UK finds itself almost alone with centralized virus contact-tracing app that probably won't work well, asks for your location, may be illegal Britain is sleepwalking into another coronavirus blunder by failing to listen to global consensus and expert analysis with the release of the NHS COVID-19 contact-tracking app. On Monday, the UK government explained in depth and in clearly written language how its iOS and Android smartphone application – undergoing trials in …
On Android I thought this was what a foreground service was intended to do, to chuck out a notification that persisted for the duration of the foreground service and that the service continued to run when the app is backgrounded. The sort of thing you'd use for downloads or to run a media player.
Anyone?
Since Android 9 lots of devices suspend foreground services when the screen is off. You can set a schedule manager wakeup and that still works, sort of. This is all beside the point.
Its all a big high tech boondongle that has nothing to do with anything. NSA/GCHQ already has its ' co-traveller" algorithm for location (from tower triangulation). We learned that from Snowden they can do that.
https://www.ibtimes.com/edward-snowden-leak-how-nsa-collects-location-data-5-billion-cellphones-every-day-video-1497292
" the NSA gathers about 5 billion cell phone records around the world every single day, and nearly 2 trillion each year. The programs, known collectively as "Co-Traveler," allow the NSA to track the locations of any cell phone in the world, retrace its movements, and map user relationships in ways that surpass many of the secret NSA programs previously leaked by Snowden"
The virus is not the person, it is not confined to the movement of the persons phone. The surfaces they contaminate do not travel with their phone, and the tube trains they infect do not stay still.
Stay at home.
True, battery saving algorithm nonsense can even affect Foreground services. Never investigated the possibility of an app switching off attempts to stop itself being 'battery optimised'. I do know that having disabled battery saving for the apps I've written, their foreground services continue to run unimpeded.
So in theory I'd have thought that aspect of the UK app would work. But I'm not an Android expert, hence the original question.
So Kieren said:
"As it stands, work all the time on iOS nor Android since version 8. The operating systems won't allow the tracing application to broadcast its ID via Bluetooth to surrounding devices when it's running in the background and not in active use. Apple's iOS forbids it, and newer Google Android versions limit it to a few minutes after the app falls into the background."
That was the state of Android and IOS pre-CV-19, yes.
But as widely reported on the BBC and many other outlets: https://www.wired.com/story/apple-google-bluetooth-contact-tracing-covid-19 "Google and Apple... plan to release an application programming interface that apps from public health organizations can tap into. The API will let those apps use a phone's Bluetooth radios—which have a range of about 30 feet—to keep track of whether a smartphone's owner has come into contact with someone who later turns out to have been infected with Covid-19."
Apple will apparently roll out an update for all it's phones, while Android will only get the update from Android 6.0 onwards.
From what I've heard on radio interviews, the OS mod to Bluetooth will enable a low power mode to function constantly in background.
https://finance.yahoo.com/news/how-google-and-apples-new-coronavirus-tracing-could-turn-people-into-pariahs-201733674.html "The planned technology is slated to use low-power Bluetooth functionality standard"
What's puzzling is that the NHS trial is starting now, without the API and without the mid-May IOS and Android changes in place. Technically doesn't that mean that as soon as someone's screen sleeps, no Bluetooth signal will be broadcast?
And this is why you don't award one contract, value £250million, to your mate's brother with no tendering. You at least award three or four small contracts to develop and trial an app, then pick up the one that performs best.
What happens if (when, in my opinion) the IoW test fails? Assuming of course that the 'pass' criteria are fairly and sensibly set, and the trial is transparently assessed against those criteria...
Quite. That's a very good reason to go it alone. None of my Lineage phones are going to get this update, either.
I thought GCHQ had provided some 0-day exploits for Apple and possibly Android to allow them to bypass the restrictions.
The big question is whether Apple and Google dare to patch the holes...
The horse was bolted and summer is almost here.
Ah-ha! Dr. Frankenstein finally makes an entrance!
So, from a fiction pov, I would like to know if Covid-19 affects the Borg differently from a Swedish Chef (Börk börk börk)?
Yours,
Stefan Börk (batting away Covid-19 with my tennis racket).
"For each infected contact person, the user uploads a tuple consisting of a tag (boolean value) indicating if the user herself has been tested positive, the SKt of the contact and metadata about the encounters. This metadata includes the number of encounters the user had with the infected individual and relative timing information about each encounter, i.e. during which phase of the infectious period the contacts occurred. Time is reported as the number of days relative to the onset of symptoms (or an estimate in case there were no symptoms), i.e., relative to the corresponding day that the infected patient has reported to the health official. This information is enough for epidemiologists to build the first degree contact graph needed for their analysis."
Oh, wait... No... That's from the DP3T [1] proposal that is somehow significantly better than the NHS one.
In fact it is very close to what the NHS app is going to do, the main difference appears to be that the NHS want to do regional analysis and put measures in to prevent attacks, both of which seem reasonable.
However facts and reasoned debate should never get in the way of a spittle-flecked El Reg article to ramp up all those page impressions from the swivel-eyed privacy loons.
"You have zero privacy anyway, get over it" Scott McNealy, 1999. Only in this case, there's a proportionate reason for trading some of it off.
[1] https://github.com/DP-3T/documents
The difference is the sender's phone sends the list of device IDs and dates it has met them to the central server and the central server sends this list to all phones because it doesn't itself have a list of device IDs. Finally the list is compared on each phone. Also, device IDs are regenerated each day.
So, unlike the NHS approach, the server doesn't know which phone has which device ID. This, coupled with daily device ID randomization limits the possibilities for tracking and deanonymisation.
Big data is brilliant. Centralising all the details of people, movements and interactions allows the greatest range of analysis and could provide the greatest of benefit to our society, even the world. For greatest analytical benefit it should also capture age, sex, height, weight and other health data when first launched (manually I guess, while it could take existing health data from some OS and Apps, not everyone uses those).
And there's not a single person on the planet I'd trust with that data.
Won't be downloading it unless they pass a law mandating it be installed and used, after which I see Parliament burning to the ground.
OK this doesn't address all of the privacy concerns, but if the app was open sourced then it would be possible to review it and check that it really doesn't send any more data than it claims to...
There is absolutely no public benefit in keeping the code under wraps
This post has been deleted by its author
While I would like the app to be open-sourced, I don't think that will reduce my concerns significantly. The gov are clear that the app will be sending personal data to their database - what I would need is to open-source (and track) all accesses to that data.
The most worrying thing is that they won't allow me to delete my data. I might be willing to run the app, for the public good, during the crisis. But I will definitely only do that if I can delete all my data when I think the crisis is over. Including copies that have been given to "researchers".
"I might be willing to run the app, for the public good, during the crisis."
What makes you think that the government won't find an excuse to perpetually be in a crisis where they contrive to 'need" the data provided by the app? Have they ever shown an interest in revoking serious privacy invasions after invoking them in a crisis?
I suppose you think those "temporary" taxes will eventually be dropped, too.
Both types use Bluetooth to detect other nearby phones also running the software. Thus, when someone catches the coronavirus, people can be warned if their phone was within 6ft of that patient's phone for more than a few minutes.
I'm somewhat skeptical of this, considering how our neighbours sometimes used to feed their music through our Bluetooth enabled TV soundbar (until I took it out of service!). Sure you can get an idea of distance from signal strength, but that's not going to be particularly accurate - depending on chipset, obstructions, reflections, antenna orientation, etc. Could a Bluetooth type system suggest that I might be infected simply because it's picking up my neighbour's phone from next door, even though we never get within several metres of each other outside (only an example - hopefully my neighbours are actually fit and healthy)?
From the Bluetooth consortium's own recommendations:
RSSI is Different for Different Radio CircuitsYou may notice the variation of the RSSI value even on a fixed location or distance. One factor for the variation could be the hardware/radio platforms. For instance, on iOS devices where there aren’t many different chipsets, the RSSI value could accurately reflect the relationship to the distance. The RSSI value from iPhone A probably means the same strength value on an iPhone B. However, on Android devices where we have a large variation of devices and chipsets, the absolute value of RSSI won’t help you easily map to a location. The same RSSI value on two different Android phones with two different chipsets may mean two different signal strengths. However, the RSSI value could still be very helpful in the proximity applications if you use it to get the trend of the RSSI value change. That trend could give you meaningful data.
How Can I Use RSSI in a Proximity Aapplication?
Avoid using the absolute value of the RSSI—use the trend instead
Based on the fluctuation of radio signals, we can get a fairly accurate result of the RSSI trending. We can easily know if the signal is getting stronger or weaker, therefore, we will know if we are moving towards or away from the source. Even better, if we understand the specific mapping between the RSSI and the location of the specific receiving device, we could have a fairly accurate estimate of the distance.
https://www.bluetooth.com/blog/proximity-and-rssi/
Sure, you could use Bluetooth to tell if you moving towards or away from an infected person's phone, but I doubt that it would accurately tell you that you're 2 metres away.
Exactly.
And then what's going to happen when EVERYONE in an apartment block gets a notification (at the same time!) telling them they are under de-facto house arrest for 2 weeks?
Will they...
a) calmly accept it;
or b) go on a witch-hunt?
Answers on a postcard, postmarked Salem, MA!
Hatt Mancock is already pushing this as a "duty", next step will be immunity passports which control your activity. Not green on the app? Sorry, no public transport, no travel outside your neighbourhood. It will be a virtual ankle tag.
And per Ada Lovelace Institute, there is no evidence that any of these apps actually work.
"I'm sure app 'green' screenshots won't be hard to find"
Here in Edinburgh Lothian Buses has an M-Ticket app that When a ticket is “activated”, the app will generate an animated ticket on your smartphone screen.
No "screenshot" will do, it's a moving image pattern background with the current time counting and a four digit code that changes daily. That is not easy to fake especially on iOS where in theory the App must be approved by Apple which takes days if not weeks. Quite sure a digital passport would have similar protections should the government be stupid enough to try and implement such controls.
"I'm sure app 'green' screenshots won't be hard to find."
And that will work well for about a week. Then, there will be an emergency addition to the spec:
The QR code on the main app screen must contain the following information:
* The personal ID number of the user.
* The latest test date and result.
* The current health status of the user.
* A compressed representation of the user's criminal history with regards to health testing and app usage.
* The current date and time, using the UTC time zone.
This information must be signed with a device-specific private key whose public key has been registered with the server. Scanning devices must verify this signature. Those that lack sufficient internet access must be frequently updated with new lists of public keys. The suggestion is that this process occurs while charging those devices. Should a signature fail to validate, the attempt to scan must return red.
This is a obvious case where it should be written once and released as open source. It is bizarre (but sadly predictable) that every country is reinventing the wheel and creating loads of apps all of which are trying to do the same thing.
We all know how well government mega IT projects work out.
It's not an NHS App
It's a Marc Warner/Dominic Cummings App
i.e. the team that abused facebook data for the 2016 referendum to microtarget small groups of swing voters with adverts that played to their fears
That reason alone is sufficient for me to reject installing this app on any device I own
Even though I trust Google/Apple about as far as I can throw them I'll cheerfully put the Google/Apple app on my phone, as my trust in them is orders of magnitude greater than my trust in Warner/Cummings
The slide down the slope continues.
Sensible people who question these things will not be installing for reasons so many of us understand, not a problem as it is voluntary. However, you being a thinking type, taking information security and privacy seriously will now be branded a public enemy - why don't you want to "Protect the NHS and Save Lives"? That will shame more to installing the app - mostly the ones who don't really understand the technology or the real intentions.
Then we get to the interesting bit where you can be refused access to train stations, buses, office buildings, pubs, restaurants, airports etc... if you don't have your little app showing "Green". It's still voluntary, oh yes sir, you don't need to install it really, honestly. Want to work or travel or go shopping or hire a car?.....mmmm.
Then the Police now have a good excuse to stop you even when the 'lockdown' is e̶n̶d̶e̶d̶ on temporary hold until the next wave arrives. They must, for the good of the NHS, check y̶o̶u̶r̶ ̶p̶a̶p̶e̶r̶s̶ if your app says you're allowed outside, stopping random people at will.
Once all of this is in place and everybody accepts it, for the good the NHS and saving lives, scope creep widens it to include any other reasons you care to think about - or invent. Ever been arrested? Let's have that added to the app instantly, you go amber or red for not being a good little citizen. Not paid a parking fine, a little late on your tax return, got zapped speeding? You still have all of your freedoms, but only by being a good little citizen and not upsetting anyone or any department that can control the app. Those freedoms are still there but have been removed completely, utterly and without a single shot being fired. Perversely they will have been removed at the insistence of a majority of the population, those who do not understand what they are asking for or are too busy watching Love Island to care.
This scenario of not having the app on your phone strikes me as triggering the same police overreach as 10 years ago or so when, although photography in a public place is completely legal (UK, anyway), they'd start being obstructive and threatening if you so much as got your camera out because "terrorism".
But all the piccies of over-reaching plods show them going way closer than 2m to their prey, so presumably within a few days all the police will be self isolating, and we'll be free to sit on park benches just like it says we can in the constitution.
"I was worried until your last sentence.. but Love Island is cancelled...the proletariat will awake from their slumber...."
They will wake from the slumber....and watch re-runs of Love Island ;)
There's a reason why that sort of shite and football will resume quickly (even if behind closed doors) - to keep the proletariat subdued and unable to think for themselves. To quote Mr Orwell...“Films, football, beer, and above all, gambling filled up the horizon of their minds. To keep them in control was not difficult….”
I've taken several things away from this:
1. The app isn't really going to work
I keep thinking that I want to do my civic duty, and I don't care as much as maybe I should that they have my personal data.
BUT... if I had it confirmed that if the google-apple API allowed more data to be gathered AND it could potentially save more lives by using a central database, would we seriously allow more people to actually die for the sake of data privacy? It's not a tough call to make... it doesn't require any specific restrictions on everyone's lives, and it could save lives. I hope I'm wrong about that. Are we a species so stupid that we put data privacy over actual LIFE?
The UK app, as already highlighted in the article, has a number of shortcomings that prevent it working reliably all the time when compared to using the Google and Apple APIs which won't have those shortcomings.
Not using the Google and Apple APIs automatically means that the UK app will be less reliable at capturing interactions. Less interactions will be detected and reported. I am already, as an experienced engineer, convinced that our 'solution' will be less effective and cause more unnecessary deaths because the fundamental, core part of how it works is broken even before it has been trialled.
Oh and as a species we have no concept of privacy, only a drive to survive.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
