Will you download the contact tracing app?

prunudo

Sorry if this has been answered already but trying to catch up since earlier.
If you get a notification to say you've been in contact with someone who has since tested positive, will it say where or when you did?
Or is it just a simple, someone you've been in contact with in the last 14 days is positive so now you must self isolate and get tested.

MrMusician18

El Weirdo wrote: »

You're not even letting "the government" know your location. If you have been in close contact with someone who later tests positive, then you can choose whether to let the HSE have the minimal information stored on your phone.

Sorry, yes, that's how it works. For breviary I said minimal information on location, but it doesn't share your location at all, only Bluetooth IDs you've been in contact with and only if you test positive and obviously agree to sharing that data.

Bridge93

What is there possibly on the app to not like the look of? Its 4 tabs, one with up to date stats, one with info of what to do if you have symptoms, one to check in and one to share the app. It couldnt be more benign. The real truth is you were never going to keep it on your phone but needed the attention that comes with a dumb statement

Privacy concerns is at least a legitimate angle to be looked into and wary of. Not liking the look of it is laughable

ixoy

KyussB wrote: »

It only comes from people devoid of the most basic critical thinking.

And most thinking would say, "Hmm rather than worrry about a potential possibility of an exploit that hasn't been proven in any feasible capacity, I'll take that low low risk and install an app that could help save lives."

seamus

Decent little app. Clear and straightforward info.

Doesn't ask for very much in the way of access to the phone, which is essential to build trust.

Fears about privacy are overblown. Most of the other apps on your phone are gathering a lot more data than this is.

Kerry25x

Downloaded it there. Is it necessary to leave Bluetooth on all the time? I normally leave location on anyway but I'd have Bluetooth off most of the time because my phone battery isn't great.

GarIT

prunudo wrote: »

Sorry if this has been answered already but trying to catch up since earlier.
If you get a notification to say you've been in contact with someone who has since tested positive, will it say where or when you did?
Or is it just a simple, someone you've been in contact with in the last 14 days is positive so now you must self isolate and get tested.

It's anonymous, people wouldn't use it otherwise.

GarIT

Kerry25x wrote: »

Downloaded it there. Is it necessary to leave Bluetooth on all the time? I normally leave location on anyway but I'd have Bluetooth off most of the time because my phone battery isn't great.

Yes it is necessary to leave Bluetooth on. Bluetooth does not affect battery life in the last at least 3 but maybe longer years.

KyussB

MrMusician18 wrote: »

So you're happy to allow private companies the keys to your privacy so they can sell you stuff, yet are unhappy to let the Irish government use minimal information your location for the purposes of protecting public health?

You haven't read any of my posts if you think I have an issue with the government collecting the information the app does.

circadian

Bridge93 wrote: »

What is there possibly on the app to not like the look of? Its 4 tabs, one with up to date stats, one with info of what to do if you have symptoms, one to check in and one to share the app. It couldnt be more benign. The real truth is you were never going to keep it on your phone but needed the attention that comes with a dumb statement

Privacy concerns is at least a legitimate angle to be looked into and wary of. Not liking the look of it is laughable

That wasn't as nearly as dumb as an earlier statement.

ExMachina1000 wrote: »

I have made the choice not to download the app.

Just heard both Michael Martin and Stephen Donnelly speaking on covid and other related issues.

Varadkar and Harris did it better

GarIT

KyussB wrote: »

You haven't read any of my posts if you think I have an issue with the government collecting the information the app does.

Why would we read information from an empty headed idiot when there is lots of good info available?

prunudo

GarIT wrote: »

It's anonymous, people wouldn't use it otherwise.

So it won't even break it down to say, it was 6 days ago between 10-11am.

circadian

circadian wrote: »

What didn't you like about it? Care to provide a review of your experience?

seamus

Kerry25x wrote: »

Downloaded it there. Is it necessary to leave Bluetooth on all the time? I normally leave location on anyway but I'd have Bluetooth off most of the time because my phone battery isn't great.

It defeats the point a little bit, but the app stills works as an information source without bluetooth.

Bluetooth would generally be the least power hungry. Apps using background data and GPS tend to be the biggest battery hogs. Social media are your usual culprits.

plodder

GarIT wrote: »

And/or WiFi.

True, your device's MAC address is typically fixed for all time. It's much easier to obtain device addresses from open wifi networks than it is to track people using this technology.

Kerry25x

GarIT wrote: »

Yes it is necessary to leave Bluetooth on. Bluetooth does not affect battery life in the last at least 3 but maybe longer years.

Everyday is a school day.

Thanks, I'll leave it on so.

enda1

Why is it Irish only? Why haven't they released it internationally for us who will be coming to Ireland shortly? Seems a strange oversight...

(Apple iOS at least, no idea for Android)

MrMusician18

KyussB wrote: »

It's not spurious at all, I have even been able to link to a disclosure of exactly the kind of security vulnerability I've been taking issue with (separate to the one I've sussed) - which, while disputed, is similar and would be worse and is classed at the maximum severity rating.

The existence of other prevalent tracking means, doesn't make a new one any less severe...


I, more than any other poster on the forum, was pointing out the insanity of the governments approach to the coronavirus - and that we should have shut down the airports far sooner - and that we should have locked down far sooner.

So spare me the 'public health' shite - this app only helps when the cats already been let out of the bag due to negligent policymaking - and the government have specifically cited civil liberties as the reason for such negligence.

Well spare us your 'civil liberties' shite, because you had your mind made up on this long before it was released.

If you are going to point out the insanity in government public health policy, well we're going to point out the insanity in your stance - happy to share private information with companies to sell you stuff, who do not have your best interests at heart, yet refusing to share and worse make the case against others participating in a collective public health initiative, whish has been developed for the common good.

You are no better than an anti-vaxer tbh.

GarIT

prunudo wrote: »

So it won't even break it down to say, it was 6 days ago between 10-11am.

No, just 'within the last 14 days' nothing more.

KyussB

ixoy wrote: »

And most thinking would say, "Hmm rather than worrry about a potential possibility of an exploit that hasn't been proven in any feasible capacity, I'll take that low low risk and install an app that could help save lives."

Anyone with any familiarty with software/programming, knows that with brand new frameworks like the exposure API, the risk of exploits is high, not low - and should further judge the risk as high due to existing vulnerability disclosures for the framework used, and that there does not appear to be protection against detecting unique id switchovers.

What you've described isn't critical thinking - it's assuming - despite evidence to the contrary.

prunudo

GarIT wrote: »

No, just 'within the last 14 days' nothing more.

I see, thanks for clearing that up.

MrMusician18

KyussB wrote: »

Anyone with any familiarty with software/programming, knows that with brand new frameworks like the exposure API, the risk of exploits is high, not low - and should further judge the risk as high due to existing vulnerability disclosures for the framework used, and that there does not appear to be protection against detecting unique id switchovers.

What you've described isn't critical thinking - it's assuming - despite evidence to the contrary.

When Google, apple or Microsoft update their wide ranging apis, how long do you wait to update? 10, 15 or 20 years?

Amazing you are able to post on boards on WAP these days...

plodder

KyussB wrote: »

Anyone with any familiarty with software/programming, knows that with brand new frameworks like the exposure API, the risk of exploits is high, not low - and should further judge the risk as high due to existing vulnerability disclosures for the framework used, and that there does not appear to be protection against detecting unique id switchovers.

What you've described isn't critical thinking - it's assuming - despite evidence to the contrary.

You were pontificating about this before you knew anything about it. You're just a sh!t stirrer.

GarIT

KyussB wrote: »

Anyone with any familiarty with software/programming, knows that with brand new frameworks like the exposure API, the risk of exploits is high, not low - and should further judge the risk as high due to existing vulnerability disclosures for the framework used, and that there does not appear to be protection against detecting unique id switchovers.

What you've described isn't critical thinking - it's assuming - despite evidence to the contrary.

If an exploit is discovered what could be found. If the exploit is on the HSE side they already release the data publicly every 2 hours. If the exploit is on the phone side they can find a list of random IDs that you have been near. What's that going to do?

KyussB

plodder wrote: »

True, your device's MAC address is typically fixed for all time. It's much easier to obtain device addresses from open wifi networks than it is to track people using this technology.

This isn't enitrely true for more recent phone OS's, that's starting to become randomized more - and I think the exposure API does bluetooth MAC randomization.

ixoy

KyussB wrote: »

What you've described isn't critical thinking - it's assuming - despite evidence to the contrary.

And don't you think the benefits of this outweigh the risk? It literally could save lives rather than your hypothetical scenario.

SimonTemplar

GarIT wrote: »

It doesn't use location.

I agree on the second point.

I have location and bluetooth enabled. I opened the app and then disabled location but left bluetooth on. I then got a message from the app saying "Exposure Notifications are off" and that I need to enable location to use this feature.

However, I also note that the Contact Tracing is showing as active in the app itself. So perhaps only part of the functionality doesn't work when location is disabled.

seamus

Showing about 350,000 downloads now. Good to see the engagement so high. 25% was the figure thrown around in May. We're already at least at 10%.

Irish people are a whole lot more civil-minded than we give ourselves credit for. The fact that it requires you to basically do nothing also helps

In New Zealand the app originally required you to "check in" to places that you had been in order to track movements. Nice idea, but I couldn't see it working here.

KyussB

KyussB wrote: »

The point is, you were citing 'highly experience engineers' as if they are infallible - yet the entire software industry is proof that no matter how good the engineers are, there are always security vulnerabilities - neatly dismissing your point.

Don't have any apps on your phone at all? Never use google maps?

KyussB

MrMusician18 wrote: »

Well spare us your 'civil liberties' shite, because you had your mind made up on this long before it was released.

If you are going to point out the insanity in government public health policy, well we're going to point out the insanity in your stance - happy to share private information with companies to sell you stuff, who do not have your best interests at heart, yet refusing to share and worse make the case against others participating in a collective public health initiative, whish has been developed for the common good.

You are no better than an anti-vaxer tbh.

Where did I say I was happy to share private information with companies? Where is the 'insanity' in pointing out a very likely privacy breach? Where did I say I'm against a tracking app?

A simple solution is: Fix the privacy breaches. That is probably as simple as changing the UID with far higher frequency.

You are the person in denial of evidence here, so spare me the anti-vaxxer shite - I've provided direct evidence of a disputed security breach in the API used, in addition to the likely flaw I've discussed.