Saturday, December 31, 2022

Happy New Year 2023!

Happy New Year 2023!


Happy new year and wishing everyone a prosperous new year! 

2022 has been a memorable year at ALight Technology And Services Limited. Some of the mentionable things that happened were launching of PodDB - A free podcast search engine and directory. There have been several blog posts on technology related topics. The founder & CEO Mr. Kanti Kalyan Arumilli (Facebook, LinkedIn) has had some personal success as in doing 3 certifications - TOGAF Foundational, TOGAF Advanced and AWS Certified Architect Associate.

The sad part the full potential has not been achieved because of at least 20 rogue R&AW spies/hackers who have nothing useful to do with their pathetic life. They are criminals and corrupted to the core. Loan defaulters, economic offenders, human rights violators, dacoits who have become a plague on the society. It's a shame that India's R&AW has recruited and gave them a very powerful equipment capable of mind reading, viewing, recording audio and video, whispering (speakers).

They want to claim my identity and in the process have even harassed my parents and me. And then for identity distortion they have made false rumors and propaganada.

After realizing the capability of their equipment, I have taken security at ALight Technology And Services Limited very seriously.

The current roadmap for 2023:

Q1 - Improve logging, monitoring and alerting capability and security.

Q2 - Implement complete security moniotring as prescribed in NIST Cyber Security Framework and COBIT.

Q3 - Launch the beta of a commercial / freemium product.

Q4 - Launch the product in production mode.


If possible, some of these might happen a little bit earlier. Expect much more technology related articles and hands on articles related to various activities in I.T - Architecture, Security, Development, Systems Administration, DevOps, Database Administration. As a one man company, there is a lot of things to do and a lot of things to learn. I would like to coin the term "full-stack end 2 end I.T developer".


NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra / yerra sowmya, erra / yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.

Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A

Facebook

LinkedIn

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

Happy New Year 2023!

Friday, December 30, 2022

Live C# development session - 2 on January 2nd at 09:20 a.m India Time

Live C# development session - 2 on January 2nd at 09:20 a.m India Time 


Another 20 - 30 minute live video while developing the free, open source tool.





NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra / yerra sowmya, erra / yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.

Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A

Facebook

LinkedIn

Founder & CEO, Lead Full-Stack .Net developer

ALight Technology And Services Limited

+91-789-362-6688, +1-480-347-6849, +44-07718-273-964

Live C# development session - 2 on January 2nd at 09:20 a.m India Time

Live C# development session - 1

Live C# development session - 1


As mentioned in previous blog posts - An approach for securing some sensitive content and The need for serious security I.T, current state of a sophisticated spies / hackers equipment, I am planning to do few live coding sessions over the next few days. Once the code is complete, the code would be available for anyone via Github. Any C# beginner interested in Cryptography, System.Diagnostics.Process are welcome to ask questions.





Live C# development session - 1

Monday, December 26, 2022

Business activities would continue normal

Business activities would continue normal


I have mentioned in a previous blog post - https://blog.alightservices.com/2022/12/partial-activities-being-resumed.html partial activities are being resumed. Now I am announcing business activities are resuming into normal state. However, security, monitoring, alerting are the primary focus. As of now I don't have any customers nor any customer data. SimplePass does not store any customer specific information, all the data is stored on consumers device. PodDB has podcast meta data indexed but no customer data. Normal business activities would continue, but customers and or customer data related products / features would be implemented only after implementing state of the art monitoring and alerting - kind of a very big goal for a small one person start-up but I am ambitious. I would be sharing information about new products / product features or even some security monitoring related tips via blog posts.


Business activities would continue normal

Partial activities being resumed

Partial activities being resumed


ALight Technology And Services Limited's founder and CEO Mr. Kanti Kalyan Arumilli (Facebook, LinkedIn) has been the target of anonymous hackers, R&AW (Research And Analysis Wing - India's (my own country) spying organization for over the past 6 years. They did illegal immigration by identity theft, submitted falsified documents for illegal immigration and probably few million USD money laundering (the source of money might be hackers ransom or any other dubious sources). They say "all" / "process" as in anonymous usage of money in smaller bank accounts on other people's names and e-commerce transactions on virtual identities and possibly other people's address. There is a very serious pattern and definitely the tactics of either spies (espionage) / anonymous hackers / mafia / terrorists (terrorist funding, anonymizing). This should be a very serious concern for law enforcement and intelligence.

In the past 6 years, I have learned to secure some of my accounts, yet have been hacked few times. As a I.T company founder, I do realize the importance of security, data and integrity. I know they have invisible drone capable of spying i.e viewing, recording audio and video, screenshotting, whispering and even mind reading. There is a very very high probability of espionage, corporate espionage, intellectual property theft.

I have been the target of them for over 6 years. I have spent sleepless nights for the past 6 years because of their whispering and even trying to send sub-conscious messages during deep sleep stages by whispering. Somehow, my brain has evolved into disagreeing and rejecting negativity. I have put my cell phone's audio recorder on, beside me during sleep and did find audio whisperings. There were several CCTV camera recordings of the people speaking from the invisible drone. In december of 2021, when I reported this to the police in London, they thought I had hallucinations and sectioned me under mental health act, but in reality, I was not hallucinating and I was let go after an independent panel of doctor's review. Here is the question, if I hear voices - hallucination. If my camera records voices is my camera hallucinating?

Anyway the point is India's R&AW spies have went to extreme measures to cover-up some money laundering, illegal immigration, Green card scam.

I am very serious about the security at ALight Technology And Services Limited and I am increasing the monitoring and alerting systems. Product development has been paused.


Partial activities being resumed

Tuesday, December 20, 2022

Cancelling all activities at ALight Technology And Services Limited

Cancelling all activities at ALight Technology And Services Limited


Al activities at ALight Technology And Services Limited are being cancelled until further notice. The company would NOT be shut down.

The reason - terrorist identity thieves. Yes, R&AW spies by the names of Uttam, Diwakar / Kamalakar / Karan / Kareem, some spy female's who claim to be either my wife or as though having affairs or some of them claim to have a first name of Kanti, Thota Veera, Thota Bandhavi, Zinnabathuni Sowjanya are the culprits. They have violated human rights, privacy. They have tried hard to distort my identity to cover up more than $1,000,000 money laundering, illegal immigration, green card scam. I have filed several police complaints in United States, United Kingdom and India. I realized, if I need to make progress, I need to step back, get them arrested, until then I can make progress. They have spied, shadowed, harassed, framed and defamed. They have terrorized an entire city i.e people are afraid to do anything against them because of their spying equipment capabilities - speaker (whispering), video recorder, photos, microphone, even mind reading capabilities, projections into mind of a hidden drone. Irrespective of how many certifications or how much career focussed I am, they are a gang of over 20 people. They must get arrested. Now I am the victim, tomorrow someone else, day after tomorrow everyone would be the victims. The rogue R&AW spies have become Mafia'ish / selfish / traitors. They think they are above the law. In reality, they can be and should be arrested, no one is above the law. 


Cancelling all activities at ALight Technology And Services Limited

Sunday, December 18, 2022

Anouncing Enterprise Search Services offering

Anouncing Enterprise Search Services offering


ALight Technology And Services Limited offers custom web/mobile/cloud develoment on .Net platform. Now, ALight Technology And Services Limited can help you with enterprise search. Do you have a large website or content that need to be indexed and needs to be searchable? For example, webpages, documents such as word / pdf? Do you want real search engine capabilities such as suggestions, highlights, similar term search capabilities, specific search capabilities such as specifying AND / OR? Do you capability to facet the search results? If yes, please contact ALight Technology And Services Limited using Contact or by sending an email to admin@alightservices.com. I can help setting up, planning for the data, architecting your data ingestion and consumption applications, even develop custom applications on your behalf in .Net. Moreover, your servers can be hosted in either your own cloud or ALight Technology And Services Limited can host on your behalf.


More details can be found at: Enterprise Search Services


NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO


Anouncing Enterprise Search Services offering

Friday, December 16, 2022

Cancelled - XMLSitemapGenerator OpenSource Library Live Coding on December 21st at 04:15 a.m GMT

Cancelled - XMLSitemapGenerator OpenSource Library Live Coding on December 21st at 04:15 a.m GMT







NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO


Wednesday, December 14, 2022

LightMonitor Initiation - Recorded Video

LightMonitor Initiation - Recorded Video


As mentioned in a previous blog post - LightMonitor Initiation - Live Streaming, I went live at noon on 15/12/2022. This video is about what LightMonitor is about, what is the current landscape of the market, what is the opportunity, some of the ways my product would be different. Some advanced hacking equipment being used by spies / hackers and how to minimize the threat, some secure development practices, some of my favorite software etc...  




NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



LightMonitor Initiation - Recorded Video

Monday, December 12, 2022

NIST Cyber Security Framework Part - 1

NIST Cyber Security Framework Part - 1


Cross post - https://kantikalyan.medium.com/nist-cyber-security-framework-part-1-b9bd659ab094


As mentioned in a previous blog post - Moved to India and Cyber Security, I have started studying the Cybersecurity Risk Management Framework Specialization on Coursera. This specialization has 3 courses:

1) NIST CSF - 4 Hours

2) NIST DoD RMF - 4 Hours

3) NIST 800-171 - 6 Hours


I am I.T business owner, I have worked as lead full stack .Net web developer in the past and have aspirations of software architect. Security awareness and expertise is very helpful in my journey towards software architect or even software security architect (fighting the bad guys - hackers). And in general cyber security awareness is a good thing, so I thought I would briefly summarize what I have learnt, this is in a certain way Tier-4 of NIST Cyber Security Framework i.e actively communicating with stake holders (here I am communicating with general public), proactively learning and benefitting the community (raising cyber security awareness for the general public can be considered as benefitting the community). I would say ALight Technology And Services Limited is at Tier-2 and transitioning towards Tier-3, by the end of Q3 2023, ALight Technology And Services Limited would be at Tier-4. I know I am very ambitious, I have been like that since childhood. One ambitious man's company - ALight Technology And Services Limited.


This is a series of blog posts, when I post more blog articles in this series, I would be updating the links in this blog.


"Cybersecurity" is defined as: 

- the protection of information assets by addressing threats to information processed, stored and transported by inter-networked information systems 

- measures taken to protect the integrity of networks, programs and data against "unauthorized" access, damage or attack 

- the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this 


Computer security entails: 

- Cybersecurity 

- Physical security 




Cybersecurity vs. information security 

- Information security deals with information 

○ Paper documents 

○ Digital and intellectual property 

○ Verbal or visual files 

○ Communications (regardless of media) 


- Cybersecurity is concerned with protecting the confidentiality, integrity and availability of digital assets 

○ Networks, hardware or software 

○ Information that is processed, stored or transported by networked information systems 



Cybersecurity consists of the triad known as CIA - Confidentiality, Integrity, Availability

Confidentiality: Different information requires different levels of confidentiality. Personal, financial, and medical information requires higher confidentiality.

Integrity: Integrity is about preventing unauthorized modifications / deletion. Preventing authorized subjects from making unauthorized modifications.

Availability: The assurance that authorized subjects can interact with resources.


Terms & Concepts:

Confidentiality: Prevention of unintentional disclosure 

Integrity: Preventing unauthorized modification 

Availability: Accessible to authorized users 

Auditability: Ability to track and reconstruct events from logs 

Identification: Verification of authorized person or process 

Authentication: Proof Of identification 

Authorization: What can you do 

Nonrepudiation: Cannot deny 

Layered security: Defense in depth 

Access control: Limiting access to authorized users or processes 

Security metrics, monitoring: Measuring security activities 

Governance: Providing control and direction 

Strategy: Method of achieving objectives 

Architecture: Used to define the information security strategy. Some examples are:

- Zachman 

- TOGAF (The Open Group Architecture Framework) 

- DODAF (U.S. Department Of Defense architecture framework) 

- MODAF (The British Ministry Of Defense Architecture Framework) 

- SABSA (Sherwood Applied Business Security Architecture)

Management: Overseeing activities 

Risk: The likelihood that a threat source will exploit one or more vulnerabilities 

             - Acceptable level of risk (aka risk appetite) 

Exposure: Being susceptible to asset loss because of a threat exploiting a vulnerability or 

flaw 

Vulnerabilities: NIST Special Publication 800-30 defines vulnerability as "an inherent weakness 

in an information system, security procedures, internal controls, or implementation that could 

be exploited by a threat source." 

Threats: A threat is any person, event or environmental factor that could affect or harm a protected asset.

Residual risk: The risk remaining after controls are put in place 

Impact: The results and consequences of a risk materializing 

Criticality: The higher the value, the more protection it needs. 

Sensitivity: Based on the classification and categorization  

Business impact analysis (BIA): Evaluating the results and consequences of compromise 

Business dependency analysis: An analysis of business resource dependencies, like a supply 

chain review 

Gap analysis: The difference between "what is" and the stated objective 

Controls: Actions to mitigate or reduce risk 

Countermeasures: Actions or process (controls) used to reduce vulnerabilities 

Policies: Management's interpretation of requirements 

Standards: Supports a policy by setting the boundaries 

Attacks: Types of compromises 

Data classification: Determining the sensitivity and criticality of information 


Technologies used in cyber security:

- Firewalls 

- User account administration 

- Intrusion detection and intrusion prevention 

- Antivirus 

- Public key infrastructure (PKI) 

- Secure Sockets Layer (SSL) 

- Single sign-on (SSO) 

- Biometrics 

- Encryption 

- Privacy compliance 

- Remote access 

- Digital signature 

- Electronic data Interchange (EDI) and electronic funds transfer (EFT) 

- Virtual private networks (VPNs) 

- Forensics 

- Monitoring technologies



Key CSF (Cyber Security Framework) attributes

It's a framework, NOT a prescriptive standard! 

- Provides a common language and systematic methodology for managing cyber-risk 

- Is meant to be adapted 

- Does not tell an organization how much cyber-risk is tolerable 

- Enable best practices 

- It's voluntary, except for federal agencies (it's mandatory for them) 

- It's a living document 

- It is intended to be updated as technology and risks change  



The Framework consists of 3 main components:

      - The framework core

      - The framework implementation tiers

      - The framework profiles



The framework consists of 5 functions, 23 categories and 98 sub categories.


Functions (IPDRR):

1) Identify - Develop an organizational understanding to manage cybersecurity risk to

systems, people, assets, data, and capabilities.

2) Protect - Develop and implement appropriate safeguards to ensure delivery of critical

services.

3) Detect - Develop and implement appropriate activities to identify the occurrence of a

cybersecurity event.

4) Respond - Develop and implement appropriate activities to take action regarding a

detected cybersecurity incident

5) Recover - Develop and implement appropriate activities to maintain plans for resilience

and to restore any capabilities or services that were impaired due to a cybersecurity

incident.



Framework Implementation Tiers:
Framework implementation tiers are divided into 4 tiers. Companies adopting Cyber security framework would progress from Tier 1 to Tier 4.


Tier 1: Partial
Risk Management Process – Organizational cybersecurity risk management practices are
not formalized, and risk is managed in an ad hoc and sometimes reactive manner.
Prioritization of cybersecurity activities may not be directly informed by organizational
risk objectives, the threat environment, or business/mission requirements.
Integrated Risk Management Program – There is limited awareness of cybersecurity risk
at the organizational level. The organization implements cybersecurity risk management
on an irregular, case-by-case basis due to varied experience or information gained from
outside sources. The organization may not have processes that enable cybersecurity
information to be shared within the organization.
External Participation – The organization does not understand its role in the larger
ecosystem with respect to either its dependencies or dependents. The organization does
not collaborate with or receive information (e.g., threat intelligence, best practices,
technologies) from other entities (e.g., buyers, suppliers, dependencies, dependents,
ISAOs, researchers, governments), nor does it share information. The organization is
generally unaware of the cyber supply chain risks of the products and services it provides
and that it uses.

Tier 2: Risk Informed
Risk Management Process – Risk management practices are approved by management
but may not be established as organizational-wide policy. Prioritization of cybersecurity
activities and protection needs is directly informed by organizational risk objectives, the
threat environment, or business/mission requirements.
Integrated Risk Management Program – There is an awareness of cybersecurity risk at
the organizational level, but an organization-wide approach to managing cybersecurity
risk has not been established. Cybersecurity information is shared within the organization
on an informal basis. Consideration of cybersecurity in organizational objectives and
programs may occur at some but not all levels of the organization. Cyber risk assessment
of organizational and external assets occurs, but is not typically repeatable or reoccurring.
External Participation – Generally, the organization understands its role in the larger
ecosystem with respect to either its own dependencies or dependents, but not both. The
organization collaborates with and receives some information from other entities and
generates some of its own information, but may not share information with others.
Additionally, the organization is aware of the cyber supply chain risks associated with
the products and services it provides and uses, but does not act consistently or formally
upon those risks. 

Tier 3: Repeatable
Risk Management Process – The organization’s risk management practices are formally
approved and expressed as policy. Organizational cybersecurity practices are regularly
updated based on the application of risk management processes to changes in
business/mission requirements and a changing threat and technology landscape.
Integrated Risk Management Program – There is an organization-wide approach to
manage cybersecurity risk. Risk-informed policies, processes, and procedures are
defined, implemented as intended, and reviewed. Consistent methods are in place to
respond effectively to changes in risk. Personnel possess the knowledge and skills to
perform their appointed roles and responsibilities. The organization consistently and
accurately monitors cybersecurity risk of organizational assets. Senior cybersecurity and
non-cybersecurity executives communicate regularly regarding cybersecurity risk.
Senior executives ensure consideration of cybersecurity through all lines of operation in
the organization.
External Participation - The organization understands its role, dependencies, and
dependents in the larger ecosystem and may contribute to the community’s broader
understanding of risks. It collaborates with and receives information from other entities
regularly that complements internally generated information, and shares information
with other entities. The organization is aware of the cyber supply chain risks associated
with the products and services it provides and that it uses. Additionally, it usually acts
formally upon those risks, including mechanisms such as written agreements to
communicate baseline requirements, governance structures (e.g., risk councils), and
policy implementation and monitoring.

Tier 4: Adaptive
Risk Management Process – The organization adapts its cybersecurity practices based on
previous and current cybersecurity activities, including lessons learned and predictive
indicators. Through a process of continuous improvement incorporating advanced
cybersecurity technologies and practices, the organization actively adapts to a changing
threat and technology landscape and responds in a timely and effective manner to
evolving, sophisticated threats.
Integrated Risk Management Program – There is an organization-wide approach to
managing cybersecurity risk that uses risk-informed policies, processes, and procedures
to address potential cybersecurity events. The relationship between cybersecurity risk and
organizational objectives is clearly understood and considered when making decisions.
Senior executives monitor cybersecurity risk in the same context as financial risk and
other organizational risks. The organizational budget is based on an understanding of the
current and predicted risk environment and risk tolerance. Business units implement
executive vision and analyze system-level risks in the context of the organizational risk
tolerances. Cybersecurity risk management is part of the organizational culture and
evolves from an awareness of previous activities and continuous awareness of activities
on their systems and networks. The organization can quickly and efficiently account for
changes to business/mission objectives in how risk is approached and communicated.
External Participation - The organization understands its role, dependencies, and
dependents in the larger ecosystem and contributes to the community’s broader
understanding of risks. It receives, generates, and reviews prioritized information that
informs continuous analysis of its risks as the threat and technology landscapes evolve.
The organization shares that information internally and externally with other
collaborators. The organization uses real-time or near real-time information to understand
and consistently act upon cyber supply chain risks associated with the products and
services it provides and that it uses. Additionally, it communicates proactively, using
formal (e.g. agreements) and informal mechanisms to develop and maintain strong supply
chain relationships.


NIST Cyber Security Framework Part - 1

Sunday, December 11, 2022

LightMonitor Initiation - Live Streaming

LightMonitor Initiation - Live Streaming


As anounced previously in Youtube and ALight Technology And Service Limited's official blog, the new Freemium product LightMonitor would be developed. This is a 30 minute live broadcast on the .Net project initiation i.e setting up the new project. This would be more about some architectural best practices not coding. The live streaming would be on December 15th at noon India Standard Time.




NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



LightMonitor Initiation - Live Streaming

Friday, December 9, 2022

Moved to India and Cyber Security

 Moved to India and Cyber Security


As mentioned in earlier blog posts, I did move back to India. I have updated my current address on my company - ALight Technology And Service Limited's official website. My current address: SF-3, Vinay Residency, Visalakshi Nagar, Visakhapatnam, India 530043.

I know I am the target of R&AW hackers, spies, shadows, identity thieves - uttam, thota's, thota veera, zinnabathuni sowjanya, erra's, erra diwakar / karan, erra sowjanya / sowmya, erra kanta / kantha / kantham, few deifferent identity thief female's who claim my first name - Kanti, bojja srinivas and whoever is an "is" (male / female who either lives in United Kingdom or India and somehow tries to associate with my family - Arumilli) - all of them are rogue R&AW spies with rotten (kullubothu) mindset. For all practical purposes they have violated human rights and should be considered as terrorists. They are freeloaders and trying to steal other people's hardwork, I would call them scumbags and pests of our planet.

These people tried to distort my identity by 1) shadowing me, signing randomly on unnecessary receipts (trash picker mindset) 2) foregering my signature

One of them - Either the erra's or uttam or thota veera or bojja srinivas did signature forgery. How can their signature be different from the signature on their passport? My name - Kanti Kalyan Arumilli, and my signature, same signature on my current passport, 2 expired passports, PAN card in India, student BRP card of United Kingdom, Tempe Police Department paperwork from 2014 when I had a DUI in Tempe, AZ when I was in AZ, USA on a valid H1B visa.





As promised, I am improving the security of ALight Technology And Services Limited. The first steap being implementing NIST Cyber Security Framework. Many thanks to Coursera, for offering free courses on NIST framework. For anyone interested here is the link for the specialization: 

Cybersecurity Risk Management Framework Specialization. This specialization has 3 courses:

1) NIST CSF - 4 Hours

2) NIST DoD RMF - 4 Hours

3) NIST 800-171 - 6 Hours

Signed up on coursera using my personal email address - kantikalyan@gmail.com


The next step after implementing NIST Cyber Security Framework is doing AWS Certified Security - Specialty

I cannot say exactly when but I am planning to complete the following certifications in 2023:

1) AWS Certified Database - Specialty (Q4 2022 or early Q1 2023, I took up a challenge with AWS from my company email address - admin@alightservices.com)

2) AWS Certified Developer - Associate (Q1 2023 or early Q2 2023)

3) AWS Certified Security - Specialty (Hopefully late Q1 2023 or Q2 2023)

4) AWS Certified Solutions Architect - Professional (Q2 2023 or Q3 2023)


Currently I hold AWS Certified Solutions Architect - Associate, (certification associated with my personal email address - kantikalyan@outlook.com, even my other certifications) along with few other certifications. The list can be found on my LinkedIn profile and my resume.



With the above measures in place, I cannot protect myself from I.P theft because of the spytards, but I can definitely protect consumer data and I do have several bio-metric protections in-place. That's why the spytards do screenshots but can't directly access my AWS infrastructure.

NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO


Moved to India and Cyber Security

Wednesday, December 7, 2022

gRPC in .Net using C# and Git repository

gRPC in .Net using C# and Git repository


I streamed almost 50  -52 minute long live coding session on gRPC in .Net using C#. The code is available at: https://github.com/ALightTechnologyAndServicesLimited/gRPC-.Net-C--Demo

The video can be viewed:



This is the first time, I did almost an hour of live coding sessions. In the video, you can hear some of the spy / terrorists voices misusing the invisible drone for spying, identity theft, harassment, privacy invasion, human rights violation.


Stay tuned for more content, can't promise the frequency, but definitely more.


NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



gRPC in .Net using C# and Git repository

Tuesday, December 6, 2022

Bye London!

Bye London!


This is a bye blog post. I have lot of memories in London over the past 26 months. I would go over the good things, then the bad things and then a little bit of enlightenment. I am moving back to India on december 8th. Although, I have valid visa until 7/1/2024, I might not come to London anytime soon. Even if I come to London, it would be for a brief period. But I definitely do London under normal circumstances, one of the best cities where I have lived if situation was normal. 


Good things:

1) Thank you Hult International Business School. I came to London for studying MBA and I did graduate (although not with flying colors).

2) Multiple thank you's for UKVI

      a) My student visa to United States from Hyderabad, India has been rejected in 2020, then I switched Hult campus from Boston to London and then my super high priority visa (available in New Delhi not in Hyderabad) has been approved by the United Kingdom.

     b) Thanks for approving my Graduate Route Visa in January of 2022. There was some error and the approval got delayed. Then I was asked to re-apply, I re-applied and within few days, my Graduate Route Visa got approved.

3) Thank you Companies House, United Kingdom

     In India, I tried registering a company in 2020 but lot of bad things happened, more details in the Bad things section. Here in United Kingdom, registration details are proper. Here is the link.


Bad things:

1) R&AW spies along with some Londoners were part of a multi-national money laundering, identity theft, signature manipulation, signature forgery scam under the name of "order" / "hukam" / "all".

2) When I tried to register a company in India in 2020, they tried to manipulate details. This is the precise reason why I think the so called "order" / "hukam" / "all" are extremist wings i.e a section of the India's spying agency known as Research And Analysis Wing and they go to extreme measures for cover-up's. In this case, I don't what they are trying to cover, but heard of some "eye witness testimony", some lies under oath, some mis-representation, cover-up and trying to put the blame on someone else, some illegal immigrant / identity thieves who claim to have married some Mexican and claims to have jumped the wall / container travel stories / traveling like dog stories. Does not matter what is the story but ultimately either illegal immigration and / or identity theft.

3) For some reason London watched the game of identity distortion and identity theft. What the hell is a identity changing / exchanging process? Why would normal people (civilians) change identities? All of the "process" propaganda, "morning / evening" identity changing etc... are identity thieves propaganda.

4) Why would people's signature on passport / BRP be different from normal signature? More propaganda for identity theft, false accusations, blaming, signature forgeries, signature manipulation.

5) Why would receipts have a different signature than the signature on the back of debit / credit cards? Spies, shadows, identity distorters, liars propaganda.

6) Why would erra / thota / uttam make purchases on someone else's name or address? Either they are shadowing and lying or trying to mix some of their black money and trying to frame / distort the reality.

7) What the hell are "percentages" and "quarters" anyway? A gang of goons / thugs / dacoits trying to distort identity, steal identity and trying to share loot.

8) The powerful surveillance equipment (some kind of a invisible drone) exists with video recording, photo taking, whispering, audio recording and even mind reading capabilities. And this equipment was misused in the propaganda and for identity theft. With great power comes great responsibility, but my country's blue rut, gutless, shameless R&AW spies instead chose to misuse the equipment for identity theft, personal agenda, source code theft, hacking. Shame on India! 


The so-called toes - terrorist order e's are the identity thieves.


NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



Bye London!

New web monitoring product coming soon

New web monitoring product coming soon


ALight Technology And Services Limited has a 3rd product planned and coming soon! The first 2 products were:

1) SimplePass - Free Password Manager PWA

2) PodDB - A free search engine and directory for podcasts


The 3rd product allows you to monitor your websites and receive alerts. This is a freemium product i.e some features are free and some features need subscription. This product also has a very huge roadmap.

The name of product yet to be decided - KoreSystem as in monitor your core systems or LightMonitor or something else. The free MVP with some basic features would be launched anytime between 24/12/2022 and 15/1/2023. The actual production launch with freemium features is anticipated sometime between March 2023 to May 2023. And there would be plenty of updates and features throughout 2023.

Hoping to generate some revenue in 2023. I do have plans of integrating affiliate marketing features in Q3 or Q4 of 2023, hopefully that way I can make some revenue and any digital marketers, influencer's can make some revenue.

I would like to invite early users, input, feedback and suggestions.


As always NOT associated with the Erra's, Thota's, Uttam's, Zinnabathuni's, Bojja's, Srinivas's, Bandhavi's etc... the rogue R&AW spies / identity thieves / human rights violators.


NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO


New web monitoring product coming soon

Sunday, December 4, 2022

GRPC in .Net using C# - Live coding and tutorial

GRPC in .Net using C# - Live coding and tutorial


Live coding tutorial on GRPC using C# on December 7th at 15:15 GMT.


This live coding tutorial would be about GRPC in .Net using C#. We will look into:

1) Client to server communication

2) Client to server streaming

3) Server to client streaming

4) Duplex streaming





NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



GRPC in .Net using C# - Live coding and tutorial

Saturday, December 3, 2022

PodDB next version update planned for 1/1/2023

PodDB next version update planned for 1/1/2023


The next version of PodDB would be released on 1/1/2023. This release has no major visible changes. The features planned are more of internal and making the website more search engine friendly.

1) Allow metadata of podcast feeds to have versioning so that in case of any data corruption, it would be easy to rollback to previous metadata. - Purely internal with no changes to functionality.

2) Generate sitemaps with links for all the available podcasts and submit the sitemaps to Google and Bing. - No visible changes but more search engine friendly.

3) Optional i.e haven't decided if I want to implement this yet or not, this is a may be feature - Support for Bing Index Now protocol i.e instead of waiting for search engines to discover if a web page has been updated or not, telling the search engine whenever a webpage is updated. As of now, Bing supports Index Now protocol, Google does not support Index Now yet. 


In the year 2023, 15 - 20 minor incremental updates are planned. Most of the updates during Q1 and Q2 would be internal, security, monitoring, failover, observability related. I might share some code snippets, some security best practices, some live coding sessions etc...


Running a one person company amongst a bunch of wannabe R&AW dawgs is a daunting task. List of R&AW dawgs - uttam, thota's, bandhavi, sowmya, zinnabathuni sowjanya, srinivas, thota veera, mukesh golla, erra's, diwakar, karan, kamalakar, bojja's etc... and whatever shivani, I don't know her, I did meet a certain shivani who is British citizen of Indian origin in a dating event, the other Indian shivani might be a blue rut... Almost all of the above mentioned are blue rut.


They are left minded anyway, right minded would rather focus their energy and time in productive manner, these left minded people have rather chose to impersonate making their lives miserable and trying to make my life miserable. They have begged, borrowed and I guess now they are in stealing mode, pathetic losers.


NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



PodDB next version update planned for 1/1/2023

Live video's link - PodDB version update

 Live video's link - PodDB version update

The update was successful with less than 1 or 2 seconds downtime. I have showed how I secure my AWS account, my CodeBuild setup, my compile and deploy shell script, my code project structure, how I have planned for horizontal, vertical scalability, the plans for Q1 and Q2 of 2023, actionable steps for improving the security of ALight Technology And Services Limited. Next time, I will delve into some live development either directly related to PodDB or development in general. 

I know, I am one person with many I.T related talents. - Product Owner, Project Manager, Architect, Lead developer (expertise), developer (expertise), little bit of devops, little bit of DBA, little bit of sys admin. Next talent target goal(s): expertise in Cyber Security, expertise in databases on AWS, not necessarily DBA, but more of expertise in managed databases in the cloud. 



NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



Live video's link - PodDB version update

Friday, December 2, 2022

Q1 & Q2 2023 roadmap for ALight Technology And Services Limited

Q1 & Q2 2023 roadmap for ALight Technology And Services Limited


I am moving back to India on December 8th. I am NOT shutting down ALight Technology And Services Limited because my company registration, capital ingestion by me are most important clues in an international black money laundering, identity theft crime, illegal immigration scam. My money clean sources - Bank of America, United States - account opened in 2008, ICICI bank, India account opened in 2017. The identity thieves - black money launderers. Read this blog post, and the following websites for more information. I am one person company with no employees, no clients.

ALight Technology And Services Limited



This is a disappointing anouncement, but the right thing to do.

Q1 and Q2 2023 would be about securing, monitoring, alerting, high grade data security and application security leveraging AWS services and / or custom development. As of now, no customer data is hosted on ALight Technology And Service Limited's servers. In the future, if PodDB were to become a consumer oriented free product, I would be storing some minimal data like usernames / emails etc... of PodDB users. 

The spies / hackers have state of the art equipment something like a hidden drone with capabilities of viewing, screenshotting, recording video, whispering, listening and even mind-reading. Yes, India's trained spies / hackers who misuse the equipment for begging ransom (cover-up as vaata / water / percentages),  OTP theft for logging into accounts, etc..., screenshots of other people's bank accounts, emails etc... for covering up their ransoms - black money and acting innocent. In some cases I even heard about people creating affair stories i.e some hacker woman would claim to be living with someone else by taking photos using the invisible drone etc... I know they have screenshotted my AWS Console and have made absurd claims. They have shadowed me and handled some of my deliveries and tried to act innocent as though they had clean source of money and / or for targeted identity theft.

Given the above situation, identity theft, targeted harassment, targeted identity theft, signature forgeries etc... I would say upgrading the security to the highest level would be the answer. For example, if I don't know the password for the database, how can they hack, even with mind-reading equipment. What if I use a Lambda or an application for generating password and storing the password in AWS, now even I wouldn't know the password, then how can these India's R&AW spies / psycho sadists hack? They might be able to hack if they login into the server, but what if I have monitoring on the server i.e some alert as soon as someone logs in?


Action Plan:

1) Rotating and auto-generated password tools

2) Monitoring, alerting

3) NIST Cyber Security Framework implementation

4) Me personally studying and getting certified in AWS Database, AWS Security


With this in mind, there would be few updates for PodDB but most of the updates might not be directly visible for end-users but more of internal updates. I would be making relevant blog anouncements on a necessary basis.


The list of the R&AW spy/hacker/psycho sadists include:

1) Zinnabathuni Sowjanya

2) Thota Veera and few of his family members

3) Erra surnamed couple - male - Diwakar / Karan / whatever and female - Sowjanya / Sowmya / whatever

4) Uttam - don't know his surname

5) Bojja Srinivas

6) Some cuban spy don't know his name - some Michael or whatever - shame on him - tries to put the blame on the five eyes and CIA just because he has foreigner accent. Why would the five eyes or the CIA support illegal immigrants / spies who are trying to infiltrate their country?


Who on planet earth would travel like a dog and or in a container? Lies by identity thieves. If the female identity thief had a sex change operation wouldn't there be some kind of surgery related marks on her body (I don't know her, but some desperate stupid criminal, false propaganda). How can someone work in a company remotely from 2008, if the company did not allow remote work until at least 2012? If working remotely from India, why are paycheck bank account transactions in United States between 2008 and 2016? Similarly why are the addresses on IRS tax filings U.S based address if working remotely? Because Erra's, Thota's and several others did a lot of black money laundering, wanted to cover-up and wanted to steal my identity. I would raise these type of questions, because I know who I am. And these people have the stupid equipment, they did ask for ransom (begging), I didn't give them, I don't support criminals - no rewards for criminals. Then they started stealing from me and tried to frame me by signing on some receipts, doing signature forgery etc... All of my debit cards and credit cards have my signature on the back of my cards, I had the same signature even on my expired passport dating back to 2002, current passport from 2017. Their signature scam stories are only valid for propaganda, in real life, I am clean and they can't even touch me in legal manner, because they are criminals and spies and surviving on propaganda.


NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



Q1 & Q2 2023 roadmap for ALight Technology And Services Limited

Thursday, December 1, 2022

Live stream of PodDB update on December 3rd at 11:00 GMT.

Live stream of PodDB update on December 3rd at 11:00 GMT.


        In a earlier blog post - PodDB version 0.2.1 coming soon!, I have mentioned an update for PodDB - A free search engine and directory for podcasts would be happening. I thought why not live stream and show my AWS account, how I secure my AWS account from hackers using Yubikey Bio i.e biometric authentication. I might even show you some of the code base and kind of an architectural overview and the different decisions made for horizontal and vertical scalability. If you are a I.T enthusiast / developer / lead developer / architect, irrespective of the programming language you might find this video interesting and might be a great chance to raise questions / discuss. I am open for technical conversations. The youtube URL would be - https://www.youtube.com/watch?v=AleiDRXG9WU on December 3rd at 11:00 GMT.





NOT associated with the erra / yerra karan, kamalakar, diwakar, kareem, karan, erra/yerra sowmya, erra/yerra sowjanya, zinnabathuni sowjanya, bojja srinivas (was a friend and batchmate, not anymore), mukesh golla (was a friend and classmate, not anymore), erra sowmya, erra sowjanya, thota veera, uttam’s, bandhavi’s, bhattaru’s, thota’s, bojja’s, bhattaru’s.


Mr. Kanti Kalyan Arumilli

B.Tech, M.B.A



Founder & CEO



Live stream of PodDB update on December 3rd at 11:00 GMT.

Q3 2024 review and plans for Q4 2024!

I am thrilled to share the exciting progress made at WebVeta in the past quarter (Q3 2024) and plans for the next quarter (Q4 2024).  My...