#YoIndiaSoSustainable

Day before yesterday (on 18th Aug), I accidentally came across a trending hashtag – #YoKamalaSoIndian  – maybe because I am an Indian or maybe because I followed the lady a day before. The debate is on whether she relates herself as an Indian or Hindu or a Black woman. Frankly, it matters less to me – what she relates herself as – that I believe is her personal choice. Clearly, she is a proud American by citizenship for sure.

But Ms. Kamala’s story is less intriguing to me – than that of her mother – Ms. Shyamala Gopalan. Born in a pre-independence era – An Indian woman – studies science (Ph.D) and becomes a biologist. At a young age of 19 – goes alone to the US in the later 1950s and joins Black Civil rights movement much before she met her soon to be husband- Mr. Donald J Harris. She fought for Black people rights, when she wasn’t one. And her nation had just come out of 360 degrees draining clutches of British. And today her ashes are floating in the Indian Ocean – close to Chennai – her homeland.

A lot to learn from a woman who dedicated her life in isolating and characterizing the progesterone receptor gene that stimulated advances in breast biology and cancer. And who in her death – requests that donations be made to the organization Breast Cancer Action in lieu of flowers sent on her funeral.

However, the purpose of the blog is not Ms. Kamala Harris or her much respect mother. It is the tweets that people put out there – mentioning all the Indian habits under the trending hashtag #YoKamalaSoIndian.

The reason I am forced to write a blog on this is because while the world found lot of these tweets amusing and most of them have been written with a good sense of humor – I found many of them very interesting and very insightful – giving insights into a lot of funny truths, truths that Indians should be proud of and some sad truths too.

I have categorized them in certain categories defined by my own sense of judgement and decorated with a pinch of reality.

Lets see few of the tweets I could pick   :

1. Funny but True

 

I have no idea why this happens – but I have gone through this exact life. And I do it now – EACH of these.

2. Proudly True

 

Yes – we reuse, until it can be reused no more. Read a tweet about Diwali dress – multi-level reuse at its best – almost implementing circular economy within the fence of a household.

Yes – we eat home made more than market food or ready made meal. And we eat fresh food more than pre-cooked items.  We make our papads too 🙂

Yes- we don’t like to waste – neither toothpaste nor any boxes we get for free. I saw a tweet about a plastic bag full of used plastic bags that we reuse and don’t throw) – I could not find it again. But I don’t see what is wrong there if we are anyways using plastic. Our age old habit of carrying a thaila (cloth bag) to the market is simply awesome!

Yes- we ask the vegetable vendors to give us more (used to be free in past) – dhaniya (Coriander leaves) and kadhi patti (Curry leaves) and mirchi (Green Chilli) – firstly they are our source of iron and secondly – we love them in most food we eat.

   

3. Sad but True

Clearly – Poverty is a big problem that we need to solve. Poverty led illiteracy, poor quality of life, unclean and unhygienic surroundings, ignorance of hazardous aspects of plastic or any other item of daily use – all need to be dealt with and improved on. While we are headed towards the 4th industrial revolution, so many are yet to receive benefits of 2nd and 3rd revolutions. As simple as access to clean water has remained a challenge in many parts of the nation. And here we are headed to scarcity of water already, without even reaching all. #SustainableDevelopment is the only way out. Every individual, every business, every nation will have to chip in.

Some issues I could think of, looking at the tweets.

Cleanliness

Ignorance towards hazards of re-using Single use plastic

Unsafe practices due to ILLITERACY

Poverty

Poverty led mal practices and trust deficit

Women Ignoring self health

Disconnect from civic responsibilities

        

 

India needs to accelerate the speed of growth. Our Urban development is happening at 0.2 percent point compared to 2% point of the world.

Wishing goodluck to Ms. Kamala Harris for her upcoming elections. Indian or not- Black or not – you have a glorious history and a big future awaiting. Make it worth – like your mom.

Aarogya Setu – Yes or No?

I almost decided to not post this blog. But on second thoughts I am posting it.

Date : 22nd May 2020.

Background :

Aarogya Setu has comeout as one of the most powerful tool that Government of India released to protect its citizens through “Contact Tracing”. While I do not directly know the source of inspiration for our government to do so, I believe that countries which are being respected for their ways of controlling COVID-19 spread, like – South Korea and Taiwan, have used such apps in their nations and given credit to the apps to be a successful tool in their fight against Corona virus.

Recently, there were tweets claiming how the app is dangerously exposing the privacy of Indian citizens.

For a typical app to fail in the market is neither a concern of mine personally, nor is it unheard of. While, it makes me curious to know more about the reality of the situation, my natural reaction in such cases is – these guys will figure it out; I don’t need to step in.

But when I looked at the flip side – the possible results of “Aarogya Setu” app failing due to privacy reasons, I got hugely concerned for 2 reasons –

  1. What if the app is really lacking privacy control? To put it in the terms of the “hacker” – what if it is truly exposing PII- Personally Identifiable Information of millions of citizens? In this case, the hacker claimed it to be 90million (number of downloads at the time of claim). This is simply NOT ACCEPTABLE.
  2. What if these claims were incorrect but the citizens do not adopt the app because of the fear and thus the country is unable to utilize a huge opportunity to protect its citizens. This would mean exposing the human lives all around to a massive danger, when we could have protected them. This is even more NOT ACCEPTABLE.

I wanted to do a deep dive, and therefore discussed the subject with some leading security professionals. Am capturing below – exactly the thoughts shared by them and the links they pointed me to. I wanted to hear from multiple professionals on their analysis on the subject beyond just my own observations.

Professionals mentioned in this blog are :

  1. Prashant KV (Involved in discussion)
  2. Swaroop Yermalkar (Involved in discussion)
  3. Nidhish Pandya (Referred)
  4. Harshit Agarwal (AppKnox) (Referred)
  5. Abhinav Sejpal (Involved in discussion)

Folks involved :

I reached out to few security test professionals including Prashant KV.  Prashant further added Abhinav Sejpal and Swaroop Yermalkar. When it comes to Security, one of the world wide recognized community is OWASP – Open Web Application Security Project . OWASP  is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security, by the way of setting Industry standards, organizing Conferences and Workshops. Their key focus areas are –  Web SecurityApplication Security, Vulnerability Assessment.

So it may be of interest of the readers to know that Prashant is an OWASP Chapter Lead for San Francisco Bay Area and is a Security engineer at a leading retail firm in the US. Swaroop is the OWASP iGoat Project Lead (Community Project dedicated to mobile security), Head of Cyber Security (India) for a leading cybersecurity firm. He is also the author of the book “Learning iOS Penetration Testing” and he is a well-known mobile bug bounty hunter. Abhinav Sejpal is also an OWASP chapter Lead, has spoken at – null, The Open security conference. He is currently the DevSecOps in a leading technology consulting firm.

PII :

And before I share with you the findings, let us understand what is PII?

PII – Personally Identifiable Information- is the information that can be used on its own or along with other information to identify, contact, or locate a single person, or to identify an individual in context.

Non-sensitive PII can be transmitted in unsecured form without causing harm to an individual. Sensitive PII must be transmitted and stored in secure form, for example, using encryption, hashing.

PII could include – direct identifiers – your Aadhar Number, Driving License, bank Account Number, Name, Phone number, Vehicle License number, Address, Mobile numbers, Email ID, Full face Photos, Biometric identifiers (Iris scan and finger prints), etc.

And then there are indirect identifiers – which can be used to identify a person, when used in combination with other information –like – Birthdates, languages spoken, Geographical Locations, Medical Insurance Plans, Medical conditions. These are not independently enough to identify an individual in a group of more than 1 person.

Discussion and Findings:

My conclusions are based on my analysis of the app and further discussions with my peers and going through all the detail analysis done by different people referred to me by my reputed peers.

Let me start with responses of the security engineers –

1. Prashant’s thoughts  :

To summarize :

Old version of app had a bug that could allow other apps to read files inside
the app sandbox using an exposed Activity and its intent filter. This issue was fixed.
App has jailbreak/root detection and ssl pinning. Both can be bypassed by
custom frida scripts. SSL pinning is not perfect in mobile implementation and can be bypassed.
In the latest version, app sends coordinate via headers to an endpoint and the
server returns information about how many are infected etc. The privacy issue being discussed is that anyone anywhere in the world can put in any coordinates in India and retrieve info about how many infected There are no names or any personal info leaked. Just number of people infected. The app is supposed to show these numbers based on your coordinates. Issues mentioned by the researcher might be of low risk based on that calling the app a disaster is not correct.
Much of the South Korea, Taiwan  and china’s success is attributed to a similar app.

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

Prashant also shared another tweet from October 2019 – where another hacker, called out the site that belongs to our attention seeker – Robert Baptiste aka Elliot Alderson , as vulnerable.

https://twitter.com/crackohacker/status/1182596471058681856?s=21

Furthermore, Prashant also shared a blog from another Security engineer – Swaroop Yermalkar, refuting Baptiste’s previous claims – https://blog.swaroopsy.com/2020/05/07/part-1-truth-behind-propaganda-against-maadhaar-security/amp/

Since Swaroop was part of the conversation, we will talk more about his view in the blog further.

Towards the end of our conversation, Prashant shared 2 more write – ups :

  1. https://medium.com/@N1gh7m4r3/explaining-exposing-imaginary-arogyasetu-privacy-issue-433a6dc7b76e

This is written by Nidhish Pandya, who is a cyber-security enthusiast. He has clearly called out the security issues raised by Baptiste as imaginary. His blog is full of pointers to various sources which prove his point.

  1. https://www.appknox.com/blog/is-the-aarogya-setu-app-safe-to-use

Appknox is a company that specializes in mobile app security. I found their analysis to be pretty detailed and conclusive. Hence, let me share the final word here from Harshit Agarwal , the CEO of AppKnox.


The Word 

There might indeed be certain security misconfigurations in the Aarogya Setu app, but none of which pose great threats. Into the bargain, we never found any evidence for the PII data breach in our security assessment.

We strongly believe Aarogya Setu app is the Indian government’s approach to providing the right information during the uncertain times of the COVID pandemic. Nevertheless, based on our findings, the following low and medium level safety issues of the Aarogya Setu can be rectified,

  • Implementation of ATS in iOS devices
  • Non-expiration of tokens
  • Usage of SSL Pinning instead of encryption
  • Using AES/CBC encryption instead of AES/ECB encryption

Yet, even without these rectifications, the application is still secure to use, and you don’t have to fear privacy intrusion.


Harshit’s blog also mentioned the below details as “Fact” against Baptiste’s claims.

Fact: 

The radius buffers have been limited to five values, as mentioned earlier. These standard values are posted with HTTP headers. Even if any user enters another value, the distance will be directed to the default value of 1km.

As asserted by the hacker, the user can indeed fetch data for multiple locations by changing the coordinates. Nevertheless, the API enforced in the Aarogya Setu application prevents such bulk calls from being processed.

So, there is absolutely no way for one user to procure the COVID-19 statistics by simply changing the coordinates.

That said, the claims of french researcher are futile. He was unable to prove the privacy risk of any user using the Aarogya Setu app. So, rest assured, you are safe. None of your confidential and sensitive information is out in the open, everything is secure.

2. Abhinav Sejpal

His recommendations were –

#1 Open source Aarogya Setu App Source code and Allow the honest feedback.

#2 Start the bug bounty via Hackerone or bugcrowd or whatever works for Indian gov

#3 Invite few security experts to review findings and crowd source overall triage process.

One may have to review these asks but it could be worth a look.

3. Swaroop Yermalkar

And our final specialist – who is a highly accomplished security professional – he wrote the following blog for his review of Aarogya Setu app –

https://blog.swaroopsy.com/2020/05/08/part-2-truth-behind-propaganda-against-the-aarogya-setu-app-security-the-real-story-of-success/

One can find his other blogs on security issues at: https://blog.swaroopsy.com/

In his words – clearly – “There were some security issues but NO Breach! No personal info of single user got leaked!

On probing further, he shared his interaction with Baptiste, who could not take being questioned on his false claims and Swaroop says – he got blocked therefore by Baptiste on twitter.

Incidentally , the day we were discussing this a news came in that someone from Bangalore hacked Aarogya Setu and I asked Swaroop, what does he think about that. He pointed me to his tweet that said –

 #mensxp Stop spreading misinformation! Have you performed verified analysis by security professionals? Validations can be bypassed at client side! Where is PII? Don’t make #infosec as #tiktok videos or #clickbait!

You can see his popular tweet at : https://twitter.com/swaroopsy/status/1260963165094834177

Major Highlights of Swaroop’s blog :

The list of vulnerabilities mentioned:

  1. Access to App’s Internal Files – LowSeverity
  2. Bypassing Root Detection Using Frida – LowSeverity
  3. Bypassing SSL Certificate Pinning – LowSeverity
  4. Finding Infected People In Any Area – Low/infoSeverity (It’s the app by design)

Final Conclusion: Vulnerabilities discussed didn’t disclose any PII / Personal Data / Age / Name of any COVID-19 Patients or Arogya Setu App Users. Forget about 90 millions but not even single user’s data got exposed! Bug Bounty Companies would pay USD 0 for these type of issues! Now you can decide, are these really security threats or just a publicity stunt?

In fact,  I would say the Aarogya Setu App is a success story! Millions of users downloading this app and helping people to get aware of nearby patients around them!

I also agree that government apps should have proper channels / bug bounty programs to receive security issues. India has one of the largest infosec community and can help government apps to get them more and more secure.


My observations :

  1. Much like all leading apps that different governments ( e.g : TraceTogether (Singapore), NHS (UK)) in the world have come up with , Aarogya Setu was also built in like 15 days.
  2. Technology stack looks similar to other such apps – AWS / SQLite / secure hosting/ rooted device detection.
  3. Interestingly – Aarogya Setu has implemented an additional layer of encryption (Lat / Long). Also, it stores data for a limited period of time both for COVID infected (60 days) and not infected people (45 days).
  4. I am NOT a reputed security engineer yet. But going by the take of so many of proven, experienced and reputed #InfoSec professionals – all claims made by Baptiste / someone in Bangalore (reported in menxp) – ARE TOTALLY FARCE AND ATTENTION SEEKING ACTIONS.
  5. Clearly there were some gaps in the previous version of the app, which have been fixed.

As a member of community of testing professionals – we like to believe that there is no software that is 100% defect free. After studying the app and comparable apps and usages across the globe, I find Arogya Setu to be a powerful tool made by the government to protect Indian citizens and one can download it and use it without any fear of security issues especially wrt what Baptiste claimed.


**Original blog ends here.



Further updates on Aarogya Setu –

The top demands from the security professionals across the world have been heeded to by the Aarogya Setu team.

As of today – the app has been open- sourced, and government has initiated a bug bounty program for the app.

Further updates from Swaroop.

Update 1 [May 26, 2020] – https://twitter.com/SetuAarogya/status/1265281058532016128
The #AarogyaSetuApp is now open source. Read the attached release documents to know more.

Update 2 [May 27, 2020] – https://twitter.com/SetuAarogya/status/1265353503221772288
Aarogya Setu Bug Bounty Program – Aarogya Setu Bug Bounty Program – call upon the developer community to join hands to help make Aarogya Setu more robust and secure. Those identifying vulnerabilities, bugs, or code improvement stand to get recognized and win cash awards too.



 

During lockdown, it may not have been important to use Aarogya Setu. But now that lockdown is getting lifted, and people are expected to move out and come in contact with more people beyond their immediate family and folks, IT IS MORE IMPORTANT TO USE AAROGYA SETU NOW. And I decided to publish this blog only with the purpose to reiterate the importance of the use of this app and to appeal more citizens to adopt it.

The success of the app is directly proportional to its adoption. More the number of people who use Aarogya Setu, better will be the information provided by the app.

Know what you are looking for.

Metal detectors and baggage scanners (X-Ray machines for luggage) are a common sight at public places in India – whether you go to sports stadium, a Mall, a hotel, a government office or for that matter even private offices and Business Centers. Airports are where I sight them globally.

However, I get a feeling of thoroughness only with the airports officials at these security check points. At most places, I notice, the officers sitting on the screens of the baggage scanners are not even looking at the screens – which makes me feel uneasy (Will refer to this later again as Experience 1). I don’t like being frisked multiple times a day, but when I pass through a security check and I know I have not been frisked properly – I know the danger I am entering into (Will refer to this later again as Experience 2).

The routine is different for different places. Mostly – my car’s boot space gets checked, there is a mirror pushed under my car’s bonnet to check if there is anything stuck under the car (Exp 3)- and then I am asked to give my luggage and even phone away before passing through the metal detector and then my luggage is handed over to me with a warm smile (Exp 4).

These officers seem to be trying to do a thorough check. And these ones (Exp 3 and Exp 4) interest me. The ones that were mentioned in cases Exp 1 and Exp 2 seemed totally hopeless – I absolutely have no respect for a person, who don’t do their work properly. As they say – you had one job.

But at this point – I am thinking – do any of these 4 set of folks know what their job is. So I talk to them – the response is same everywhere – we are looking for items forbidden to carry. Okay – and what could that be. Well, they are obvious ones – Guns, bombs, knives, Liquids etc.

My next question to them is – do you know what a bomb looks like? or a dismantled gun looks like? They start to smile – because obviously, none of them have ever seen a real bomb. I don’t want to come across as a depressed or a lunatic who is planning something so I don’t ever ask more than 1-2 questions at a place and move on. Now, after so many experiences, I ask just 1 question  – do you know what you are looking for? The answer is mostly a smile or “kya madam” (which in my English translates best to “C’mon Mam”)

At most airports – I find officers almost intimidating – their process being more lengthy and apparently rigorous – a bit black box kinds too. One doesn’t easily get to see the scanned images – the officers are glued to the screen – And to their credit – they sure find things every once in a while. But the investment is huge. The process again remains standard – not intelligent all the time. Makes me want to say an overkill sometimes, but concerned folks say – when it is about safety better safe than sorry. Not sure, if they are even looking for an optimum solution.

As I kept probing on my own uneasiness with the fake security check I get at most places and on the other side –  overwhelming & intimidating security checks at the airports and slowly I begin to feel, this is so similar to my world of Software Testing. Do testers know what they are looking for? More importantly, can they identify a risk if it is not shaped as they are expecting it to be (mostly in their limited/fixed test cases).

  • Most testers perform testing as a ritual they have to execute, in certain order
  • More often than not Testing is in place only to put a check and say – yes we do it
  • When Automation comes into play – most testers don’t know how to make the best use of it
  • Mindless automation – again as a “must do” procedure is applied. No one is looking at the scanner screen.
  • Garbage in Garbage out Automation keeps continuing. EVERY LUGGAGE should pass through the scan. But the story ends there.
  • The regular beeping through the metal detector or not beeping at all – doesnt ring a bell to the executives. Because of so many false positives – no one bothers to check eventually. The need is to continuously upgrade the system – but it is so much of work each time that they just let it go.

Comparisons could go on…

This is where I feel hopeful about software testing more than the physical security check world – because we seem to be adopting “AI”  to keep training our systems to understand how to segregate defects from those that are not. As we begin to use more artificial intelligence in our automation and we train our verification scripts to update as per the changes in the applications, our overhead for maintenance shall reduce to minimal.

Dont get me wrong – there will ALWAYS be a need to humanly explore the unknowns but our effectiveness in distributing the knowledge of the newly explored unknown, into the whole system quickly and making it a known quantity to our testers and application owners will bring a significant success to the business owners in terms of reduced risks and reduced time to market with minimum investment.

If you wish to learn more about what you should be looking for in software and how you can reduce risks in your application without creating huge technical debt in automation and yet reducing time to market (incrementally), you could do these:

  1. Talk to me at smita.mishra@qazone.in
  2. Study testing, learning critical thinking and uncovering risks at http://www.satisfice.com/ and http://www.developsense.com/  — Infact try registering in one of their classes.
  3. Explore test tools like test.ai, testim.io, saucelabs, applitools, tricentis.
  4. Explore training and webinars with SoftwareTestPro.com and MinistryofTesting.com . They also have some of the best conferences and meetups – full of latest trending content.

These are absolute top ones that come to my mind as I am typing. This wasn’t how I had planned to end the blog, hence a very limited list.

If you explore, you will find many more leaders and platforms. What is important is – to learn. So you know what you are looking for.

Just Half A Glass of Water

Image result for Glass of water in nature

I was once watching a show where the comedian attributes his being fat to the African children. The basis being  the constant reinforcement of the thought, in his childhood- Don’t leave any food uneaten – remember there are kids in Africa who go hungry without food for days. I got his humor and smiled. There was no point judging him – he (now a grown up adult) had a valid point – his not eating actually would not help African kids – as he rightly asked – how have we truly contributed to the concern.

While the focus was on food, I do see a growing concern on drinking water too today. But the issue seems more serious because it is not “just an African issue”. We are all aware of the epidemic situation of water scarcity in Cape Town. We are all headed to the same.

Drinking water is in shortage and is increasingly becoming a more precious commodity across the globe including my nation India once where the civilization started on the banks of river Indus.

Related image

I do see citizens, travellers , kids – all concerned about it and lot of practical tips are being included in one’s daily routine. We ourselves have moved to bathing with Bucket and Mug instead of showers. We have sensors in water tank , pretty effective in stopping overflowing of consumable water. We measure the water we use and misuse too.

But when it comes to offering water to others, we get more generous. It is always a full glass of water. We never think twice if it is going to be consumed all or not. At a personal home setup the wastage may not appear huge because it is mostly 1-2 guests at a time. The whole idea of this blog came to me when I was having multiple lunches and dinners at different restaurants this past week with huge numbers of family and friends – most of whom did order additional drinks and never bothered to finish water in their glasses. The thought stayed with me – why couldn’t the service men offer half a glass of water and offer more when asked for.

Offering a glass of water is the basics of serving the guests and in a country like India – where we treat Guests as Gods ( Atithi Devo Bhava) , it may feel a bit uneasy to offer only half a glass of water but as guests if we can handle it without getting offended, maybe we can save some serious amount of potable water, daily – considering we have millions of eateries, serving multi million people globally.  Think about it.

Next time when you visit an eating joint – specifically ask for #justhalfaglassofwater to be served. Maybe we start the revolution and save some water for our grandchildren.

Image result for Serving Half a glass of water

Glasses with illusions – get creative!!

Restaurants can get creative with their serving glasses if needed.

Quick side note – I do see bottled water as a very good alternative, as it can be carried and consumed without being wasted but unless I see a bottle that’s not plastic, I find its use as dangerous and hence not promotable – it shall have counter effects.

 

Remember the Roses

Image result for remember the roses story joan of arc avery taylor

I am not an avid reader and my confession is not going to reflect highly on me , specially since I am trying to make it in a knowledge era. Don’t mistake this for – I never read. I am more of an experiential learner. However, the books I read, the stories I love – stay with me, word by word , feeling by feeling forever.

One such story I read, was – Remember the Roses. I read it more than 22 years back(Proves my point that I love reading sometimes). Written by Avery Taylor, a British author, published originally in 1967 (I wasn’t born then). Will quickly brief the plot for you:

” During the Second World War, Robert, an English agent, comes to rescue Paul Renard, a key member of the French Resistance, who has been taken by the Gestapo and is being held in a prison in Rouen, France. Robert parachutes into a field near Rouen. When he tries to make a contact with a member of the Resistance, Robert is almost captured by the Nazis. A young girl called Jehane le Brun rescues him and helps him to locate and free Renard. When Robert returns to England, no one believes his account of how he returned with Renard.

But when they all inspect the evidence, Robert finds that Jehane could have been none other than the legendary Maid of Orleans, Joan of Arc, who had fought for France in 1429.”

Second world war was fought in the years 1939-45. The story of the girl’s bravery never left me. And it has forever inspired me.

The reason I write this – I would so love to meet the author and I am unable to find her on any social media.

Humble appeal to anyone who reads this blog – if you can find the author – Avery Taylor, can you please tell her I am so inspired by her writing and if possible, get me her contact details – reach me here or on my twitter @smitapmishra.

Thanks for your time!! Keep reading lovely books and stories!! Keep inspiring and getting inspired!!

 

What a Sunday!!

Monday morning – absolutely the most wrong time to write a blog. The moment this one is published, my CTO friend is going to call me to say those 3 magical words – What The Heck!!! I have so much work pending on me to do and yet I am typing this up because I feel compelled to do so.

This past Sunday on 16th April’17 , I over committed my time with a couple of events on a weekend – a time which is exclusively owned by my kids otherwise. I was afraid I will feel guilty at the end of it.

I had been invited earlier to this event that was coming up but couldn’t make it then; And since it had a very interesting name – FeministMohalla, I was curious to try it out atleast once. Add to it – it was an initiative by a dear friend Swarnima Bhattacharya and her partner Rachel – So I had to do it!

As I reach the Humayun Tomb, which is a recognized World Heritage Site – I did not really know what to expect. I saw a group of people surrounding lovely Swarnima in yellow- the storytelling had already begun – yes I was late by few minutes.
Image may contain: 8 people, people standing and outdoor

The discussion started with the real meaning of a harem and went on to de-mythify a lot of our impressions about the status of royal and ordinary women and their role in the administration and ruling of various lands -in those times. I had heard of Humayun, Babur and Akbar but I had never heard much about the women around them.

The first lady I heard of, was Aisan Daulat Begum – Babur’s maternal grandmother. She was wife of Yunus Khan of Moghulistan (in today’s Afghanistan). A sternly bought up woman herself- she had tremendous influence on Babur’s bringing up and his rule across and thats how the entire lineage was called Moghuls here in India.

There after, we heard of many names, many of them unheard of before.

1. Aisan Daulat Begum- Babur’s maternal grandmother
2. Gulbadan Begum- Humayun’s sister
3. Bega Begum- Humayun’s chief queen
4. Hamida Banu Begum- Humayun’s wife -Akbar’s mother
5. Mahchahak Begum -Humayun’s wife and governor of Kabul
6. Jahanara- Shah Jahan’s eldest daughter

Each of them had such beautiful stories of courage, love, loyalty and a display of tremendous talent and amazing administration abilities to their credit. The one that stayed with me was Mahchahak Begum (incorrectly known as MahChuchak Begum)- threw out the then Naib Subadar and ruled Kabul on her own. She lead her army in person and defeated Munim Khan at Jalalabad. She chose to rule in her own name not in the name of her 3 year old son Mirza Muhammad Hakim (whom Humayun had appointed as the governor) – a clear sign of courage to oppose blind patriarch.

Image may contain: 22 people, people smiling, people standing

Besides the women warriors, rulers and queens , I also understood a few things about Mughal architecture. It never occurred to me that the water bodies around every monument could be there for any reason beyond beautification. And then there was light thrown on the fact that the people who came from the deserts had a thought that  heaven is a place where there is water in abundance and hence the water fountains and water columns around the monuments. This made sense.

I thoroughly enjoyed my visit to the monument and the story telling. A very honest attempt to dig out genuine details of history. Well done team! I am absolutely sure, I am registering for the next event asap. Follow the #FeministaMohalla on twitter for more updates!

I had to miss the concluding story and rush back to my place since there was another event I had to go to and in between had to pick my daughter / get my son going for his studies for the Monday test.
Started back for Innov8 for the  Google Women TechMakers event being held in conjunction with the Google Developers Group, New Delhi for International Women’s Day. I did expect some tech enthusiasts and knowledge sharing. But the energy I felt there was unmatched to any tech event I have attended before. A group of 40-50 odd college going young girls and a couple of trail blazers like Neha from JSLovers and Sanya Khurana. What energy and passion at show!! So many technical resources and forums discussed and bought to the front for both young men and women to learn technology. They had so many questions and all they wanted was to build something meaningful and reach their dreams!!

So proud of each of the girls in the event. True gems – precious ones. I am so looking forward to see each of them build a legacy for their self and the world.

Image may contain: 4 people, people sitting

Image may contain: 17 people, people sitting, crowd and indoor

 

 

 

 

 

Image may contain: 29 people, people smiling, people sitting, people standing and indoor

I was lucky to have as enthusiastic co-panelists like Dolly Bhasin, Tarusha Mittal, Ankita Gulati and Rohini! We had some awesome time – getting to know each other and sharing our experiences.

As I was heading back home from the event – I couldn’t get over the fact that since history,  women have had  active careers and yet, we were still struggling to accept that women are able decision makers and still dont allow them the freedom of choice. Though we need a lot more societal changes for that day when its just a TechMaker event and we dont need a Women Tech Maker event – a lot is happening and changing and until it does happen as we want it to be – our salute to all the resilient women out there. Keep going. And our dearest men – thank you. Thank you for being by our side and fighting it out together.

Happy Sunday for me- it was worth it, out and out. And a Happy Successful life to all of us!!

Continue, Change or Let it go…

continue-change-or-let-it-go
I often hear my daughter sing – Let it go (the Frozen song) and I enjoy it as a beautiful song in young voice. And she truly enjoys singing it.
Recently I saw an update from a dear friend and a professional who has my truest respect – Pradeepa Narayanaswamy. Her update had her site that mentioned her aspirations and achievements so far, as a life coach. That got me interested, because the Pradeepa I knew, was more of a technology person, teaching teams to work together and getting truly agile. On going through her work, I landed on her blog post Let it go, Let it go…
That article talks about letting go of those relationships that end for reasons you may not fully accept or understand. And it got me thinking about work and personal relationships all around us. Yes, when the relationships end – you have less choice but to accept it. And even though it may be a bitter end or unexplained, its in your interest to let it go. It made me think of relationships that have not ended but have lost its original sheen and meaning. Relationships that give you more pain than pleasure.
What do we do when it is simply not working out between the 2 and its becoming a daily nightmare to carry on with it? And neither of the party is giving up either. What does it truly mean? And think about it in terms of not only husband-wife, girl friend – boyfriend, or with ones in-laws but also between and with co-founders, investors, advisors, team, managers – why is the relationship so difficult?

More often than not, when money or kids are involved- it could offer a very straight forward insight into why the painful relationship still exists. However, let’s also get this understanding – that in such cases, though the official name of the relationship still remains what it used to be- the relationship has now evolved into meaningless forced bond.

At first, a relationship is conceived because 2 individuals or entities found something in each other  they needed. It continues to be pleasurable if they are happily deriving what they need and are happy to give what the other needs. Its universal truth hidden from none that you can’t have everything in the world and that forces one to have their priorities clear. Because very often one has to trade off 1 benefit for another. Now if both the parties have the same priorities for the benefits and willing to do the required trade offs – the relationship continues to work. Occasional hiccups are a sign of a healthy relationship – exceptions prove the theory.

is-it-the-relationship_

But when the priorities of the 2 parties are not clearly defined or do not sync , then how difficult the relationship will be shall depend upon how far are the trade offs and core objectives of either one, from each other.
If you find yourself constantly misunderstood, having trust issues, backstabs and constant complaints of not doing enough in the relationship, then you probably are going through this. Specially more, if you feel helpless in getting your point across and for others to not see your point of view. And, if you do find yourself stuck in such a situation – what are your ways out?
1. Continue – until you physically give up and your body shows signs of ageing and being sick . And one day either of you will be dead. And so will the fight. But it won’t keep you from feeling incomplete and having tons of ugly memories to live with. And substantial loss of reputation (for all the things you do to show the world a perfect picture). In a way, this is easiest to do and pretend like all is well, when everything inside you is breaking and crying for help – because it keeps you in your comfort zone wrt the outer world. This is very draining emotionally, everyday. Keeps you from achieving your true potential in life.
2. Try something new. Change your stand, if you can. If you are going to apply the same solution to the problem over and over , and it didn’t work for so many times why do you think it would work now? Can you try changing your stance and giving in and if the relationship is truly worth, can you realign your priorities to the other party and see if that brings you closer to the larger goals. It may not be a perfect win-win situation but it will save your relationship and maybe, just maybe – you realize that for the longest time you were holding on to something non-critical, just for the heck of it. Weigh in your trade offs and priorities.
3. Let it go – Now, this is the toughest part. Not only because the world sees it and that makes you uncomfortable with “what the world would think of this”. But also if we are insecure and having difficulty imagining the other individual or entity in another relationship or yourself living by just your own self (technically single). If having the possession of the relationship is more important to you than the relationship itself – you could very well be trapped here. But when you are in a situation where you can’t continue anymore or have tried everything you can to realign in order to keep it, then it’s officially the time to “let it go”. Keep in mind that the same body (as sick it may be) feels heavier post death. And the longer you carry a weight , the heavier it begins to feel.

Choose the way forward carefully – pause, get your head and heart sorted and then charge ahead – remember – being happy and healthy is most important!! Focus on leading a meaningful life that matters.

Get healthy in 1 step…really!!

I am going to share with you my biggest mistake regarding my health that I committed and am now trying to fix it. I have begun to feel better ever since I took that 1 step towards my health and am hopeful this will help you to identify if you are falling trap to this mistake/myth/habit/illusion – whatever you may call it and if this could eventually pose a health challenge to you too.
Here is my story – I have forever been a slim person and was one of those people blessed with magical metabolism that would digest the right things and detox my body of unwanted things.
And I am pretty sure, a lot of you are blessed with good health that you take for granted. Well, there are reasons (beyond hospital bills & insurance premiums) why its said that Health is Wealth.
smita (2)
So lets hear it- straight from the horse’s mouth – what is my point that I am driving you to?
Slim is fit: This was my mistake – I believed that I am fit since I was always a slim person and with not much extra flab to shed. Well, the truth is Fit is Fit. Slim is NOT fit. Slim is not as dangerous as obese but being slim doesn’t signify the status of your health in anyway other than that you are not obese.

I realized this more as I stepped into my 33rd year as human on the planet. Until then I abused my healthy blessing to no ends by eating wrong….eating at wrong hours…. Countless chocolates, softdrinks as much as I pleased. I seriously didnt have any fixed timings for food. If you are thinking I am going to say – Nothing can be more wrong than this, here is the worse thing – Even with what little meals I ate – I never ate what I should. I ate mindlessly.  And for a long time I was okay (like I said – for 33 years) – my body could handle all the abuse and kept releasing digestive enzymes on my command and never acting like it was upset at me for being a complete mismatch for its expectations and needs.

And then I slowly saw the signs. I started to get tired, used to feel irritated, started to look dull. I still didnt care as much. Specially since I wasnt particularly suffering from any specific disease. I knew I could someday reverse these “temporary issues” with healthy eating habit and fitness regime and having a routine. Something I knew but I never did. Soon, I fractured my right leg quite effortlessly with just a not so jerky twist. I began to have pains in my bones. I couldn’t wear high heels as much as I enjoyed them.Yet – I didnt pay heed. I was as ignorant as one can be towards ones body.
But then I started to have massive hairfall. And this was heart breaking. I couldnt take it. I also knew – it might be something that has reached out of my control and I cant easily reverse it. This was when I started to regret my doings.

On SOS basis – I put my health on priority. I made sure I dont skip meals – as busy or angry or mad I am due to any reason – I will have my minimum 3 meals a day and at as fixed a time, as I possibly can work around. But there is something I did that truly had a midas touch effect on me.
milkAny guesses what is that one thing that can help you fix most of your health issues, besides having a fixed routine for eating and exercises? MILK. Seriously. Specially if you are pure a vegetarian like me, you have to have a glass of milk everyday. Its funny I am writing this blog at a time when people around me are talking about Women’s Horlicks -because I started taking women’s horlicks regularly since last year. And I am strictly NOT endorsing them. But it has worked for me.

My hair loss significantly reduced- milk protein and calcium has visible benefits on skin and hair – and body overall. My body pains have almost vanished. Even my toothache has reduced – not sure if its related but other than increasing my milk intake, I havent changed anything in my diet, hence building the inference. And I think better calcium intake could have helped my teeth too.

I can’t reverse or stop my aging or the health issues that will come with it. But I am glad I took charge of my health while things were still in control.

Take that 1 step in your life. Add a glass of milk to your diet. If you are one of those that dont like packed milk, go farm fresh -try Farmagic. I love the taste of fresh cow milk they send.Its a feel good factor, if i take it with health supplement (more of calcium, which my body needs) – you can take it with any health supplement you like. Eat regularly and exercise.
farmery-milk_1

Test your fitness

  1. An average adult should do 30 minutes brisk walking, or walk 10,000 steps daily. Try doing this – you will know how good your health is.
  2. Look at your hairfall – is it normal?
  3. After your day long of office or household work – when you lay down – how does it feel in – your knees /  your lower back / your shoulders. Do they pain noticeably?
  4. Frequent Heartburns / Acidity?
  5. Fatigue / impatience/irritability

I do not wish to act as a health professional but I strongly believe that health science evolved based on human experiences. So the basics of health lies in us being able to hear what our body wants to tell us. Listen to it. Take rest, if it asks you to. Eat / sleep / work – as per your body’s expectations. Put yourself in a routine.

Take care of yourself. Stay healthy. Stay blessed. Dont forget your glass of milk tonight before you go to sleep!!!

Please do share your experiences – specially if you start drinking milk today onwards and comment on what effects you see on yourself.

A memorable visit to Maha Kumbh : Largest gathering on Earth

Finally, I am back to my blog. Just so you are not confused, I came back from the MahaKumbh way back but I just never came back to post my updates. So here they are.

I had originally planned to write so much about it but now I think I wont write my thoughts. Instead – let me show you what I saw there and let you find your own like or not for it. I may, if time permits, write more in detail about my experiences but for now – enjoy some visuals and let me know if you like these.

20130126_210357

20130126_211938

20130126_212041

20130126_212132

20130126_212608

20130126_214653

20130126_220117

20130126_220128

20130126_220218

20130126_220629

20130126_222253

20130127_074205

20130127_074442

20130127_080120

20130127_080300

20130127_082031

20130127_082032

20130127_081950

20130127_085907

20130127_111522

20130127_125642

Maha Kumbh Pics

Honestly – just like its difficult to express in words – any of your favourite places where you realize you breathe also, it will be difficult for me to describe the feeling. Did I like it – yes. Will I go there again – very likely. Will I recommend others to go – Yes, but only with proper preparations.

Overall, it was a pleasant experience. I enjoyed it. But I do realize that I was amongst the few priviledged ones to enjoy it the way I did. It can indeed be a little pain for those who have no local connects or know how of in-roads.

Feel free to enquire for any details about the visit. Will be glad to help.

Maha Kumbh : Largest gathering on Earth

Finally, tickets booked and gathered strength and am all set to visit the largest gathering of humans on earth. Precise Location: Allahabad, India. I hear numbers as high as 100 million will be there. At this moment, I am not sure how scientific is the method used to calculate or predict these numbers. But even with a margin (read huge) error of 50%, I am excited to be amongst the spectators of this huge gathering.

I really don’t know how it is to really be there – since this is my visit to a Kumbh Mela and have heard very few first hand experiences so far. I have been to crowded places before and they seem scary to me. I don’t like them one bit. But even the largest crowd I might have witnessed in my life may only be a percent (1%) of what I am about to witness. I really had to think through the possibilities of stampede, mass violence etc to finally gather the courage to “just do it”.

Originally, Kumbh Mela is a religious festival celebrated by Hindus. And followers of Hindu religion go for a dip in holy water to cleanse themselves of all the sins they have committed in this life. At least this is what I thought until, this festival got me interested in it and I tried to find out what it is. Though the act of dipping still remains to be the main activity people go there for, the essence of it seems to be very different.

More and more people are visiting Kumbh Mela, and have claimed it to be a life changing experience. People come to the river sides and stay in camps for the entire duration of the festival, which is roughly a month and a half. Its statistically proven, that even with so much of crowd, and the (mis)management typically associated with such huge crowds, these people return healthier. This has probably been taken a serious note of. This year, a team from Harvard Business School is studying the festival to understand ‘How on earth is an event of this size possible’. They also want to look at environment and tourism and health clinics and sanitation arrangements – that make it possible.

As an Indian, I sure am proud of the business practices followed by the collaborative PPP (Public Private Partnerships) model, probably much needed for any gathering of comparable to this scale. To me, PPP – Public departments (Govt bodies), Private (private agencies, service providers), People (Me, Thou and Thee). It takes real people to implement any good practice to be a success.

I am so looking forward to be part of the largest congregation of the human kind on this planet!! Will share more when I return!! Pictures and experience.

P.S: For those – who don’t know what Kumbh Mela is and want more details of its origin and auspiciousness as per the religion – feel free to Google it out. There is enough written there to know theoretically what it is. However, I will be writing what it is to me , once I comeback – from a Life Changing Experience.