I’ve still to read through it all, but thought there might be some interest here.
1 Like
Good idea, and my phone is nearing end of life.
When whitehall/westminster inevitably bloat the innocent tracing app with identifying info, will have to dump the phone when back to normal.
I guess it’d be fun to try Ubuntu touch again, Fairphone / UBports?
Tin Foil? Here, I have some to spare!
I presume any new phone released will get the government tracing api, “just in case”
Like the American’s permanently loosing privacy with Patriot act…
But Apple and Google seem to be doing well themselves
2 Likes
I swore I’d never buy another thing from China, but I might have to get the pinephone.
All I need it to do is handle TOTP codes, send texts and make phone calls.
Honestly tempted to go back to a flip phone.
3 Likes
I don’t want to get to much into a debate on that area, however both have their potential issues. The Apple/Google approach the one that will be forced on phones, is closed source and will be pushed via a forced update. Personally I would have liked to see more oversight of that as well.
Or a dumb phone like one would get for a grandparent…
2 Likes
haha my grandparent have iphones.
No thanks.
2 Likes
:cries in no living grandparent:
#FeelsOldMan
3 Likes
But google is already doing it
1 Like
Anonymity and attacks
In all of this, you’re anonymous as it’s done through the Installation IDs, but the system is building connections between these anonymous identifiers. There’s something called the reidentification risk where it’s sometimes possible to reidentify some small number of people from an anonymised large scale contact graph or other data set. Normally, this is where you’ve removed someone’s name from a record, but still have lots of other information about them, for example biographic information like age, sex and postcode. It’s pretty obvious that there are streets in the UK where there’s only one 97 year old female. In the case of the app, however, it doesn’t collect enough to enable that - remember it only has the random Installation ID and a postcode district (covering thousands of households). It would take changes to the app and also bringing lots of other data together to do this, which the NHS does not allow. However, despite the fact the app deals only in anonymous identifiers, the back end is built to the NHS standards for protecting personal data and access to it is strictly limited. Of course, at some point, you have to be identified to the NHS, for example to get a clinical test. If that happens through the app, the system uses a privacy preserving gateway to be able to link a test to an app Installation ID anonymously, but not the Installation ID to a person’s identity or NHS record. Of course, someone who has access to all three systems can link you, but by design no-one does.
It’s also worth saying something about IP addresses. The architecture for the system uses a commercial front end to provide, among other things, load balancing and DDoS protection. Those ‘front end’ systems see your IP address. But the NHSX back end system doesn’t. It only sees the address of the commercial load balancer. The cyber security monitoring of the system keeps logs which include IP address, but they’re strictly access controlled and are only accessible to the cyber security team looking after the app system.
In any contact tracing app that broadcasts something to be picked up by others, there are risks. There are a range of schemes from having a fixed-for-all-time ID that’s constantly broadcast (which would be silly as anyone can see if you’re around), through to schemes that make it exceptionally difficult to work out what’s going on. There are a set of well known attacks that all apps have to mitigate. It’s important to remember that you have to be pretty close to someone to execute those attacks and there are many different ways of mitigating most of them. The NHSX system as a whole does a good job of balancing the individual privacy needs with the public health needs.
[…]
There is also a more detailed (but partially incomplete) technical report
High level privacy and security design for NHS COVID-19 Contact Tracing App
Id be interested to see an app that recorded nearby traffic and rebroadcast spoofed bt mac addresses all day long.
1 Like
Hell, just a device spamming out mac chaff all day would be nice
They need to be legit mac addresses though.
Isn’t the first few chunks just vendor stuff, so just randomise the last 8 digits or whatever to spam it if one wanted to be a bad actor?
*Vendor
No. The point is to manipulate the real data, not inject garbage.
1 Like
NHS have released the source code for the app btw
2 Likes
Let’s maybe keep it on topic?
Reading through the Github “issues” page and the precautions the NHS is taking with the app instills a lot of confidence in me, that it will be used for the greater good, and not to spy on the users. Would be nice if here in Canada, they’d open-source their contact-tracing apps, once released.