> I'm shocked

India is currently run by a nationalist regime headed by the so called "butcher of Gujarat"[1], there isn't much that would shock me wrt to that lot's totalitarian tendencies.

[1] https://en.wikipedia.org/wiki/Public_image_of_Narendra_Modi

FYI two years ago, the Indian government shut down mobile service in the state of Punjab to catch one person:

https://news.ycombinator.com/item?id=35303486

> improved education and targeted campaigns against common security pitfalls

Good one. Do you see how dumb the average consumer is? They don't know or care even if you try to educate them.

Well, we are talking about a government that declared 95% currency in circulation as invalid to nullify “black money” and rationed out currency for months. Currently they are doing an electoral list validation by asking everyone to submit a form so they can keep their voting rights. The policies are made with a strong “ruler” attitude.

the fact that this is being done privately shows they know it's dirty and immoral.

The problem iscontrolling people at intimate thought level. Sure education is part of it. But state controlled device tracking everything they say, where they go and who they are exchanging with is also a tool to leverage on in that perspective.

I share your abhorrence but are you really shocked? "Think of the children", "Stop the terrorists," these have been the foundations for the erosion of personal liberty for the past thirty years.

> improved education and targeted campaigns against common security pitfalls

Which doesn't work. At all. A familiarity with the last 40 years of computing makes that clear.

The only things that have worked: ios/android walled gardens so users can't install spyware. yubikeys which can't be phished. etc.

> problem that is better solved by improved education and targeted campaigns against common security pitfalls

Will take decades if not more than a century to implement in India. Let alone old people, even the boomer generation is immensely tech illiterate.

> I abhor any decision that robs even a grain of my individual freedom.

Living in a society already means giving up more than a grain of personal freedom.

Try entering a store naked.

The real deal is the balance between loss and gain

You're assuming the problem the govt is referencing is their actual goal.

First they came for the etc, etc...

wow even a grain? you must really love your freedom

It's all happening really quickly, so I haven't been able to keep up. I know Starmer said that digital ID will be mandatory to work in the UK. Did he mention how that would be implemented? Is the UK going to issue and official device to everyone in country, or are the people supposed to pay for it? What about homeless, poor, and the provisional residents?

> And did each person who downloaded the app terminate 6 fraudulent connections?

That much is believable, if not on the low side. Spam there is intense.

Isn't one of the largest payment processors in the world made by the Indian Government?

Personally I wouldn't risk my personal digital privacy on the incompetence of the government. I'd assume the opposite.

> It will be a garbage app that most likely will not work, considering the historical incompetence of the Indian government's expertise in all things tech.

Wait until "they" outsource it (on the pretext of national security interests) to countries that have deep talent in cybersecurity (like the US/Israel/Russia/China).

Ex: https://www.fdd.org/analysis/2025/06/11/india-orders-new-fig...

This seems to be the app: https://www.sancharsaathi.gov.in/

Looks like it's quire popular/established already, with over 10 million downloads. Basically a "portal" for basic digital safety/hygiene related services.

Quoting Perplexity regarding what facilities the app offers:

1. Chakshu: Report suspicious calls, SMS, or WhatsApp for scams like impersonation, fake investments, or KYC frauds.

2. Block Lost/Stolen Phones: Trace and block devices across all telecom networks using IMEI; track if reactivated.

3. Check Connections in Your Name: View and disconnect unauthorized numbers linked to your ID.

4. Verify Device Genuineness: Confirm if a phone (new or used) is authentic before purchase.

It doesn’t matter what the app does today it can be made to do anything they want after the fact. Monitor speech, location, contacts, content, preserve evidence for prosecution, inspection your dinner choices or your sexual habits.

This is on the far end of the spectrum of bad.

https://sancharsaathi.gov.in

- Report fraud/scam calls and SMS directly from your phone.

- Block or track lost/stolen phones by disabling their IMEI so they can’t be misused.

- View all mobile numbers registered under your ID and report any unauthorized SIM cards.

- Verify if a phone is genuine with an IMEI/device authenticity check.

- Report telecom misuse, such as spoofed calls or suspicious international numbers.

The stated goal is protect users from digital fraud and safer telecom usage, who knows how good it’ll be. Probably a PITA.

https://sancharsaathi.gov.in/

Basically IMEI stamping because sim card purchase with ID has come to be viewed as flawed/compromised by NatSec types in India. Here's some additional context from a previous thread on HN [0]

[0] - https://news.ycombinator.com/item?id=40476498

------

Edit: Can't reply

Lots of old phones still exist, so a virtual/eSIM does nothing to give visibility into those devices.

Also, India wants to own the complete end-to-end supply chain for electronics like what China did in the early 2010s, so India has been subsidizing legacy, highly commodified electronic component manufacturing [0] - of which physical SIMs are a major component because they both help subsidize semiconductor packaging as well as IoT/Smart Card manufacturing. A mix of international [1][2] and domestic players [3] have been leveraging physical SIM manufacturing in India as a way to climb up the value chain.

On a separate note, this is why I keep harping about India constantly - I'm starting to see the same trends and strategies arising in Delhi like those we'd see the PRC use in the late 2000s and early 2010s, but no one listened to me about China back then because they all had their priors set to the 1990s.

No one took the PRC seriously until it was too late, and a similar thing could arise with India - we as the US cannot win in a world where 3 continental countries (Russia, China, India) are ambivalent to antagonistic against us. Even Indian policy papers and makers increasingly reference and even copying the Chinese model when thinking about policy or industrial development, and I've started seeing Indian LEO types starting to operate abroad in major ASEAN and African countries helping their vendors build NatSec capacity (cough cough Proforce - not the American one - and their Offensive Sec teams).

Ironically, I've found Chinese analysts to be much more realistic about India's capacity [4][5] unlike Western commentators - and China has taken action as a result [6][7][8]

[0] - https://ecms.meity.gov.in/

[1] - https://www.idemia.com/press-release/idemias-production-faci...

[2] - https://www.trasna.io/blog/trasna-eyes-asian-iot-growth-as-i...

[3] - https://seshaasai.com/products/esim-and-sim

[4] - https://finance.sina.cn/china/gjcj/2022-06-08/detail-imizmsc...

[5] - https://www.gingerriver.com/p/vietnam-or-india-which-one-wil...

[6] - https://www.bloomberg.com/news/articles/2025-07-02/foxconn-p...

[7] - https://www.reuters.com/world/china/india-taking-steps-mitig...

[8] - https://www.reuters.com/world/china/china-files-wto-complain...

Do they actually have a choice? Usually with laws and orders from the government, you can't do much than either go with the flow, try to lobby against it afterwards, or straight up refuse and leave the market. Considering Apple's ties to India, I feel like Apple is unlikely to leave, so that really only leaves Apple with the first; comply and complain.

As concerning as it is, this is just another addition to the pile of malware that a modern smartphone is. Everyone including SoC manufacturer, RF baseband manufacturer, OEM, OS developer, browser developer and app developers add their own opaque blobs, hidden executable rings, lockdown measures, attestation layers, telemetry, trojan apps, hidden permissions and more.

We lost the game when we allowed these players to impose limits on us in the way we can use the device that we bought with our hard earned money. Even modifying the root image of these OSes is treated like some sort of criminal activity. And there are enough people around ready to gaslight us with the stories about grandma's security, RF regulations, etc. Yet, its the extensive custom mods like Lineage OS that offer any form of security. Their extensive lockdown only leads to higher usage costs and a mountain of malware.

We really need to demand control over our own devices. We should fight to outlaw any restrictions on the ways we can use our own devices. We should strongly condemn and shame the people who try to gaslight us for their greed and duplicity.

You shouldn't be: https://news.ycombinator.com/item?id=26644216

> I will be suprised if companies like apple comply though

They will.

All tech companies already comply with India's IT Act. And India now manufactures 44% of all iPhones sold in the US [0] while dangling the stick of a $38B anti-trust fine [6] but also the carrot of implementing China-style labor laws [10] that Apple lobbied for [11], so Apple doesn't have much of a choice because both China and Vietnam (the primary competitors for this segment of manufacturing) have similar regulations while not shielding them from Chinese competitors. Samsung is in the same boat at 25% of their manufacturing globally being done in India in CY24 [1] while is also trying to further entrench itself [2][8][9] due to existential competition from Chinese vendors [3][7].

Heck, Apple complied with similar regulations in Russia [7] before the Ukraine War despite being a smaller market than India with no Apple manufacturing, engineering, or capex presence.

All large companies who face existential threats from Chinese competitors have no choice but to entrench in India as it's the only large market with barriers against direct Chinese competition - ASEAN has an expansive FTA with China which has lead both South Korea, Japan, and Taiwan to lose their staying power in countries like Vietnam, Indonesia, and Thailand where Chinese competitors are being given the red carpet, and Brazil is in the process of one as well.

And the Indian government is taking full advantage of this to get large companies to bend to Indian laws, as can be seen with the damocles sword of tax enforcement on Volkswagen [4] while negotiating an FTA with the EU and a potential $38B anti-trust fine against Apple [5] while negotiating a BTA with the US. It's the same playbook China used when it was in India's current position in the late 2000s and early 2010s.

Finally, India was in a de facto war earlier this year against Pakistan (Chinese manufactured missiles landed near my ancestral home along with plenty of Turkish and Chinese drones) along with a suicide bombing in India's Tiannamen Square (the Red Fort) a couple weeks ago [12], so anything national security has a bit more credence and leeway.

[0] - https://scw-mag.com/news/apples-supply-shift-to-india-speeds...

[1] - https://www.techinasia.com/news/samsung-to-broaden-manufactu...

[2] - https://www.chosun.com/english/industry-en/2025/11/25/SLEYWT...

[3] - https://www.digitimes.com/news/a20251118VL205/2030-samsung-s...

[4] - https://www.ft.com/content/6ec91d4a-2f37-4a01-9132-6c7ae5b06...

[5] - https://www.reuters.com/sustainability/boards-policy-regulat...

[6] - https://www.macrumors.com/2021/03/16/apple-to-offer-governme...

[7] - https://www.businesskorea.co.kr/news/articleView.html?idxno=...

[8] - https://www.digitimes.com/news/a20250903PD208/samsung-india-...

[9] - https://www.digitimes.com/news/a20241212PR200/samsung-india-...

[10] - https://www.bloomberg.com/news/articles/2025-11-21/india-imp...

[11] - https://www.bloomberg.com/news/articles/2023-03-21/apple-see...

[12] - https://abcnews.go.com/International/wireStory/india-intensi...

Why wouldn't they? If Apple doesn't comply, the Indian government could force them to withdraw from the market or otherwise make their lives difficult. I can't see Apple or their shareholders caring about privacy enough to abandon such a large market.

They are doing this for US from the beginning so it is only matter of time or carefully applied pressure. This is only a PR.

have you seen what Tim Apple has been up to lately with his own government?

Mostly the fact that GrapheneOS only works on Google Pixel hardware currently and vendor unlock status. It's the only available phone hardware that provides full bootloader unlock capabilities AND suitable security protections baked into the secure enclave and boot process, including things like rate limiting in hardware like password cracking attempts via external brute-force input means, lockdown of usb ports until boot unlocked with a pin, etc. Their website spells out all the reasons.

Other phone makers could if they wanted to do the same, but do not as an active choice, or at least somebody's choice above them.

Custom ROMs fail device integrity, which means you cannot use banking, financial, government, payments and telcom apps, not to mention all the games that refuse to work.

... secure boot?

I don't understand "just load GrapheneOS" sentiments. It only runs on extremely specific flagship devices with explicit features that allow it that are out of financial and technical reach for >99.9% of population of Earth and it still fully relies on AOSP. It's an escape hatch for mice. Or is it really not that way?

It will be used as evidence that the person who has GrapheneOS on their phone is attempting to break the law. Telegram and Signal chats are often used as circumstantial evidence of malfeasance in Indian national security cases, so the jump to using GrapheneOS as evidence of malfesance is tiny.

Apple's geotargetting was at least in the past tied to where device was sold. Example is FaceTime in UAE: phones sold there will never have working FaceTime anywhere but if you bring your American phone in, it seems to work.

But easy enough to tie it to iCloud region - you have to set your device and iCloud to Indian region to be able to use many of their region specific payment methods (ie UPI)

I didn't find any context for your claim so here is some reddit comment:

So it’s true 3,300 people were arrested for posts online. What they don’t tell you are the statistics or context. The actual law for these arrests covers EVERYTHING online. These arrests include those arrested for terrorism (if the planning/act of terror includes any online communication in the UK), threats of violence, racist abuse, hate speech and unwanted communication (including sending unsolicited sexual photos to strangers). It also includes spreading false information that could cause harm or affect an ingoing investigation.

If you look at convictions, only 137 people were actually sentenced in 2024.

https://www.reddit.com/r/DebunkThis/comments/1mmux6r/comment...

UK has been self destructing for a looong time now. While things aren't great globally for free speech and privacy, I don't think pointing to UK as an example for anything makes sense. They have been on their path for many decades.

The price of freedom will only go up. People can’t help but wait to buy at the last minute when it costs an arm and a leg.

Do you have a source for the Brits being arrested?

the lowest resistance solution to e.g. cheating at school using ChatGPT will be spyware on kids' devices.

while nobody should be arrested for speech online, here on hacker news, people are downvoted for saying something unpopular (as opposed to whatever, i don't even know what the criteria is, but maybe it should be "toxic") all the time. you are preaching to the wrong audience, not the choir.

I've seen what's said online these days. Open racism and bigotry. This has always been the case but now it's done without shame by prominent people and influencers using their real account. Twitter is as bad as Stormfront these days.

We absolutely need to police hate speech.

> There has to be a line.

There is no line at all these days, with open hatred displayed. Fascism is on the rise across the world off the back of the hatred that's produced on social media.

> Every day 33 brits are arrested for what they say online.

They must be giving them tea and crumpets before releasing them to generate more hate online because it clearly isn't working.

Is it your view that no-one should ever be arrested for anything they say, in any context?

> There has to be a line.

Where do you draw the line?

Gonna agree with you, even Singapore has announced several policy changes the past few weeks to deal with all the fraud - more severe punishment and forcing apple to change how iMessage spam with .gov.sg domains is handled.

I don't think this new app will resolve India's fraud issues unfortunately, there probably needs to be more policy changes at banks/fincos. As much as India obsesses with KYC processes, it doesn't seem to be working/enough. I don't see this new app being required as something totalitarian, it would be much easier for the gov to ask for that type of stuff to be tacked on to UPI apps anyways.

> I will point out that India have the highest number of victims of cyber-fraud

Combined with worst enforcement and investigation efforts to tackle this issue. The default resolution on a cyber crime report is : Fraudster's account is blocked and they are given a choice to plead forgiveness from the accuser. They often return the money in lieu of the complaint being rescinded. Then fraudster is free to con others. Fraudsters know this is a numbers game that is why they hit every morsel they can get a bite.

Worse yet people use the cyber crime provision to take revenge. People can file frivolous cases without proof and ge others account locked. Banks will treat you with disdain and police will tell you to settle privately too.

What about investigations you ask? Very few cases reach that level. Local police file the FIR and they don't even know what is "cyber" in cyber crime. Fraudsters can continue playing the numbers game.

So, yes it is easy to talk about victims when the policies are lacking. And then this high number of victims can be used as a crutch to push insecure apps on everyone's phones. The worst part of it? They will get data and still remain clueless and inept in solving the high number of cyber crimes.

Yeah this is the wrong audience for this argument, but it has merit. An app like this can be both a massive government power grab and useful to protect many, many people who are vulnerable to fraud.

The number of my relatives that will just believe whatever someone tells them on the phone is terrifying.

And you trust the government to only use it for good purposes? and not to track people who may be protesting or belong to opposing political/religious/cultural views? We know based on historical pegasus complaints that this trust has to be earned and can't be given.

There are lots of ways to solve for this, mandating that these companies own the identification process through their systems, report misuse, govern apps. Why taken on the ownership of a process that is better handled outside of government while the government holds them to account via huge fines and timelines but giving these large companies ownership of protection from scams or stolen phones etc...? win win and I think these large companies are due spending extra money to protect their users anyway.

> I will point out that India have the highest number of victims of cyber-fraud

Based on what?

> Another huge issue is unregulated loan apps

You don't need to root everyone's phones to regulate financial crime.

> Then there are obvious security issues with terrorism and organized crime

India is building a centralised backdoor into every phone in the country. That's a massive national security risk.

Actually it’s Cambodia now.

If their goal was to increase the security for their citizens, you would have a point

Nothing in this app stops scammers, scammers use land lines/voip to make calls.

The clipper chip was brought to us by the country that proclaims to spread democracy across the world. Democracies can be authoritarian if you scare the public enough.

Democrats in the US touting „combating hate speech” would love to do the same here

> very deep interests in things i was completely unaware that they existed ... say goodbye to the cognitive ability of a large chunk of future generations

I would think very deep interests in niche or obscure topics is correlated with increased cognitive ability, not a decrease.

The children now love luxury; they have bad manners, contempt for authority; they show disrespect for elders and love chatter in place of exercise. Children are now tyrants, not the servants of their households. They no longer rise when elders enter the room. They contradict their parents, chatter before company, gobble up dainties at the table, cross their legs, and tyrannize their teachers.

Got some example words or phrases? When I hear stuff like this I'm curious how much is just your standard "out of touch adult" stuff and how much is genuinely bizarre niche rabbitholes.

> about 40% are deep in discord communities where i literally cannot figure out a single sentence of what they're talking about.

I feel like the same could be said of an at the time adult looking at my IRC or MSN Messenger logs from when I was a teen.

> very deep interests in things i was completely unaware that they existed

as one of said students, I would just call these hobbies!

Is this an "old man yells at cloud" impersonation?

Yeah, internet is a dead star in so many ways this days. Repetitive, addictive and a private data sucker. I'm already starting to buy programming books and offline content preparing for a radical semi-disconnection.

All good goals - but this can be done by the government forcing the private companies (Apple/Goog/Samsung) to build tools, reporting, support services around helping with both Scamming applications or Stolen phones etc....

This will keep the data out of governments hands, while pushing the cost burden to these companies and they would be better equipped to build around these goals than the government themselves.

We all know the govt doesn't have a great track record with using Pegasus etc... Giving away control to apps that can decide your phone is stolen and lock it opens the door to any possibility including a totalitarian regime. It would be naive to believe that even if this is done with good intentions, such control could be easily mis used by opposition parties, one malicious individual etc...

Get GrapheneOS. The installation is painless and the OS surperior. No mainstream phone OS is viable in the privacy and security nightmare of today.

https://grapheneos.org/

I am not defending it's use but a secret program is a targeted program, you can't use it in sweeping arrests without parallel construction. Whereas with an openly existing program you can point out that someone has been talking to their friend about how to get abortion medication and arrest them.

The real issue with 100% enforcement of law is it requires a society with differing values to not just agree on which laws exist but what just punishment is. Without leeway for differing social judgement or bifurcation.