Reply to post: Re: Why?

Fancy some post-weekend reading? How's this for a potboiler: The source code for UK, Australia's coronavirus contact-tracing apps

doublelayer Silver badge

Re: Why?

You are misunderstanding several concepts. We'll start with decentralized data storage. This works, and the government doesn't need access. It works like this:

Your phone knows some random identifiers it's been screaming into the void. It also knows a bunch of identifiers it has heard from others' phones it has been near. So all you need to do to warn people you were near is to send a list of your identifiers to a public system. If they get that list, they can check the identifiers against their own list of the ones they heard, and if there's a match, they get an alert. Your name doesn't need to be attached when you send out the identifiers, and you certainly don't need their names.

Ah, but I see you are concerned that people will report unreliably, causing a bunch of false positives. A reasonable concern. So the solution is to give all the information to the government and have them do all the reporting? No, it isn't. A better solution is to give health providers signing keys. If someone tests positive and reports identifiers, their report is signed with a health provider key. You can't report without a key, or at least a report may not be trusted without a key. Keys only go to health providers.

You also are completely misunderstanding the utility of this app, if it actually has any. You seem to think that it's useful only by sending a bunch of data to the NHS. No, not really. They have information from tests, which they can use. The utility of this app is supposed to be that people know when they have to stay in quarantine. A warning from an app like this is not a positive test. Treating it as one would destroy any dataset. Nor is it a good reason to use limited testing capacity on that person. It would be great if we could get that many tests, but we don't have the capacity now.

For that reason, the app idea is very limited and may possibly cause more harm than good. However, you seem to only acknowledge the extremes--either the app is worthless or the app provides crucial data to health authorities. It is instead intended to provide information of tentative reliability to the public. Given that, there is little or no benefit in centralized data storage. Simultaneously, there is significant risk in centralized data storage. If we are going to have such an app, it is very important that it be decentralized in order to get sufficient uptake.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon