Will you download the contact tracing app?

Shefwedfan

murpho999 wrote: »

The data is all stored on your phone only, this has been well documented and flagged.

What are people worried about here?

Not really

https://covidtracker.gov.ie/privacy-and-data

You can share data which means the app has the ability, one hackers breaks in and boom they have all the data they need. No harm but I doubt the HSE are top of the security ratings....would be interesting what number they got in last security assessment or have they ever had one done at all?

Shefwedfan

Shefwedfan wrote: »

Not really

https://covidtracker.gov.ie/privacy-and-data

You can share data which means the app has the ability, one hackers breaks in and boom they have all the data they need. No harm but I doubt the HSE are top of the security ratings....would be interesting what number they got in last security assessment or have they ever had one done at all?

This is the equivalent of what any hacker will get

6345dggr245422dxggdsd74334chd3c4c. Completely random, with no identifying information whatsoever.

timmy_mallet

murpho999 wrote: »

Because then anybody can change it.

Also I don't think Apple allow open source, not sure about Google.

Plenty of info can be found here.

They can only change the code if the maintainer (HSE) accepts a change, and deploys that change to the app store, and you download the update.

Gooey Looey

Shefwedfan wrote: »

Not really

https://covidtracker.gov.ie/privacy-and-data

You can share data which means the app has the ability, one hackers breaks in and boom they have all the data they need. No harm but I doubt the HSE are top of the security ratings....would be interesting what number they got in last security assessment or have they ever had one done at all?

You've no need for this thread then, unless you're just here to wind people up

GarIT

Shefwedfan wrote: »

Not really

https://covidtracker.gov.ie/privacy-and-data

You can share data which means the app has the ability, one hackers breaks in and boom they have all the data they need. No harm but I doubt the HSE are top of the security ratings....would be interesting what number they got in last security assessment or have they ever had one done at all?

Hackers can't break into an app, it's not a sci-fi movie. For anything like that to happen you would have to download the app from a fake website outside of the app store.

Lockheed

Anyone that voted no probably should not/ does not own a smart phone. You're constantly tracked everywhere anyway, at least do your duty for your country and download the app

GarIT

timmy_mallet wrote: »

They can only change the code if the maintainer (HSE) accepts a change, and deploys that change to the app store, and you download the update.

https://youtu.be/E42B8iwsrPU

timmy_mallet

murpho999 wrote: »

Because then anybody can change it.

Also I don't think Apple allow open source, not sure about Google.

Plenty of info can be found here.

Goolge have vast amounts of open-source projects.

Angular, a very popular JS framework which hundreds of apps you have used are running on is one.

React Native which the HSE app is built on, and maintained by Facebook, is open source.
https://github.com/facebook/react-native

Sardonicat

GooglePlus wrote: »

Well obviously not or we'd have 600k+ people with a waste of space on their phone.

So why are people stating on here over and over that all the data is stored on your phone?

GarIT

timmy_mallet wrote: »

Goolge have vast amounts of open-source projects.

Angular, a very popular JS framework which hundreds of apps you have used are running on is one.

Facebook, which maintain React Native which the HSE app is built on, is open source.
https://github.com/facebook/react-native

When you're trying to get something done in 3 months you'd spend more time reviewing others code than you actually would working on getting the app released.

r93kaey5p2izun

This is probably a stupid question, but in terms of the bluetooth signal and being identified as a close contact of someone tests positive - my next door neighbour's bluetooth devices are all visible to me in my home and I presume it's the same for them with ours. Could the app identify us as close contacts, and vice versa, if one of us tests positive, with us doing no more than sitting next door to each other?

theballz

I find the people who are most concerned re: security and the ones who know the least about it.

GarIT

Gideon Juicy Soil wrote: »

This is probably a stupid question, but in terms of the bluetooth signal and being identified as a close contact of someone tests positive - my next door neighbour's bluetooth devices are all visible to me in my home and I presume it's the same for them with ours. Could the app identify us as close contacts, and vice versa, if one of us tests positive, with us doing no more than sitting next door to each other?

A close contact depends on signal strength. A wall will reduce signal strength by 50%. If you both had your phone either side of the same point in the same wall then yes.

If you both left them on a stand in the hall up against the shared wall then maybe but it's unlikely.

theballz

Shefwedfan wrote: »

Not really

https://covidtracker.gov.ie/privacy-and-data

You can share data which means the app has the ability, one hackers breaks in and boom they have all the data they need. No harm but I doubt the HSE are top of the security ratings....would be interesting what number they got in last security assessment or have they ever had one done at all?

Example number 1.

GarIT

Sardonicat wrote: »

So why are people stating on here over and over that all the data is stored on your phone?

All the non optional data is stored on your phone except for the device IDs of positive cases.

The optional data, such as the symptoms check in is stored by the HSE. For statistics gathering purpose, so they can see where lots of people have symptoms and prepare for a cluster there.

timmy_mallet

GarIT wrote: »

When you're trying to get something done in 3 months you'd spend more time reviewing others code than you actually would working on getting the app released.

Looking at the repos and the infra diagram, feels like a template of sorts.

Only see 2 contributors, I guess the are the ones who made the public GitHub repos and merged some PRs, rather than the engineers etc. behind the scenes.

https://github.com/HSEIreland/covid-tracker-infra

timmy_mallet

theballz wrote: »

I find the people who are most concerned re: security and the ones who know the least about it.

Don't tell them that it's Jeff Bezos collecting the $$$s from our Government for hosting the infrastructure!!

Van.Bosch

GarIT wrote: »

A close contact depends on signal strength. A wall will reduce signal strength by 50%. If you both had your phone either side of the same point in the same wall then yes.

If you both left them on a stand in the hall up against the shared wall then maybe but it's unlikely.

And only if one of you tested positive or someone positive visited one house.

whisky_galore

theballz wrote: »

I find the people who are most concerned re: security and the ones who know the least about it.

The ones who document every earth stopping moment of their lives and every fart their kid emits online.

timmy_mallet

GarIT wrote: »

All the non optional data is stored on your phone except for the device IDs of positive cases.

The optional data, such as the symptoms check in is stored by the HSE. For statistics gathering purpose, so they can see where lots of people have symptoms and prepare for a cluster there.

And there is always a deleteAllData() (which i gave up on, but looks like it's a method to remove all Exposure data from your device) if someone is really concerned with it living on yer phone.

https://github.com/HSEIreland/covid-tracker-app/blob/44da0f76c1bff75b81e2118cc81b109768187cc6/providers/exposure.tsx#L236

hetuzozaho

timmy_mallet wrote: »

Looking at the repos and the infra diagram, feels like a template of sorts.

Only see 2 contributors, I guess the are the ones who made the public GitHub repos and merged some PRs, rather than the engineers etc. behind the scenes.

https://github.com/HSEIreland/covid-tracker-infra

Yeah it's just one commit to make the code they worked on available by the looks of it. No link to it being the code being built.

timmy_mallet

hetuzozaho wrote: »

Yeah it's just one commit to make the code they worked on available by the looks of it. No link to it being the code being built.

sendAllToBillGates_GerogeSoros() not there, you might be right.

wadacrack

https://twitter.com/FergalBowers/status/1280589881488617472

GooglePlus

Sardonicat wrote: »

So why are people stating on here over and over that all the data is stored on your phone?

You're just misunderstanding or haven't read what people are saying.

All the data pulled in from your phone via Bluetooth is stored on your phone only until you decide to share it with the HSE and if you do so, it will then be sent to them and if you send it to them, it obviously has to be stored somewhere. You can't read data without it being stored somewhere.

circadian

Getting frustrated with the in increasing levels of ignorance on this subject.

Sardonicat

GooglePlus wrote: »

You're just misunderstanding or haven't read what people are saying.

All the data pulled in from your phone via Bluetooth is stored on your phone only until you decide to share it with the HSE and if you do so, it will then be sent to them and if you send it to them, it obviously has to be stored somewhere. You can't read data without it being stored somewhere.

But if you don't share the data with the HSE you may as well have no app?

GooglePlus

Sardonicat wrote: »

But if you don't share the data with the HSE you may as well have no app?

Not at all.

If you don't share data with the HSE, you can still be informed by them that you have potentially been exposed by someone with Covid-19.

Sardonicat

GooglePlus wrote: »

Not at all.

If you don't share data with the HSE, you can still be informed by them that you have potentially been exposed by someone with Covid-19.

Please bare with me, I'm exceptionally ignorant on these matters.

How do the HSE get that information without tracking my device? Where I've been, who I've been in contact with? The information has to be identifiable at some stage along the line in order for a notification to be received, surely?

kippy

circadian wrote: »

Getting frustrated with the in increasing levels of ignorance on this subject.

Remember, people are idiots until they prove you wrong.
I find this makes it easier to accept it.

mickdw

Is there a requirement to have proof of a positive test before you can hit the button on the app?
If not, its a joke as you will get messers hitting the button and terrorising people who will receive contact messages.