Posts by Nirupam Biswas

I am not the one who goes out a lot, but likes to know about the outside a lot. Likes to make friends, well have lots of them, fortunately. Loves programming, well ‘am still learning.

Introducing RunPage

RunPage is a Jupyter-like portal. If are not familiar with Jupyter, then that is a server which allows you to create documents with embedded Python codes. The documents can contain normal document stuff intermixed with Python codes. The Python codes have the ability to render directly onto the document. RunPage these documents are referred to as pages.

Difference with Jupyter

The first biggest difference is that RunPage allows you to embed Javascript codes instead of Python. Although technically Jupyter can be used to run any kind of language codes, depending on the “kernel”, but all those codes are run on server-side. In case of RunPage they all run in a “sandboxed” environment inside your own browser. So no roundtrip to server is involved which makes it faster and secure. RunPage also allows you to embed file selector in your page, which you can reference in your JS code. These selected files (excel, text, etc. files) can then be processed using APIs provided by RunPage right in your browser without uploading them to server for processing.

RunPage also provides a proper block editor, so that the article writing process is as frictionless as possible.

RunPage is a fully hosted solution with concepts of teams and sharing between teams and to public. The provided APIs are designed to be simple and intuitive. For example, unlike Jupyter the last statement in the code-block are not automatically rendered as output on the document. In RunPage each code-block (referred to as script-block in RunPage) behaves like an Async function body. So only items which are returned from that function get rendered on the page. In fact it renders an array as series of multiple outputs.

Head over to for a free account.

Downloading Certified Copy of your sale deed in Telangana

If you received a SMS from Telangana registration department, similar to the one below :-

Please collect your Document No:____, year:____ Dated _______ From SRO xxxxxx,Telangana between 10:30AM and 05:00PM on any working day. Visit website to download Certified Copy of document using your registered Mobile No. and Security Code: xxxxxx. In case of any issues please call IGRS Helpdesk no. 18005994788

Then the first thing you would want to do is download the certified copy. As per instructions here you need to goto then click on Certified Copy button there.

Get certified copy of your registered document like Sale Deed.

After this you will be required to create an account and login there. Which is big pain in the a*s. Here I will give you a way to bypass all that.

Below is a simple form, just click that and it will take you to the Telangana government’s portal where you need to provide your mobile number (where you received the above SMS) and the Security Code sent to you in that SMS. Clicking the below button will launch the government’s portal in a new tab.

If you are still reading, means that you have not clicked above and are worried about possible hacks stealing your passwords. These worries are very real and hence I will explain here what is going on in the button above. You can also inspect the button’s code in your browser as well.

   <title>Signed Copy Download Launcher</title>
   <form action="" method="POST" target="_blank">
      <input type="hidden" name="ccType" value="CITIZEN" />
      <input type="submit" value="Go" />

The code is simple. It just makes a POST call wit ccType=CITIZEN as form data. You can also save the above code as html page and click the button there.

Unable to login to because of not receiving OTP SMS is a one stop shop to search for all registered documents. Anyone who has bought a property or wants to buy one, this is an excellent portal provided by the State Government to check for encumbrance and other details about the property.

The problem

To access these functions you need to register here, which you did; and after that when you try to login you are presented with a form where you need to enter OTP which you will get from SMS sent to your phone. However, the SMS never arrives. You click on – Resent OTP, and still nothing, no SMS. You call up the toll free helpline which is there on the portal’s header, and they ask you to clear browser history and retry. You do that diligently, inside your mind you know that it will do noting to help you. Anyway, you follow the instructions and retry and still the same issue. – If this is what happened to you as well, read on….

After some clicking around I figured that if I tried using the “Forgot password” functionality then that too sends OTP via SMS and there the SMS is actually delivered!

The solution

When you login and you are confronted with that OTP form then open another browser tab and open Enter your email or mobile number. This will send a OTP SMS now. Instead of putting it there use that OTP on your post login form, and it will now successfully validate! Yeah!

What is your effective income tax rate?

In India the Income tax calculation is quite complicated. There are different slabs with varying percentages, then surcharges, education and health cess etc. Do you know what is the cumulative effect of all these various percentages on your net income?

Effective income tax rate is the percentage value of your final tax amount by your net taxable income after all deductions. This gives a clear picture of what percentage of your income is going to the government.

Effective Tax Rate = (Total Tax / Net Taxable Income) x 100

This analysis is not only a fun way to feel proud or… maybe sad. This also useful to make decisions like should I take home loan or pay it out of pocket? Yup sometimes taking loan is actually more economical!

First let us look at the tax amounts for taxable income ranging from zero to 5Cr, in FY 2020-2021.

See the Pen Effective Income Tax rate by Nirupam (@applegrew) on CodePen.

Next let’s look at the effective tax rate for zero to 6Cr net taxable income range. (In both the graphs the blue line is when the “new-regime” tax slab is used, and the orange line for “old regime”). The comparison for both the regimes are here – Deep dive into new tax regime of Budget 2020.

See the Pen Effective Income Tax rate by Nirupam (@applegrew) on CodePen.

In the above graph the first cliff comes at 50L mark, then at 1Cr (which is mentioned as 10M on the graph), lastly at 2Cr mark. At 2Cr the effective tax rate is whooping 43%!

Scenario: Home loan vs paying out of pocket

Now let us say you are earning 1.5Cr a year. You want to buy a 2Cr worth house (inclusive of all fees). You are able to save 1Cr a year. So that means you can pretty much pay for the house out of pocket in two years. Also since house is under construction which will need next 3years to actually complete. In this case we will talk in context of two different situations.

You take a home loan 1.6Cr for at 7.2% for 20years. Let’s use our calculator from Calculating Amortisation Schedule of your loans. You will need to pay back total 3,02,34,176 over the course of 20years. (Plus some processing fees, which would be small in comparison here). So your total expenditure would be 3.02Cr + 40L (out of pocket) = 3.42Cr.

Instead let’s say you paid for the full amount out of pocket then the cost of house would had be exact 2Cr.

However, in the case where you took loan, if you had invested the 1.6Cr amount in Mutual Funds, which typically returns about 12%; you would have got 12.3Cr at the end of 18years! (Assuming it took two year to accumulate 1.6Cr after all expenses.) Even if you invest in the safest MFs like Liquid funds which gives a typical return of 5% you would have got 3.85Cr at the end of 18yrs. 3.85-3.42 = 43L. Means you got the house practically for free with 43L to spare. OR more than 8Cr to spare in former case.

Not only that you would save on taxes due to deductions due to home loan under 80C and section 24.

LIC what were you thinking? Cracking LIC e-Policy doc password!

Long long ago I created a Gmail account for my (now) late grandfather. It seems someone else who shares the same name as my grandfather has provided and continues to provide that email as his own. Over the years I have been receiving random emails addressed to that person. I can tell they are not addressed to my grandfather since the contents in no way relate to my grandfather and he has been dead for a long time. I still have access to that email, so it very possible that the other person is some old fellow who does not quite understand emails.

Anyway fast forward to today. I received mail from LIC for the purchase of e-policy; addressed to that person. Below is the screenshot of that email.

Email screenshot with sensitive infos redacted

The email has two attachments. The second is general terms and condition but the first one is actual policy document. It is password protected. Which is a joke and the whole point for this post.

The section in red box are the rules for the password. The password is the policy number followed by date of birth in DDMM format (note no year is needed). The nine-digit policy number is provided in clear in the subject of the email and also in the names of the two attachments! The remaining part is just figuring out DDMM. That is it!

I then wrote the following Java code.

import com.lowagie.text.exceptions.BadPasswordException;
import com.lowagie.text.pdf.PdfReader;
import com.lowagie.text.pdf.parser.PdfTextExtractor;


public class Main {
    static final String READ_PDF = "/Path/to_password_protected_policy_doc.pdf";

    public static void main(String[] args) {
        PdfReader pdfreader = null;
        int m = 1;
        int d = 1;
        while (m <= 12) {
            String password = "<policy number here>";
            if (d < 10) {
                password += "0" + d;
            } else {
                password += d;
            if (m < 10) {
                password += "0" + m;
            } else {
                password += m;
            try {
                pdfreader = new PdfReader(READ_PDF, password.getBytes());
                // get pages in PDF - Not really needed
                int pages = pdfreader.getNumberOfPages();
                PdfTextExtractor pdfTextExtractor = new PdfTextExtractor(pdfreader);
                // Iterate through pages to read content
                for (int i = 1; i <= pages; i++) {
                    // Extract content of each page
                    String contentOfPage = pdfTextExtractor.getTextFromPage(i, true);

                System.out.println("THE PASSWORD IS: " + password);
            } catch (BadPasswordException bp) {
                System.err.println("bad password: " + password);
            } catch (IOException e) {
            } finally {
                if (pdfreader != null) {
            if (d >= 31) {
                d = 1;
            } else {

In the code above I did not even bother to check if the month really has 30 or 28 days. That really does not matter since invalid combinations will not yield a valid password. So it just wastes some time.

However, it took few milli seconds to get the right password. LIC get your acts together. This is sad. Such a large organisation with such a weak security posture is alarming.

Buying experience from – A review

I recently bought a PREMIER SPECIAL EDITION KINETIC PERPETUAL WATCH – SNP126P1 wrist watch from Till now my most expensive investment in watches. The same watch was available on for much less, however the number of sales made by the seller there was too less, additionally it had mixed reviews. That did not yield enough confidence, hence I decided to buy this from Seiko’s official site. Seiko also sweetened the deal by including a pair of wireless ear-pods by bOAT worth approx. Rs 2k as free gift.

Validating the site

I had never bought from that site before and I did not find enough reviews online to form a definite opinion. So I had to ensure at least the site is genuine and not some fraud. I googled out the official Seiko site which is That has a SSL certificate issued by Amazon. The whois info ( shows that it is registered to Seiko Holding Corp., Tokyo, Japan. Clicking on “Shop Online” link on that site took me directly to, which is a good validator. I went one more step and cross checked its SSL certificate too. That was issued by Let’s Encrypt. First and foremost all e-commerce sites must be behind HTTPS, if they do not have SSL certificate then that is a big red flag. Never transact there. In this case the certificate was from Let’s Encrypt, which allows you to generate SSL certificate for free. Why a multinational company need to use free certificate? This indicates that the operation of the Indian site is outsourced to some local company which is cutting corners to maximise profit. This was slightly concerning. I checked the domain’s whois ( which too was registered to Seiko Holding Corp., Tokyo, Japan. So atleast that was good.

The purchase experience

I created an account on that site and placed my order. The checkout experience was pretty decent. Seems like they are using some system which cannot be fully customised as per their requirement. The free gift has a cost of Re. 1 and not zero. So, they generate a coupon on the fly and apply that at the checkout to give Re. 1 discount to negate the cost of the free gift. What a hack. After checkout you have to pay the full price upfront, (some models have EMI options as well) no Cash on Delivery option. The have integration with CCAvenue for payment processing.

The shipping experience

It took them 2 business days to ship the product! That is like an eternity in the world of Amazon. After those two days they registered a pickup with BlueDart and mailed me the tracking id. I was in Kolkata and they ship from Mumbai. It took four days for BlueDart to ship it to me, where first three days were spent in Mumbai, in security and other clearances. BlueDart delivered the package very early morning on the fourth day. I wasn’t awake so my parents took the delivery. When I lifted the (quite big) package, I was shocked! It felt almost empty with something light rattling inside!!!!

The big fraud

When I lifted the big but feather light package, my heart started to beat like crazy. My head said that I have been ripped off and they have probably put some soap or a card box inside the package. But my heart kept saying that these are genuine folks, everything is there, just open the package and see for yourself. The heart was beating so fast, I could not bear it and ripped open the package, and saw that…

they had only packaged the free gift which was worth less than Rs.2000.

The opened package with bill obscured

Heart lost, head won. I was very sure that this was a scam and I have just been ripped off. I would have understood if they forgot to package the free gift, but who is so incompetent and in such a specific manner that they would package the free gift but not the actual product!

Looking for a fix

I was contemplating filing police complaint but I understood that I needed proof. I had already blown away my first proof when I opened that package without taking video recording of it. I knew it was too light, I should have opened that package while shooting a continuous video of it. That would have been a big proof. But I blew it and was regretting it.

Now my next rationale option was call their customer care and try to work it out. But I was sure they would not respond or will not pick up my phone at all. I called the number given on their site and it was promptly answered. It didn’t seem like a call centre but just one guy answering the call from his home. He mentioned that he has never received such a complaint before and asked me to mail the picture of the package to them. Which I did but no reply. I kept calling that person on almost half an hour basis for updates. He wasn’t happy about my calls but nobody paid a damn to the emails I sent. At my insistence over the call, I received one reply over email that they acknowledge the receipt of the pictures and will followup with concerned department.

Later that day I got call from a lady from Seiko saying that they are following up with warehouse department to figure out what really happened and that the investigation can probably take 72 hours. Also I can call her directly for updates. After this call, I was feeling a little pacified since I could see things happening. However, for some reason they were very reluctant to send anything over email. So, I was recording our phone conversations to build proofs; if later they try to wash their hands off.

Finally in evening I got call from the same lady that they can confirm that it was a mistake from their warehouse and they will ship the product that day itself. This was a huge relief. When I asked for reason for the mistake, she did not quite give an answer except that it was just a mistake.

During all these time I was calling her for updates. Kudos to her for attending all the calls. Their call centre time was upto 7 pm so I wanted to ensure that the product was shipped before that else it would get postponed to next day. So after few more followups I was assured that in next 20mins I will get the new tracking number for. Which I got and also got a followup call from warehouse.

I got the next package in three days via BlueDart. This time the package weight felt right. However, I was still skeptical if they have shipped the right watch or not. So this time I video taped the full unboxing in one continuous shot.

Thankfully, this time got what I wanted. Yeah……whew.😅


Their logistics are not well oiled. Their intentions are good, but effectively their overall service sucks.