Resolution against NPR moved in Delhi assembly

Environment minister Gopal Rai on Friday moved a resolution in the Delhi Assembly against the implementation of the National Population Register in the national capital and said if executed, it should be applied using the procedure of 2010.

Rai said the National Population Register (NPR) and National Register of Citizens(NRC) are not only meant for a "particular religion" but will also impact the majority population.

"... Such a type of thing did not happen even during the British rule. This is raising questions on every person's citizenship," he said in the Assembly.

"NPR should not be implemented in Delhi and if it is implemented, it should be done according to the procedure followed in 2010," Rai said.

The Delhi government called a one-day special assembly session on the NRC-NPR issue and the coronavirus situation in the national capital.

The Delhi Assembly passed a resolution against the National Population Register (NPR) and the National Register of Citizens (NRC) on Friday.

The resolution "earnestly" appealed to the Centre to withdraw and not carry out the whole exercise of NRC and NPR "in the interest of the nation, particularly when the economy is witnessing the worst-ever downslide and unemployment is witnessing a terrifying growth, and with the threat of the corona pandemic looming large".

It also said "should the Government of India insist on going ahead" with the exercise, it should be restricted to carrying out the NPR only with its 2010 format and no new fields added to it.

Delhi joins the list of the assemblies of Puducherry, Punjab, Madhya Pradesh, Kerala and West Bengal in passing resolutions either against the Citizenship (Amendment) Act (CAA) or the NRC or the NPR.

At a special daylong session of the Delhi Assembly, which was held to discuss the NPR and the NRC, Chief Minister Arvind Kejriwal requested the Centre to withdraw the documents since those were inter-linked.

"Me, my wife, my entire cabinet do not have birth certificates to prove citizenship. Will we be sent to detention centres?," he asked.

The Aam Aadmi Party (AAP) supremo challenged Union ministers to show their birth certificates issued by the government.

He asked the MLAs to raise their hands if they had birth certificates, following which only nine legislators in the 70-member House raised their hands.

"Sixty-one members of the House do not have birth certificates," Kejriwal said, adding, "Will they be sent to detention centres?" He claimed that with the NPR being implemented from next month, not only Muslims, but also Hindus who do not have birth certificates issued by a government agency will be affected.

Coronavirus Disease 2019 (COVID-19)

Stay home for 14 days from the time you left an area with widespread, ongoing community spread (Level 3 Travel Health Notice countries) and practice social distancing.

Take these steps to monitor your health and practice social distancing:

1. Take your temperature with a thermometer two times a day and monitor for fever. Also watch for cough or trouble breathing.
2. Stay home and avoid contact with others. Do not go to work or school for this 14-day period. Discuss your work situation with your employer before returning to work.
3. Do not take public transportation, taxis, or ride-shares during the time you are practicing social distancing.
4. Avoid crowded places (such as shopping centers and movie theaters) and limit your activities in public.
5. Keep your distance from others (about 6 feet or 2 meters).

Anti-viral foods

Coronavirus: Anti-viral foods to build immunity and keep diseases away

With three confirmed cases of the Coronavirus (n-COV) in India, the focus remains on treatment as well as prevention of the deadly virus that is said to have its origin from a seafood market in China's Wuhan. 

Symptoms of Coronavirus

A runny nose accompanied by fever, cough, headaches, sore throat, breathing issues, inflammation in the lungs, but not to be confused with pneumonia. This virus has an incubation period of 14 days. So if you have any of these symptoms persisting for more than six-seven days, consult a medical practitioner. The faster you boost your immunity, the better it is, mentioned Coutinho.

Anti-viral foods in your diet

Garlic

It is a powerful anti-viral. It can be eaten raw, mashed or can be added to soups. Mix chopped raw garlic with a tablespoon of unpasteurised, raw honey and consume a clove every day after two to three days. It's a fantastic way to boost your immune system, mentioned Coutinho.

Star anise

The flower-shaped spice contains shikimic acid that is used as a base material for the production of Tamiflu, which is used for influenza virus. It is super powerful as an anti-viral. Take star anise and boil it in water and add it to your teas like green tea or black tea.

Ginger

Count on these foods to boost your immunity. (Source: File Photo)

Take mashed ginger and star anise, and make a concoction by adding little raw, unpasteurised honey.

Coconut oil

You can cook your food in pure cold-pressed coconut oil or even have it raw. Lauric acid and caprylic acid present in it are essential for boosting the immune system against virals.

Resveratrol

Foods rich in resveratrol such as peanuts, pistachios, grapes, red, white wine, blueberries, cranberries, strawberries, and even cocoa and dark chocolate are helpful to fight fungal infection, ultraviolet radiation, stress, and injury.

Symptoms of coronavirus

The symptoms of coronavirus are:

• a cough
• a high temperature
• shortness of breath

But these symptoms do not necessarily mean you have the illness.

The symptoms are similar to other illnesses that are much more common, such as cold and flu.

How coronavirus is spread

Because it's a new illness, we do not know exactly how coronavirus spreads from person to person.

Similar viruses are spread in cough droplets.

It's very unlikely it can be spread through things like packages or food.

Do I need to avoid public places?

Most people can continue to go to work, school and other public places.

You only need to stay away from public places (self-isolate) if advised to by the 111 online coronavirus service or a medical professional.

Prevention

There is currently no vaccine to prevent coronavirus disease 2019 (COVID-19). The best way to prevent illness is to avoid being exposed to this virus. However, as a reminder, CDC always recommends everyday preventive actions to help prevent the spread of respiratory diseases, including:

• Avoid close contact with people who are sick.
• Avoid touching your eyes, nose, and mouth.
• Stay home when you are sick.
• Cover your cough or sneeze with a tissue, then throw the tissue in the trash.
• Clean and disinfect frequently touched objects and surfaces using a regular household cleaning spray or wipe.
• Follow CDC’s recommendations for using a facemask.
  • CDC does not recommend that people who are well wear a facemask to protect themselves from respiratory diseases, including COVID-19.
  • Facemasks should be used by people who show symptoms of COVID-19 to help prevent the spread of the disease to  others. The use of facemasks is also crucial for health workers and people who are taking care of someone in close settings (at home or in a health care facility).

VIRUSES AND RELATED THREATS

Perhaps the most sophisticated types of threats to computer systems are presented by programs that exploit vulnerabilities in computing systems.

Malicious software can be divided into two categories: those that need a host program, and those that are independent. The former are essentially fragments of programs that cannot exist independently of some actual application program, utility, or system program. Viruses, logic bombs, and backdoors are examples. The latter are self-contained programs that can be scheduled and run by the operating system. Worms and zombie programs are examples. 

The Nature of Viruses 

A virus is a piece of software that can "infect" other programs by modifying them; the modification includes a copy of the virus program, which can then go on to infect other programs. A virus can do anything that other programs do. The only difference is that it attaches itself to another program and executes secretly when the host program is run. Once a virus is executing, it can perform any function, such as erasing files and programs.

During its lifetime, a typical virus goes through the following four phases: 

 Dormant phase: The virus is idle. The virus will eventually be activated by some event, such as a date, the presence of another program or file, or the capacity of the disk exceeding some limit. Not all viruses have this stage. 

 Propagation phase: The virus places an identical copy of itself into other programs or into certain system areas on the disk. Each infected program will now contain a clone of the virus, which will itself enter a propagation phase. 

 Triggering phase: The virus is activated to perform the function for which it was intended. As with the dormant phase, the triggering phase can be caused by a variety of system events, including a count of the number of times that this copy of the virus has made copies of itself. 

 Execution phase: The function is performed. The function may be harmless, such as a message on the screen, or damaging, such as the destruction of programs and data files.  

Virus Structure 

A virus can be prepended or postpended to an executable program, or it can be embedded in some other fashion. The key to its operation is that the infected program, when invoked, will first execute the virus code and then execute the original code of the program. An infected program begins with the virus code and works as follows. The first line of code is a jump to the main virus program. The second line is a special marker that is used by the virus to determine whether or not a potential victim program has already been infected with this virus. 

When the program is invoked, control is immediately transferred to the main virus program. The virus program first seeks out uninfected executable files and infects them. Next, the virus may perform some action, usually detrimental to the system. This action could be performed every time the program is invoked, or it could be a logic bomb that triggers only under certain conditions. 

Transport Layer Security (TLS)

Transport Layer Security (TLS) encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence. This page explains what TLS is, how it works, and why you should deploy it.

What is TLS?

TLS is a cryptographic protocol that provides end-to-end security of data sent between applications over the Internet. It is mostly familiar to users through its use in secure web browsing, and in particular the padlock icon that appears in web browsers when a secure session is established. However, it can and indeed should also be used for other applications such as e-mail, file transfers, video/audioconferencing, instant messaging and voice-over-IP, as well as Internet services such as DNS and NTP.

TLS evolved from Secure Socket Layers (SSL) which was originally developed by Netscape Communications Corporation in 1994 to secure web sessions. SSL 1.0 was never publicly released, whilst SSL 2.0 was quickly replaced by SSL 3.0 on which TLS is based.

TLS was first specified in RFC 2246 in 1999 as an applications independent protocol, and whilst was not directly interoperable with SSL 3.0, offered a fallback mode if necessary. However, SSL 3.0 is now considered insecure and was deprecated by RFC 7568 in June 2015, with the recommendation that TLS 1.2 should be used. TLS 1.3 is also currently (as of December 2015) under development and will drop support for less secure algorithms.

It should be noted that TLS does not secure data on end systems. It simply ensures the secure delivery of data over the Internet, avoiding possible eavesdropping and/or alteration of the content.

TLS is normally implemented on top of TCP in order to encrypt Application Layer protocols such as HTTP, FTP, SMTP and IMAP, although it can also be implemented on UDP, DCCP and SCTP as well (e.g. for VPN and SIP-based application uses). This is known as Datagram Transport Layer Security (DTLS) and is specified in RFCs 6347, 5238 and 6083.

Why should I care about TLS?

Data has historically been transmitted unencrypted over the Internet, and where encryption was used, it was typically employed in a piecemeal fashion for sensitive information such as passwords or payment details. Whilst it was recognised back in 1996 (by RFC 1984) that the growth of the Internet would require private data to be protected, it has become increasingly apparent over the intervening period that the capabilities of eavesdroppers and attackers are greater and more pervasive than previously thought. The IAB therefore released a statement in November 2014 calling on protocol designers, developers, and operators to make encryption the norm for Internet traffic, which essentially means making it confidential by default.

Without TLS, sensitive information such as logins, credit card details and personal details can easily be gleaned by others, but also browsing habits, e-mail correspondence, online chats and conferencing calls can be monitored. By enabling client and server applications to support TLS, it ensures that data transmitted between them is encrypted with secure algorithms and not viewable by third parties.

Recent versions of all major web browsers currently support TLS, and it is increasingly common for web servers to support TLS by default. However, use of TLS for e-mail and certain other applications is still often not mandatory, and unlike with web browsers that provide visual clues, it is not always apparent to users whether their connections are encrypted.

It is therefore recommended that all clients and servers insist on mandatory usage of TLS in their communications, and preferably the most recent version TLS 1.2. For complete security, it is necessary to use it in conjunction with a publicly trusted X.509 Public Key Infrastructure (PKI) and preferably DNSSEC as well in order to authenticate that a system to which a connection is being made is indeed what it claims to be.

How does TLS work?

TLS uses a combination of symmetric and asymmetric cryptography, as this provides a good compromise between performance and security when transmitting data securely.

With symmetric cryptography, data is encrypted and decrypted with a secret key known to both sender and recipient; typically 128 but preferably 256 bits in length (anything less than 80 bits is now considered insecure). Symmetric cryptography is efficient in terms of computation, but having a common secret key means it needs to be shared in a secure manner.

Asymmetric cryptography uses key pairs – a public key, and a private key. The public key is mathematically related to the private key, but given sufficient key length, it is computationally impractical to derive the private key from the public key. This allows the public key of the recipient to be used by the sender to encrypt the data they wish to send to them, but that data can only be decrypted with the private key of the recipient.

The advantage of asymmetric cryptography is that the process of sharing encryption keys does not have to be secure, but the mathematical relationship between public and private keys means that much larger key sizes are required. The recommended minimum key length is 1024 bits, with 2048 bits preferred, but this is up to a thousand times more computationally intensive than symmetric keys of equivalent strength (e.g. a 2048-bit asymmetric key is approximately equivalent to a 112-bit symmetric key) and makes asymmetric encryption too slow for many purposes.

For this reason, TLS uses asymmetric cryptography for securely generating and exchanging a session key. The session key is then used for encrypting the data transmitted by one party, and for decrypting the data received at the other end. Once the session is over, the session key is discarded.

A variety of different key generation and exchange methods can be used, including RSA, Diffie-Hellman (DH), Ephemeral Diffie-Hellman (DHE), Elliptic Curve Diffie-Hellman (ECDH) and Ephemeral Elliptic Curve Diffie-Hellman (ECDHE). DHE and ECDHE also offer forward secrecy whereby a session key will not be compromised if one of the private keys is obtained in future, although weak random number generation and/or usage of a limited range of prime numbers has been postulated to allow the cracking of even 1024-bit DH keys given state-level computing resources. However, these may be considered implementation rather than protocol issues, and there are tools available to test for weaker cipher suites.

With TLS it is also desirable that a client connecting to a server is able to validate ownership of the server’s public key. This is normally undertaken using an X.509 digital certificate issued by a trusted third party known as a Certificate Authority (CA) which asserts the authenticity of the public key. In some cases, a server may use a self-signed certificate which needs to be explicitly trusted by the client (browsers should display a warning when an untrusted certificate is encountered), but this may be acceptable in private networks and/or where secure certificate distribution is possible. It is highly recommended though, to use certificates issued by publicly trusted CAs.

What is a CA?

A Certificate Authority (CA) is an entity that issues digital certificates conforming to the ITU-T’s X.509 standard for Public Key Infrastructures (PKIs). Digital certificates certify the public key of the owner of the certificate (known as the subject), and that the owner controls the domain being secured by the certificate. A CA therefore acts as a trusted third party that gives clients (known as relying parties) assurance they are connecting to a server operated by a validated entity.

End entity certificates are themselves validated through a chain-of-trust originating from a root certificate, otherwise known as the trust anchor. With asymmetric cryptography it is possible to use the private key of the root certificate to sign other certificates, which can then be validated using the public key of the root certificate and therefore inherit the trust of the issuing CA. In practice, end entity certificates are usually signed by one or more intermediate certificates (sometimes known as subordinate or sub-CAs) as this protects the root certificate in the event that an end entity certificate is incorrectly issued or compromised.

Root certificate trust is normally established through physical distribution of the root certificates in operating systems or browsers. The main certification programs are run by Microsoft (Windows & Windows Phone), Apple (OSX & iOS) and Mozilla (Firefox & Linux) and require CAs to conform to stringent technical requirements and complete a WebTrust, ETSI EN 319 411-3 (formerly TS 102 042) or ISO 21188:2006 audit in order to be included in their distributions. WebTrust is a programme developed by the American Institute of Certified Public Accountants and the Canadian Institute of Chartered Accountants, ETSI is the European Telecommunications Standards Institute, whilst ISO is the International Standards Organisation.

Root certificates distributed with major operating systems and browsers are said to be publicly or globally trusted and the technical and audit requirements essentially means the issuing CAs are multinational corporations or governments. There are currently around fifty publicly trusted CAs, although most/all have more than one root certificate, and most are also members of the CA/Browser Forum which develops industry guidelines for issuing and managing certificates.

It is however also possible to establish private CAs and establish trust through secure distribution and installation of root certificates on client systems. Examples include the RPKI CAs operated by the Regional Internet Registries (AfriNIC, APNIC, ARIN, LACNIC and RIPE NCC) that issue certificates to Local Internet Registries attesting to the IP addresses and AS numbers they hold; as well as the International Grid Trust Federation (IGTF) which provides a trust anchor for issuing server and client certificates used by machines in distributed scientific computing. In these cases, the root certificates can be securely downloaded and installed from sites using a certificate issued by a publicly trusted CA.