COVIDSafe app scepticism

phb · 5 May 2020 06:49

My understanding is the data is uploaded through the app. There is a button/function within the app to use when one is asked up upload their data. ,Unless a scammer can corrupt the installed app on a particular users phone, rewrite code to have it uploaded eslewhere or get the user to install another app to mine the data stored by the COVIDSafe app, it appears somewhat unlikely.

person · 5 May 2020 06:53

I try to stay with open source as far as is possible. I am being consistent.

And because of the government’s long history of hideous, privacy-unfriendly, trust-destroying pieces of legislation.

Trust, like respect, is earned. They lost it.

If the code is released.

Not if they had started it 6 weeks ago?

I understand that. I really do. I believe though that the framework would be in the operating system itself. So if you use an Android phone or an iPhone at all then you get the contact tracing framework whether you like it or not. The government app would then be on top of that but would basically need to do very little if anything - and it would be restricted to doing what the framework offers.

I don’t know that you can really make the distinction between, say, a Google app and using an Android phone. If you don’t trust Google then they will get your data one way or another.

person · 5 May 2020 06:55

I think so but I think you missed point. Scammer just sends a text to a random number.

Because people are expecting to receive such a text, it will get accepted more often than it otherwise would.

phb · 5 May 2020 07:10

Yes, but if the scammer asks for the data to be uploaded, it would go to the government database not that of the scammer. As the thread is about privacy for the COVIDSafe app, there would be no app privacy implications if one received a message from a scammer.

I understand that the scammer can ask one to to so a scam website etc, but this can occur with our without the app being installed or whether it is a government app or not. This occurs all the time and one needs to be as as much on guard with any messages from any strangers requesting any information or redirections to risky websites. It is not a reason to install the app…it could be a reason not to have a mobile or any form of communications with the outside world.

benhelps · 5 May 2020 07:29

Sadly to my mind, many out there may not recognise a scam SMS purporting to be a system message regarding the COVID safe app. Indeed look how many out there bought into the +20km fake COVID safe notification SMS someone crafted to make some point.

And truthfully/hopefully, very few will ever get such a legit notification.

mark_m · 5 May 2020 12:13

An update on Apple and Googles efforts. Timeline not stated.

This appears to reconfirm that logging contacts relies only on blue tooth. It also appears the proposal is not a complete solution. Each user nation still needs to build their own App based on the underlying Apple and Google solution.

Interestingly
Apple and Google also said they will allow only one app per country to use the new contact system, to avoid fragmentation and encourage wider adoption.

The companies said they would support countries that opt for a state or regional approach, however, and that US states will be allowed to use the system.

P.S.
A previous article by ZDNet said
That’s why Apple and Google’s partnership to develop a tracing-friendly API has been labelled as “exposure notification” apps instead.

Being notified that you visited a site after another person has been found to be infected implies the use of location tracking using GPS.

postulative · 6 May 2020 01:27

No, it is a Bluetooth solution still. It does not have any central store, or need for one - but it does rely upon self-reporting and so people can still play silly buggers.

phb · 6 May 2020 01:43

Yes, is concerning as anyone could decide to report, even if they don’t have an infection, causing panic within the community. I wouldn’t be surprised if ‘terriorists’ or ‘scammers’ use the app to create terror bringing its downfall.

Others may have say a cold…or just a running nose or sore throat, not get tested but then report on the off chance they might have COVID-19. Having uncontrolled reporting is setting it up to fail.

This is a major problem and relies on everyone using it to be trustworthy, honest and knowing when to report…

Drop_Bear · 6 May 2020 02:30

More on the bill:

A view from the US (not our COVIDSafe, but similar issues):

Contact tracing — monitoring people who’ve come into contact with those diagnosed with COVID-19 — will be a key facet to containing the coronavirus. Apple and Google are developing an opt-in contact tracing system that will work through smartphones.

“There is a risk that this pandemic becomes a slippery slope that encourages more monitoring of the population for other purposes,” says Neil Abernethy, a biomedical informatics professor at the University of Washington. “Researchers and policy-makers alike should work with the public to identify which conditions are acceptable for the use of such information.”

Americans are about evenly divided on whether they think it’s OK for the government to use cellphones to track people who have contracted COVID-19, according to the Pew Research survey. The Northeastern, Harvard and Rutgers researchers found similar results from their survey.

If widespread coronavirus tracking comes to pass, whether that tracking promotes public health while minimally infringing on civil liberties may hinge on a country’s leaders encouraging robust and free public debate — not stifling it.

This topic seems to have become something of a religious war. Not surprising, given that there’s another topic devoted to the righteousness of installing the app.

petejr · 6 May 2020 02:41

As I see it the privacy issue is a non-issue because any person with a smart phone has already surrendered more privacy than the COVIDSafe app will threaten.
So it’s a question of supporting the Government’s intention in spite of the app’s shortcomings. For example people with earlier versions of Android can’t install the app. So it’s typically a floundering bureaucratic exercise on the part of the Government, but, even if it’s not as effective as hoped it could still save lives and for this fact alone I have downloaded it. Importantly, had we had this tool at the outset with all the glitches fixed
then there’s the distinct possibility that the infection rate could have been reduced, and that is the most important reason for downloading the app now, so that the lessons learnt can be applied to COVID-20 or COVID-21 or whatever comes next, as it surely will.

Drop_Bear · 6 May 2020 02:45

In principle, all things are possible. In practice, not all things are equally probable. All of the technical analyses that I’ve seen so far indicate that the app is unlikely to be a substantial benefit.

To quote from the Conversation article linked above:

petejr · 6 May 2020 02:52

I feel it’s too early to tell but it’s like everything else - a gamble - but in this case with nothing to lose and a lot to gain. If there is no benefit then we’ll know next time.

Drop_Bear · 6 May 2020 02:55

I guess we’ll just have to agree to disagree on whether we have nothing to lose or if there’s substantial potential for gains.

petejr · 6 May 2020 02:55

I’m not in favour of diminishing privacy protections either but we have to be realistic and weigh the pro’s and con’s.

PhilT · 6 May 2020 02:56

Never dismiss the symbolic importance of doing something, second only to the importance of being seen to be doing something. The efficacy of what is being done is a distant third in an electorates / societies value system.

Beyond symbolism and ‘rally the population’ if there is another benefit that is great. Pundits poking holes 24 x 7 in 100% of everything cause people to have less hope for the future and is a self defeating ‘occupation’. To many it is an occupation they are for some reason proud of since they have the ‘inside track’ to reality of programs, be they bad, terrible, indifferent, or worse.

Drop_Bear · 6 May 2020 02:59

I guess it depends on our perception of the relative weights.

We must do something. This is something, therefore we must do it.

PhilT · 6 May 2020 02:59

Not quite, we must be seen to be doing something. Sometimes it can be palatable to do nothing while being seen to do something, so that can be the right thing to do. Sometimes. It is akin to cheer leading. Even a footy team sometimes responds and rises to an occasion in the face of all odds and wins a game, or at least loses less badly.

petejr · 6 May 2020 03:01

You’re putting words in my mouth. We have already lost more than the app is likely to take away and we don’t know about the size of the gains because they could be anything.

person · 6 May 2020 03:54

Let me explain it this way:

with the Australian government’s app, if you have been near someone who subsequently tests positive, you will receive a text message advising you of that and presumably encouraging follow-up action (e.g. very likely: getting tested yourself)
with the Apple-Google contact tracing framework, in the same scenario, the app itself gives you that message

The text message in the former case can easily be forged. The message from the app in the latter case is much more difficult to forge.

It is certainly true that “bogus text message” is not a new scam - that has been happening for years. However the Australian government’s app - inherent in its (poor) design - increases both the likelihood of bogus text messages being sent and the likelihood of bogus text messages succeeding in their malicious intent.

Drop_Bear · 6 May 2020 04:16

Have we?

As has been pointed out repeatedly, there’s a high probability that:

the app will perform poorly or not at all;
if the app can be made to work, it will be of little value.

Join the conversation

Ask a question. Share tips. Help others.

Make yourself heard

Join our forum and be part of Australia’s biggest consumer movement.

COVIDSafe app scepticism