meaning no logs of IP addresses, outgoing VPN IP addresses, connection timestamps, or session durations,” the company said.

I really don’t get why India is so hell bent on this rather stupid and ill advised VPN law. If they really wanted to make a difference in terms of cybercrime, they would spend more time cracking down on its internal cybercrime and world-leading fraudulent call center and scamming activities. But they won’t because the scammers and fraudsters clearly have the Indian Government in their pockets. In the meantime, expect to see more VPN providers do some version of what Express VPN has done. Which means that the Indian Government won’t be winning this fight.

India To VPN Companies: Do What We Want Or Get Out Of India

Posted in Commentary with tags on May 18, 2022 by itnerd

You might recall that I did a story on India wanting VPN companies to retain data on who uses their services, and VPN companies considering their options including leaving the company. India has now escalated this by saying the following:

The Indian Computer Emergency Response Team clarified (PDF) on Wednesday that “virtual private server (VPS) providers, cloud service providers, VPN service providers, virtual asset service providers, virtual asset exchange providers, custodian wallet providers and government organisations” shall follow the directive, called Cyber Security Directions, that requires them to store customers’ names, email addresses, IP addresses, know your customer records, financial transactions for a period of five years.


Rajeev Chandrasekhar, the junior IT minister of India, said that VPN providers who wish to conceal who uses their services “will have to pull out.” He also said that there won’t be any public consultation on these rules.

Keep in mind that India is the second largest Internet market on the planet. So I am guessing that the Indian government is counting on the fact that VPN providers will comply rather than give up doing business in that market. And even if some or most of them do leave, the Indian government will win anyway because it will leave the VPN companies that do comply with their directive. That of course assumes that Indian citizens don’t just go out and get a VPN service from outside the country. After all, it’s not like we haven’t seen that happen before.

This will be interesting to see as I suspect that the push back will be substantial from both sides, and only one side will win. Let’s see which side that is.

India Orders VPN Providers To Retain Data…. VPN Providers Are Considering Their Options Including Leaving The Country

Posted in Commentary with tags , on May 9, 2022 by itnerd

India has ordered VPN’s to collect and store users’ data, including names, addresses, contact numbers, email and IP addresses, for up to five year. With this move, Wired reported that VPN providers have since threated to quit India:

The justification from the country’s Computer Emergency Response Team (CERT-In) is that it needs to be able to investigate potential cybercrime. But that doesn’t wash with VPN providers, some of whom have said they may ignore the demands. “This latest move by the Indian government to require VPN companies to hand over user personal data represents a worrying attempt to infringe on the digital rights of its citizens,” says Harold Li, vice president of ExpressVPN. He adds that the company would never log user information or activity and that it will adjust its “operations and infrastructure to preserve this principle if and when necessary.”

Artur Kane, CMO at GoodAccess had this to say:

“Though controversial upon inception, the so-called data retention legislation has now been with us for decades. Most technologically developed countries enforce these directives with varying retention periods, usually ranging from 6 months to 2 years. In some countries, all expenses on data retention are even covered by the government.

Until now, the data retention obligations were limited to infrastructure providers (internet service providers, telecommunications), and asking the same of VPN vendors is without precedent in democratic countries.

The use of VPNs, in the past widely adopted by companies to provide remote access to company IT resources, has rapidly spread to millions of consumers over the past decade, who use it to avoid surveillance by internet providers, bypass country-based content filtering, and other restrictions. In my opinion, cybercriminals had been using VPNs to anonymize their activities even before ordinary users jumped on the trend.

Now, forcing VPN providers to track user traffic and their private data (like source and destination IP, port, protocol, and timestamps) is going to invalidate one of the last remaining safeguards of personal privacy on the public internet while helping to expose only a handful of lawbreakers. 

The value for the price doesn’t add up, either. Privacy is a basic human need, legally protected in many free countries, and people have the right to protect it, especially now, when their sensitive data is more valuable than ever and is being collected on a shocking scale.

Law on the public internet can be enforced in other ways that do not impact user privacy, such as the use of behavioral algorithms by vendors, looking for characteristic patterns of potentially malicious behaviors, or disabling VPN services to those accounts where such events were detected.”

I have been to India a number of times and this news is very disappointing. India really needs to reconsider this as this is a massive overreach by the Indian Government. And it risks making them a very repressive country that nobody will want to visit or do business in.

India Bans More Chinese Apps

Posted in Commentary with tags , on November 24, 2020 by itnerd

India is not done banning Chinese apps. The world’s second largest internet market, which has banned over 175 apps with links to the neighboring nation in recent months, said on Tuesday it was banning an additional 43 such apps.

Like with the previous orders, India cited cybersecurity concerns to block these apps. “This action was taken based on the inputs regarding these apps for engaging in activities which are prejudicial to sovereignty and integrity of India, defence of India, security of state and public order,” said India’s IT Ministry in a statement. The ministry said it issued the order to block these apps “based on the comprehensive reports received from Indian Cyber Crime Coordination Center, Ministry of Home Affairs.” The apps that have been banned include popular short video service Snack Video, which had surged to the top of the chart in recent months, as well as e-commerce app AliExpress, delivery app Lalamove, and shopping app Taobao Live. At this point, there doesn’t appear to be any Chinese app left in the top 500 apps used in India.

Oh boy. I think it’s safe to say that you can expect a response from China as this is pretty much an “F-U” to China. And that’s likely to be an instant response.

This should be fun to watch.

India Bans More Chinese Apps….. 118 Of Them….

Posted in Commentary with tags , on September 2, 2020 by itnerd

A few weeks ago I wrote a story about India banning TikTok over security concerns. There’s news now that they’ve banned 118 apps of Chinese origin including PUBG and Tencent. Medianama shared an official statement from the Indian government on the ban extension:

“The Ministry of Electronics and Information Technology has received many complaints from various sources including several reports about misuse of some mobile apps available on Android and iOS platforms for stealing and surreptitiously transmitting users’ data in an unauthorized manner to servers which have locations outside India. The compilation of these data, its mining and profiling by elements hostile to national security and defence of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which requires emergency measures,” the IT Ministry said in a statement.

You can fully expect this to inflame tensions between India an China. And those two countries have lots of tensions at the moment. Plus it will likely encourage the US to ban more Chinese apps. Especially seeing as the date to ban TikTok in the US is approaching.

Fresh Off Of Banning TikTok, India Looks To Ban Hundreds Of Chinese Made Apps

Posted in Commentary with tags on July 29, 2020 by itnerd

India recently banned TikTok as part of an ongoing spat with China where India cites security reasons for the ban. But news out of India indicates that this may not be the end as the Indian government is looking to ban hundreds of Chinese apps citing the same security reasons:

India has drawn up a list of 275 Chinese apps that it will examine for any violation of national security and user privacy, signaling heightened scrutiny and the possibility of more Chinese internet companies being banned in the country, according to people aware of the developments. This follows the high-profile ban of 59 Chinese apps last month, including short video app TikTok, amid simmering geopolitical tensions between the two Asian giants. 

The list, reviewed by ET, includes gaming app PubG, Zili by phonemaker Xiaomi, AliExpress by ecommerce giant Alibaba as well as apps like Resso and ULike from TikTok-owner ByteDance. “The government may ban all, some or none from the list,” said one person cited above. A spokesperson for the union home ministry did not respond to queries from ET on the developments. However, official sources said reviews aimed at identifying more Chinese apps and their funding is underway. “Some of these apps have been red-flagged due to security reasons while others have been listed for violation of data sharing and privacy concerns,” an official explained. This is in addition to examining the alleged flow of data from these apps to China that poses a threat to sovereignty and integrity of India, according to officials who pointed to what they termed as China’s data-sharing norm that requires companies of Chinese-origin to share data with the home country, irrespective of where they operate.

This is going to be interesting to watch because other countries such as the US and the UK are looking to do something similar. So depending on how bad the blow back is from the government of China, that will likely govern if this spreads. As for the privacy issues that these apps may or may not pose, the makers of these apps could make this go away by providing definitive proof that their apps pose no threat. To date they haven’t done that. But the need to if they don’t want to be banned from the biggest markets on the planet.

My Fourth Trip To India: Part 7

Posted in Commentary with tags , on November 24, 2017 by itnerd

The journey back to Canada was….. scary in more ways than one. Let me explain how starting with the drive to the airport. Here’s what it looked like from my perspective:

This slideshow requires JavaScript.

The drive was nerve wracking. Partially due to the volume of traffic, partially because of the risks that people take by cutting people off or trying to move forward by any means required. Staying in your lane? Nope? Speed limit? No need for one. It was a very long 45 minutes. To put that in perspective, it took me 20 minutes to get from the airport to the hotel when I arrived. That was when I foolishly thought I was used to the driving in this place.

Things at the airport actually went pretty smoothly. Once I got past the security checkpoint which required you to hand over your itinerary and your passport for examination by an Indian soldier with a machine gun backed up by another Indian soldier with a machine gun, I checked in with Air Canada. That was quick and so was clearing passport control and security. Even boarding the flight was efficient and civilized. Unfortunately that’s where the good part of my journey home ended.

The first six hours of the flight (which was 14.5 hours long) were uneventful. I managed to watch Passengers, the last four episodes of The Handmaid’s Tale, and four episodes of the second season of Cyberwar which is a show I’d recommend to anyone who is interested in hacking and the people who pull off hacks. But that changed when a passenger became a problem. From my vantage point which was almost across from him on the left side of the plane, he was belligerent in multiple languages And though I did not see it, he had apparently assaulted a woman in front of him. When he was confronted by flight attendants, he then soiled himself and that was not pleasant to smell. Now the flight attendants worked really hard to keep him calm “ish” for the rest of the flight, but it was clear that they were concerned enough that the you could feel the speed of the plane increase. I thought we were going to divert to the nearest airport, but we managed to land in Toronto 45 minutes ahead of the scheduled landing time which was scheduled to be 5:05 AM this morning. That’s where things got real. The plane taxied directly to a gate that was away from any other aircraft and Peel Regional Police boarded the aircraft. I managed to get my phone out to record a video. Sorry about the shakey cam:

They held us on the plane while this was going on and then for about 15 minutes afterwards. When we finally deplaned, I spotted him in the arrivals area:


That’s him standing on the right while the cops question the flight crew on the left. I went looking online to find out what if any charges were laid and I was unable to get those details. But seeing as it doesn’t take much to get tossed into jail for causing a disturbance on a flight, I imagine that he will be doing some time the grey bar hotel.

After that excitement, it was a trip through customs, picking up my bags which was made easier because of the Tile Sport, and then getting picked up by my wife for the ride home. I got home at 6AM and crashed until noon where I did some laundry and then went out to see a client.

Now, let me wrap up a couple of loose ends. I previously mentioned that I would have to use multiple contact lenses in a day because of the pollution that was present in India. Since getting home, I’ve had use two different cleaners to get them back to a state where I could wear them comfortably. One is Clear Care Plus which is a peroxide based cleaner that I normally use. That takes six hours to clean my contacts. But before I use that, I use Boston Simplus for four hours. As for my skin, it hasn’t completely recovered. But it is way less itchy than it was 24 hours ago. That shows you how bad the pollution was.

That about wraps things up from my latest trip to India. It was a different sort of trip with some unexpected twists. I have to come back in the near future, and it will be interesting to see what experiences that brings.

My Fourth Trip To India: Part 6

Posted in Commentary with tags , on November 23, 2017 by itnerd

I’m completing my last day in India and I want to wrap up a few things before I head to the airport for my 14 hour flight home. First of all was the smog issue. Now it wasn’t as bad as I heard it was going to be. Apparently according to the locals, it was a lot better than has been in the last few weeks. However, this is what I’ve seen during my stay here:


You can see the smog in the above picture. If that’s better, I’d hate to see what’s worse. Also, I have noted that my skin is very itchy which is something that I had never experienced here before. Besides that, I am lucky that I brought two pairs of contact lenses as they have become unwearable by the time the business day is over and I have to swap them out for a fresh pair if I want to be able to see and be comfortable while doing it. That’s also something that I have never experienced before. It will be interesting to see how long it takes my body to recover from this smog.

Now one thing that I have not done to this point is show you the sights of Gurgaon. Here’s what the drive to and from my client looked like:

This slideshow requires JavaScript.

One thing that caught my attention was this:


The sign says “Be Alert, Accidents hurt.” No offense to anyone who is Indian, but drivers are insane here. I can’t believe how people drive around here as this sort of driving would land you in jail in a lot of other places. Not to mention that there is a very liberal use of the horn. I said early in this trip that this no longer bothered me. That was true until today where I was back to feeling like I was taking my life into my own hands by being driven around these parts. It also didn’t help that in the parking garage at my client’s office, I almost got hit by a car that must have been doing 60 KM/H in a space where you shouldn’t be doing anything over 10 KM/H.

Now, some final notes about the Le Meridian Gurgaon. One is in the form of photos of the lobby:

This slideshow requires JavaScript.

This is a stunningly good looking lobby that is clean. When I say clean, I mean that I can never find a speck of dirt. It’s pretty freaking impressive. There’s a bar and two restaurants that are in the lobby that can take care of your eating and drinking needs like this in my case:


This is a Kingfisher beer which is a local brand of beer that is available elsewhere. I really liked it and I’ll be seeing if I can grab a few cans of it when I get home as I really liked it.

On the whole, this hotel has top shelf service. I will admit that they sometimes struggle with service at breakfast if you show up for breakfast at 7 to 8:30 AM. But beyond that, I have zero complaints.

I also got a chance to do a final workout today. Here’s the result:


While I was working out, I got to watch a wedding celebration which was unique to see. I wished that I took some photos, but I was focused on my workout. That was a shame as it was really interesting to watch.

The hotel did have problems with the TV service this week where for significant periods of time you could not watch TV. Well, when I got back to my hotel room, I found this:


The manager of the hotel personally signed an apology letter on letterhead which is on great quality paper. Now this is how you do customer service. Rogers and Bell Canada, you need to pay attention as this is how you treat customers.

Here’s the bottom line. I really would recommend this place if you need to stay someplace in the Delhi region as this is a great place to stay.

Now, while this was a business trip with very limited amounts of time to get out and do something other than business. I did have the opportunity to go out and get this for my wife:


I dragged along my client to negotiate the price of these items at a shop that was not a place that tourists would go to. On the left is a scarf. On the right is a jacket. The middle is a fridge magnet which was tossed in as part of the deal. Originally, it was going to be 15000 Rupees. That’s $294 CDN. My client managed to get that down to 12500 Rupees which is $248. Could I have done better? I don’t know. Maybe I could. I guess I am taking the view that any discount is a good discount. And it is likely better than anything that I could have done on my own. Whatever. I know that my wife will really like these items.

Now, by the time you read this, I will be on the way to the airport to fly home. I plan on arriving somewhere between 3 and 4 hours ahead of my flight to make sure that I make my flight on time. And I will be posting my final part of this travelogue when I get home. Stay tuned for that.

My Fourth Trip To India: Part 5

Posted in Commentary with tags , on November 22, 2017 by itnerd

Today was another day of interviews in terms of getting support agents. By the end of the day we had one more tech support agent identified. But we found a second candidate as well that we will consider. It depends on the two remaining interviews that we have tomorrow. We likely won’t get all four agents hired while I am here, and we are fine with that as we are prioritizing quality over quantity as that will get the best results for this tech support operation. Now, a couple of people have asked me via e-mail why I am helping to build this tech support operation. The fact is that I have built contact centers in the past and I actively consult on how contact centers can deliver the best possible service and how they can get the right staff on board. Thus this is totally within my wheelhouse.

Lunch today was a quick one as we had a lot of candidates that were being interviewed. We went into the Cyber Hub to a pizza place called Instapizza. The service was quick and the personal sized pizzas that we got were great. The Cyber Hub has a ton of places to eat and you could spend weeks exploring them. It’s simply a must do if you’re in Gurgaon.

After the business day was done, I returned to the hotel and did a workout. I did a 40 minute stationary bike ride followed by 12 minutes on the treadmill. Here’s the result:


I must admit that my Apple Watch is really helping me to focus on working out which is a good thing as I am not keen on leaving the hotel to wander around. You might say that the warnings that I have received since I started to take on clients here in this country have really been ingrained within me. Speaking of the hotel, I can’t say enough good things about the Le Meridian Gurgaon. The food at breakfast and dinner are outstanding and the place is visually stunning. The staff here go out of their way to make sure that you have a good time while you stay in this hotel. Finally, it’s a short drive to the Cyber Hub if you want to go there for a night out. If you need to stay in Gurgaon, you have to choose this place.

Tomorrow is my final day in the country with a couple of interviews and to tie up some loose ends. Before I leave for the airport, I have to do a GoToMeeting with another client in North America to do some training. I also have a training session with a German customer tonight in India time. The fact that I am in India doesn’t stop me from having deal with other customers. Stay tuned for that.