Contact Tracing Apps

Discussion in 'General Discussion' started by Arwin, Apr 19, 2020.

  1. Arwin

    Arwin Now Officially a Top 10 Poster
    Moderator Legend

    Joined:
    May 17, 2006
    Messages:
    18,535
    Likes Received:
    2,281
    Location:
    Maastricht, The Netherlands
    Our country is now in the process of selecting candidate apps for assisting with contact tracing and self-diagnosis. We know we are behind the UK with this, though ahead versus other European countries and we seem to have a more aggressive timeline in which we want to implement this.

    This kind of app has already been deployed in several other countries. Although not a lot of evidence exists that this helps, it seems rather obvious that there is a lot of potential here, both in self-diagnosis and assisting contact tracing.

    This whole process is public in the Netherlands, with live streams on the candidates, expert questions, public questions, and code is public too:

     
    Cyan, pharma, DSoup and 1 other person like this.
  2. DSoup

    DSoup Series Soup
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    15,803
    Likes Received:
    11,796
    Location:
    London, UK
    From what I understand the UK is going for a centralised system, but de-centralised systems will be quicker to deploy and Google and Apple are about to release their APIs for de-centralised contact-tracing for this for their respective platforms.
     
  3. milk

    milk Like Verified
    Veteran Regular

    Joined:
    Jun 6, 2012
    Messages:
    3,847
    Likes Received:
    3,946
    I hope this shit is as open source and transparent as technologically possible. Call me a tin-foil-hat-wearer, but I never underestimate the potential for different players in the tech and political world to take advantage of critical situations with trojan horses to further their personal agendas.

    I don't think the app can't work, or that contact tracing can't be a useful tool. But that's no excuse to not be vigilant about how it is being done.

    I'd rather die of corona than let the whole world become as totalutarian as China. Absurdly extreme exemple here, but the extremes are a good starting point to start thinking about where our threshold lies for our safety-vs-control cost-benefit analysis.
     
  4. orangpelupa

    orangpelupa Elite Bug Hunter
    Legend Veteran

    Joined:
    Oct 14, 2008
    Messages:
    9,908
    Likes Received:
    2,893
    indonesia has it for around a month now. People complains it drains battery and make their phone hot. The app is purely for spying, no usable info for the user other than to alert ODP (people being monitored) and higher levels.
     
  5. Michellstar

    Regular Newcomer

    Joined:
    Mar 5, 2013
    Messages:
    662
    Likes Received:
    380

    How true.

    Just remember the Boston analytics fiasco.

    It´s funny that in the last "House of Cards" Season, (mild spoilers) a company deploy an app to help the population amid a Hurricane disaster and in reality it´s used to mine personal data lol
     
    pharma and milk like this.
  6. milk

    milk Like Verified
    Veteran Regular

    Joined:
    Jun 6, 2012
    Messages:
    3,847
    Likes Received:
    3,946
    It's relieving to know mainstream entertainment has recently coloured this scenario into the collective unconscious.
     
    pharma, Michellstar and BRiT like this.
  7. DSoup

    DSoup Series Soup
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    15,803
    Likes Received:
    11,796
    Location:
    London, UK
    If the app is from a commercial party whose business of selling information, then I would be dubious. If the app is something official from the Government, look at that Government and their technical capabilities. Chances are, any modern Western and Asian Government already have the capability to mine your data legally (or otherwise) and don't need a contact tracing Trojan horse.

    If any of these apps are leaking data they shouldn't, it will become public knowledge very quickly given how easy it is to monitor network traffic from modern devices.
     
  8. zed

    zed
    Legend Veteran

    Joined:
    Dec 16, 2005
    Messages:
    5,969
    Likes Received:
    1,757
    Yes all they need to do, is grab it from the phone carriers (cause your phone is constantly pinging the towers), this position info though this will not be as accurate as something using bluetooth, and a lot more invasive
     
  9. DSoup

    DSoup Series Soup
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    15,803
    Likes Received:
    11,796
    Location:
    London, UK
    You may be surprised how accurate triangulation of phone locations is these days when combined with wifi networks visible to your device as you move around. Bluetooth itself is a privacy nightmare in many cities with all the bluetooth beacons dotted around. It does not take match to connect the MAC address dots (wifi, bluetooth) with device-specific identifiers. Modern IMSI grabbers are also amazing.
     
    #9 DSoup, May 4, 2020
    Last edited: May 4, 2020
    BRiT likes this.
  10. Arwin

    Arwin Now Officially a Top 10 Poster
    Moderator Legend

    Joined:
    May 17, 2006
    Messages:
    18,535
    Likes Received:
    2,281
    Location:
    Maastricht, The Netherlands
    This is why the work by Apple and Google is important, to make sure this can be done with as little power as possible and not unimportantly as an OS function that always runs - currently an app can’t even keep polling Bluetooth in the background, which makes sense.

    And they are designing a system with a very clear public specification with the goal to make it completely anonymous, and compatible over the two phone OS’s which is important.

    Yes Bluetooth itself has some privacy concerns though only locally so the scale of the problems is tiny compared with other systems, and can be mitigated further with encryption on how the ids are exchanged etc.
     
    DSoup and Cyan like this.
  11. orangpelupa

    orangpelupa Elite Bug Hunter
    Legend Veteran

    Joined:
    Oct 14, 2008
    Messages:
    9,908
    Likes Received:
    2,893
    Googles solution also won't spy the exact GPS location, it'll trace contact from bt sniffing. Way better than the one used in Indonesia that use GPS and bt
     
  12. Arwin

    Arwin Now Officially a Top 10 Poster
    Moderator Legend

    Joined:
    May 17, 2006
    Messages:
    18,535
    Likes Received:
    2,281
    Location:
    Maastricht, The Netherlands
    Right. Apple and Google now even made it a requirement that an app doesn’t also collect GPS data. They also allow only one government sanctioned app per country.
     
  13. Mariner

    Veteran

    Joined:
    Feb 6, 2002
    Messages:
    2,131
    Likes Received:
    884
    DSoup, milk and orangpelupa like this.
  14. Cyan

    Cyan orange
    Legend Veteran

    Joined:
    Apr 24, 2007
    Messages:
    9,648
    Likes Received:
    3,347
    which app is that? Is it officially made by Google or Apple? Is it open source?
     
  15. milk

    milk Like Verified
    Veteran Regular

    Joined:
    Jun 6, 2012
    Messages:
    3,847
    Likes Received:
    3,946
    I love these kindnof policy that simply assumes society will remain stable, safe and non-tyranical despite history proving that feeling always been naively short sighted in the past. Despite we having highly un-human non-democratic states operating right now, and despite the very crysis we are going through being empirical evidence of how fragile our global ecomomy and politics actually is.

    But yeah, sure, let give every authority we can find a new chain leash for them to keep us safe. Can I also hand them my girlfriend's panties while at it?
     
  16. orangpelupa

    orangpelupa Elite Bug Hunter
    Legend Veteran

    Joined:
    Oct 14, 2008
    Messages:
    9,908
    Likes Received:
    2,893
    Pedulilindungi, made by telkomsel, a government-owned company that's blatantly breaks net neutrality (there's no net neutrality law in Indonésia tho), injecting ads, and doing sketchy business. But now it's published under kemenkominfo (maybe equivalent to FCC).

    Closed source.

    I've tried to sniff around what data are gathered but it requires Bluetooth, and I can't find any android VM that have Bluetooth emulation.

    I'm not gonna install it on a real hardware and letting it sniff all the wifi ap, and Bluetooth devices in my proximity... GPS is fine as it can be easily spoofed

    Btw kemenkominfo have sketchy policies
    • Allowing companies to pay ISP to block competitors (imagine allowing Netflix to block Hulu on ISP xyz, Amazon to block Walmart on ISP abc)
    • Country-wide dns poisoning (even DoH doesn't always give clean result, DNScrypt still works all the time)
    • Planning to regulate YouTube videos
    • VPN will be regulated and considered to be the same as ISP (0_o)
    • Many more I didn't remember off-hand
     
    #16 orangpelupa, May 5, 2020
    Last edited: May 5, 2020
    Cyan likes this.
  17. DSoup

    DSoup Series Soup
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    15,803
    Likes Received:
    11,796
    Location:
    London, UK
    I agree but this is a tricky one. We know modern conventional [travel] passport security measures only deter falsification by amateurs and that there are effective counterfeits appear quickly beyond the ability of most country's passport control to detect them. If you take your Blueland-issued passport to Redland, they largely rely on the apparent authenticity of the passport itself to determine whether or not the passport is real and that it was issued to be the person presenting it.

    The only certain way to authenticate anything is to compare it to a central tamper-proof database (aka the single source of truth) or constantly redeploy cutting-edge security keeping once step ahead of counterfeiters. The latter is more privacy-friendly but is vastly more expensive.

    I don't believe the UK will literally buy into health passports unless COVID-19 is still a big problem in three-to-six months because this would take a massive amount of time, effort and money at a time when the lockdown measures are already eating the economy. It's not uncommon for companies to approach their Governments with great - but prohibitively expensive - solutions to problems and the vast majority of these go nowhere.
     
  18. nutball

    Veteran Subscriber

    Joined:
    Jan 10, 2003
    Messages:
    2,425
    Likes Received:
    881
    Location:
    en.gb.uk
    Are you not getting a sense of déjà vu here? Biometric passports/ID cards/some other thing? Centralised database?

    We went through all of this under the previous Layout government and, if my memory serves, under one of the Tory administrations before that. It's like Groundhog Day. I remember arguing about it in RPSC here.

    I honestly couldn't say where this keeps coming from. Obviously there are commercial interests, but the persistence of it across governments of all flavours makes me wonder if it's not some sort of thing that lives high up in the Civil Service.
     
  19. DSoup

    DSoup Series Soup
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    15,803
    Likes Received:
    11,796
    Location:
    London, UK
    Yes, this is an old chestnut. What largely killed older proposed biometric systems was that the technology was not mature enough to be robust in being able to provide a sufficiently high assurance of identification (like orders of magnitudes below a DNA test), unacceptable false positives/negatives, inability to adapt to people changing (for visual systems) and cost.

    Things like Apple's Face ID is really good, but not flawless and if you were content with "really good" - which frankly isn't good enough, to implement that in any form of passport would be massively expensive

    You generally hear about these things not from Government but from private industry who see, or perceive, a problem that they want to sell the Government a solution too. For the most part, Government will generally review proposals like this which some take as a sign of potential adoption, but it's just reviewing it. You have to, just in case somebody really does come up with a novel solution to things. The UK's quantum computing program got initial traction this way.
     
    #19 DSoup, May 11, 2020
    Last edited: May 11, 2020
  20. Mariner

    Veteran

    Joined:
    Feb 6, 2002
    Messages:
    2,131
    Likes Received:
    884
    The only problem there is that, as this government has shown, there is a long-standing policy of UK.gov selecting the option which is most expensive as well as least likely to work correctly. Probably because the decisions are made based on which lobbyist went to school with the PM/Defence Secretary/Home Secretary/Health Secretary at any given time and who is most likely to provide the best backsheesh at a future date (generally through paid directorships).
     
Loading...

Share This Page

  • About Us

    Beyond3D has been around for over a decade and prides itself on being the best place on the web for in-depth, technically-driven discussion and analysis of 3D graphics hardware. If you love pixels and transistors, you've come to the right place!

    Beyond3D is proudly published by GPU Tools Ltd.
Loading...