Most who know of QR code’s likely assume they are purely a server of information or content. That’s how the QR code and usefulness was promoted when first introduced. There has never been a public campaign with a high profile suggesting they are a risk.
Do QR code Apps have a built in form of certification for the source of each code?
Can anyone create a code mosaic as they see fit and have the coded Apps accept the content without certification?
A QR code encodes arbitrary data. There is nothing intrinsic to a QR code that provides certification, or that prevents any person creating a QR code containing whatever content they want. (For example, it could be an offensive message rather than a URL. Or it could be an encrypted message and provide functionality like a spy dead drop.)
On the one hand, because a QR code encodes arbitrary data, it probably could incorporate certification. On the other hand, that would probably make the QR code too big and too unwieldy and too unreliable.
In its most common form, a QR code encodes a URL. A URL, if it uses a secure protocol (like https:), can in theory be certified but the only way of getting that certification is to access the URL and accessing the URL exposes your computer to whatever risks there are if the URL is malicious.
Until you scan a QR code to see what the payload is, you don’t know what it contains. Originally the payload was data, like an extended barcode. Now it will normally contain a URL link to a Web server.
So the risk is pretty much the same as following a link on an Email, or a Website, or an SMS. Do you trust it?
There is talk of switching to covid apps by Google or Apple. There is no way I’m letting Google nor Apple follow me around. They probably do already in ways we cannot know but let’s not make it worse.
The Google/Apple framework for contact tracing is actually better architected for privacy than what governments, state or federal, are offering right now.
The downside is that the G/A framework is not open source, so you only have their word for it that it behaves the way they say.
I would rather not have the government “follow me around” either - and, as with Google/Apple, they already have many ways of surveillance - this app just adds one more.
“Asked whether QR codes were necessary because of the ineffectiveness of COVIDSafe, Commissioner Stevens said the app had not proved as successful as traditional methods.”
Stopped using it way back. Its found 17 people. Pathetic. I really like contact tracing and in NSW now the government app makes it easy to check in to places. So they know where you’ve been. I dont go many places so no issue with that, for me.
And you’re not terrified at this? Just imagine the amount of data that is being collected by these government apps. Take the pandemic out of the picture for a moment, and think of the idea that to go out for dinner you have to advise the state or Commonwealth government where you are. Going shopping? Better scan in. Meeting someone new for a date? You’re both checking in at the same time, so…
We have given up so much personal privacy in the name of this pandemic. How much will we actually get back at the ‘end’? Assuming there is a defined ‘end’, of course - maybe we are just in a new ‘war on COVID-19’, like the ‘war on terror’ or the ‘war on drugs’. All means justified by the purported end.
It possibly isn’t the government apps, but the free for all Q-code reading apps. Using these apps your personal information may be shared far and wide and used for more than it’s intended purpose. It may be easier to use than the old paper and pen…but it is also very easy to share and use for purposes other than contact tracing when the apps are run by third parties…
It has found more than 17 people. 17 was the number of contacts in October 2020 where contacts were not identified by other means (the COVIDSafe app provided unique contact data not identified through human contact tracers). I haven’t heard of any updates since then.
Yes. Those ones bothered me. The government already has my info, I have a drivers licence, a house, a car, and I really don’t care if they know I had brunch with a friend last week, or went to the doctor.
‘According to a recent senate estimates hearing, CovidSafe has traced just 17 cases in NSW that might not have otherwise been found by human contact tracers.’
The 17 relates to the unique contacts not otherwise identified through human/manual contact tracing methods…and not the total number of contacts identified. The 17 has been widely misreported as being the total number of contacts the app has identified. What has been shown is the app has provided little benefit over traditional human contract tracing. I suppose if one of the 17 was found to have Covid, it may be a different matter though as the infected individual could have spread COVID unknowingly until getting tested, assuming symptoms were exhibited.
I haven’t seen it mentioned here yet, but Covidsafe was launched with the promise it wasn’t location tracking. Recently an update changed the app to require you to provide location services. The app states this is to provide area specific alerts such as new restrictions for the specific area you’re in. It’s stated that the data is not recorded or stored.
This seems like a poor way to do this imo. It further increases battery drain and decreases performance on older devices. Additionally I only chose to allow the app to access my approximate location, and now I get regular notifications saying the app is not working. I guess the app wont bluetooth trace if you don’t allow full location access.
Presuming the data isn’t stored as stated, why not use existing emergency broadcast systems such as SMSing all phones in range of a given tower, or routing through a particular ISP server?
My reading of the update. It is also to enable blue tooth data exchange to work reliably when in the background on Apple devices. The advice included. Not a requirement on Android as the same capability was enabled by default?
Where does that lead. If you were registering to go into a hospital ward and visit our mum before or over Xmas. There was a box to tick acknowledging you had COVIDSafe installed and would keep it active for the visit.
Just last week someone said to me “But they’ll be able to track people exposed using the federal COVID app”
which is not true. The app does not record date & time & place for the mobile phones it is on; it simply does a local Bluetooth communication at the time AND relies on the infected person (but possibly asymptomatic infected person) being ‘marked’ as infectious.
Even if the app used GPS (which it doesn’t) there is a big difference between an app saying “this location is in a current hot spot” to an app/system saying “back on such’n’such day and time you were in the vicinity of air breated out by a person while they were infectious”.
