Re: IPXE's CX protocol solves this
Sure, it sounds nice. However, I note a few problems. First, there aren't those apps yet, though it is stated they'd be easy to create. Second, there are no providers of dangerous seeds (which would have to be set up by health providers), so it'd be useless even if there were such apps.
The third problem concerns this quote from their documentation. This is how you find out that you've been in contact with someone:
"The healthcare provider publishes a notification list of hazardous seed values corresponding to positive diagnoses. Each participating device downloads this list and compares the hazardous contact identifiers against its own record of observed contact identifiers."
Or, in simpler terms:
1. Device creates a seed at some time.
2. Every [short amount of time], it uses that to generate a new identifier. The page doesn't say how long, so I'm going to guess twenty minutes.
3. That identifier is broadcast for that [short amount of time].
4. The user tests positive.
5. Their seed is uploaded to a database which is region or country-wide.
6. Everyone downloads a list of seeds and uses them to generate the identifiers.
7. Identifiers match, and alerts can be generated.
The problem is that generating a bunch of identifiers from random seeds when they change so frequently is intensive from a processing perspective. If a seed is generated a month ago, then to check the identifiers for that seed means my device has to generate 2160 identifiers and check 1008 of them against my list. Also, I need to know when that seed was generated. I have to do this for every person in the country who tests positive. Every day. Probably most of that would get done while I sleep and the phone charges, but it could cause battery drain and slow processing if the phone is trying to do that while I'm using it. The severity of this would depend on the extent of the outbreak and of testing. In Australia, I'd have to generate and check about 82000 identifiers per day. In Germany, it'd be about 7.79 million.
Is the system gravely flawed? No. It's been thought through with some care from the look of things. But it has some flaws, and they may be severe enough that it doesn't get adopted elsewhere. I'd be happy to add this to the list of possible ways to do this, but it won't solve any of the major problems still facing the concept, including these:
1. The concept only works with thorough adoption.
2. The concept only works with thorough testing.
3. The concept only works with comprehensive support from health authorities.
4. The concept does not have much time to start to be useful before it ends up being too late and mostly useless.
5. The concept can promote anxiety if it is too broad.
6. The concept can promote complacency if testing is insufficient or contacts are not correctly logged.
7. The concept could be modified to add additional surveillance which would undermine confidence. (Yes, this approach slightly mitigates that concern, but if seeds can be collected by some means including a government-created app implementing the rest of the protocol, it would still allow surveillance).
Biting the hand that feeds IT
