Google and Apple partnership for Contact Tracing


#21

I have my location spoofed on my android phone, it thinks I’m on the Isle of Man (cool name, why not?). I turned off Bluetooth and cell tower location in the settings, so when I open maps or the weather app I have to tell it specifically the location I’m searching for. Think that ought to be enough? Or would they go through the effort of forcing fine location tracking?


#22

There’s no way to guarantee security or privacy with a blackbox phone. It just depends on how determined “they” are. You can turn anything off in the settings that you like but if the manufacturer (Google or Apple) is determined, it can be that that only turns off the notification icon.

*** If *** you can trust the manufacturer at least a little bit then, as I understand it, it will be sufficient to turn off Bluetooth (which I normally have turned off, except when needed, simply in order to save power).

The exact answer could depend on which country you are in i.e. the coronavirus virus software (malware) may be specified differently by different governments.

:+1:

I’m not expecting the coronavirus virus to be created for Linux phones anyway. Government only knows about Google and Apple, at least when it suits them. A Windows phone is probably safe too. :slight_smile:


#23

It’s supposed to not use any location data. Here’s how it’s supposed to work. But unless we can see the source code, compile it ourselves, and install it ourselves, I have no reason to trust that this is how it works given Google’s manipulative and deceptive behavior.


It’s supposed to broadcast a random ID every so often, listen for other nearby IDs, and store them locally on the device. If you’re diagnosed with COVID-19, you can consent to upload your IDs and alert anyone who’s been near you.
Even if it actually behaves this way, this is still another point of vulnerability. It seems you still have to download an application of some kind to make use of it (as what they’re installing seems to be an API). First party proprietary applications can be expected to be uploading a record of all proximity events constantly, as could a government-mandated app. Malicious applications could send an “I GOT THE VIRUS RUN” signal without your knowledge or lie to you about receiving or not receiving such a signal. All of these apps might force bluetooth to turn on. We don’t have any source code now, so the risks will change as more information becomes available.

And by the way, and I hope I’m not to late on this, but it might be in our best interests for NOBODY affiliated with Purism to comment on this until the pandemic blows over (if that ever happens). I don’t want them to have to deal with or succumb to pressure from reporters/governments for refusing to add this to PureOS.


#24

Maybe not directly access location data, but in this context, what good is knowing who’s infected without knowing where they are? I’m pretty positive location data will be shared (read: “stolen”) as a result of this functionality.


#25

They don’t have to know where you are. The way it is supposed or presumed to work is roughly:

  • You receive a notification that: “A person to whom you have been in proximity for a period of 15 minutes or more within the relevant timeframe has tested positive for COVID. It is strongly recommended that you run off and get yourself tested.
  • You go off and get tested. If you test negative then the process ends (for you, for now). If you test positive then the process recurses, with you and your recorded list of contacts in place of the original person and that person’s recorded list of contacts.

#26

If the application goes on the phone without consent of the phone owner, then the owner’s rights have been violated. Google and Apple seem to have forgotten who owns the phone. Time to get a Librem 5.


#27

I would love to but …

(presumably by the time I get mine, it will be too late)


#28

have they ? :lying_face:

this whole thread gives me westworld season 3 conspiracy vibes … it’s so refreshing to wake up to this every morning …

"bring yourself online ! enter diagnostic mode … turn your emotional affect at a minimum ! "


#29

Oh I see the intent now. On the surface that makes sense, but I can’t say I trust the powers that be to not turn this into a convenient covid-tracking mechanism. It would be almost a real-time tracking of the spread, and there aren’t many people who wouldn’t buy that as a good reason to collect location data.


#30

Nor I. They have spent the last almost 20 years earning our distrust. Nuff said.


#31

In an ideal world, yes. Not in the one where we are living. Google is pushing this via their Play Services and it’s just an API upgrade - reported to be opt in. There is nothing criminal in it. It’s one of the basic functions of the Play Services to push new features without informing the user. Happily they don’t include it in AOSP so most of us aren’t affected.


#32

no way. with the tech existing today they could gather far more than they’ve gathered up until this point … never let a good crisis go to waste and all that …


#33

The Linux Gamer talks about this over on LBRY. It is a good video.

My fear is that people are being trained to give up their privacy “for a good reason”. Politicians will always have a “good reason”.


#34

couldn’t resist the Power Rangers meme :slight_smile:


#35

Meanwhile in EU, GDPR and “privacy by design” are at least thought about (no word on the end result though):


#36

Thank you, you and Kieran appear to be the only two in this entire thread who have actually read the spec before commenting, and/or who actually understand what they’re commenting on. I suggest the others do the same before making fools of themselves on a public forum.

And for those concerned with the closed nature of the apps: on Android, at least, it’s perfectly possible to grab the source of an FOSS app off of Github, verify the source code to ensure it does nothing malicious, compile it locally, and install your own freshly baked binaries onto your phone. So what’s stopping you from installing one of the multitude of FOSS apps that will surely pop up? I’d be concerned if the government would mandate the use of any particular app. But that’s going to be pretty hard to enforce, because it would imply mandatory smartphone ownership. Either way, that’s an issue between you and your government, not between you and Google or Apple.

Not sure how sideloading self-compiled FOSS works on Apple. But let’s be realistic here: at least they have a better privacy track record than the company that’s first and foremost an advertising company, with a supporting search engine and mobile phone OS. So I wouldn’t worry too much if the logo on my phone would be a piece of fruit instead of a 60’s sci-fi robot.

All the ignorant paranoia surrounding this is getting silly. While I may not agree with some or even most of the other things those companies do, at least this time they’re answering a very real public need, while doing their best to balance it with the need for privacy. I’m sure they didn’t come up with this scheme. This scheme probably originated in academia. But at least they chose the correct solution this time rather than e.g. keeping track of Bluetooth Addresses, broadcasting personally identifiable data, or force-enabling collection of location data at all times.

You know what the alternative is? Leaving it up to local governments to put some inept juniors on it who’ll mess it up with total disregard for privacy and incompetent coding practices. Google and Apple are nipping that in the bud. And you lot are too stubborn to realise that this time, Google is actually trying to safeguard your privacy for once. Do you want governments to step in with their half-assed attempts? Do you want to lose your privacy? Because behaving like this is how you lose your privacy.


#37

I read the spec. I don’t consider the spec to be adequate. If the spec were adequate, you could implement it yourself and your implementation would be compatible with Google’s and with Apple’s. It doesn’t look to me that this would be the case. I’ve read a lot of RFCs. I know what it takes for an RFC to work. Even well-written RFCs have some gaps and those gaps sometimes cause interoperability problems.

One thing that was opaque to me is how the contacts are turned into useful information. That is, someone with whom you had contact tests positive. The government uses that person’s Bluetooth-discovered contact list with that person’s permission. The government needs to call you. At what point is your phone number made available? and via what mechanism? Is any other personal information made available? (Anecdotally, your approximate age is made available but again it is unspecified where and how that occurs.)

Another major area that is unspecified is what happens on the server side. How is information used? How long is it kept for? Who has access to it? How is it protected?

As a thought experiment: X is dutifully running the contact tracing app. X does not have COVID, nor does X have contact with anyone who does. X is charged with a serious crime. X presents an alibi that is inconsistent with the possibility that X committed the crime. Contact tracing data would show unambiguously that X is lying about that alibi. Indeed, contact tracing data would show that X was very much in the right place at the right time to commit the crime.

Question: Will the government be able to resist the temptation to use contact tracing data? (either from X’s phone or from another person’s phone where relevant)

Are there any 100% rock solid legislated protections to prevent that anyone ever ever ever will be able to access contact tracing data for any purpose except dealing with tracing COVID contacts during this pandemic? Doesn’t matter if X has gunned down 50 people / is a pedo / is planning a major terrorist attack.


#38

Well, I did say I don’t like to stick my head out.

I made this thread to catalog things to watch out for, and there certainly are things to watch out for. My intent is not to frighten, but to caution people to have a complete picture before using it. Because I find it all too easy to make the system work to try and trace the spread of ideas instead of a virus.
That, I believe, is wrong, and that’s reason enough to keep it off my phone, until I know more.

For brevity’s sake I’ll call whatever it is they’re putting on your phone the Google/Apple Contact Tracing.
As of this moment, we don’t have the source code for the GACT and, because the binaries will be automatically installed, there’s no motivation for Apple or Google to release the source code or let you use binaries that were actually compiled from what source code they do release.
I’m not sure that there will be free, open source apps that use the GACT. Here it says that “Recognized public health agencies” (you know, those guys with a total disregard for privacy and incompetent coding practices) “would then use these APIs” (possibly after paying for them) “to build digital contact tracing apps, with some development help from Google and Apple”, and that seems to preclude independent developers. In fact, to insist that governments not force the apps upon citizens, they’d probably make governments agree not to, in order to get the GACT source code they’d need. I guess I don’t know if anything prevents a government from open sourcing their app, but I don’t think Google would approve, since it would mean a malicious app could easily be forked from it (and possibly, less sales). Of course, that doesn’t stop governments from forking malicious apps from apps they made, or banning the use of a GACT app they didn’t make.

Honestly, I can’t begin to even speculate about what exactly is going to come out of Play Services. Supposedly one would still need to download an app to “start contact tracing”, so why install anything at all? All this supposed ability to opt out seems incongruous with loading it onto everyone’s phone without asking. And if they’re going to force it on everyone, why is it not a complete app? (The only thing I can think of is more sales of the APIs this way).

Then there’s the matter of need. There are of course tons of authority figures saying we need it, but I don’t know if it will actually go far enough to make a difference if it works as advertised. And do we really need it on our phones forever? Well, supposedly that won’t be the case, but as the article says, details about exactly which software features will go away and what qualifies as the “end of the pandemic” still need to be explained.
(and by the way, where does Blumenthal get off saying something like that when he’s sponsoring the almost-certainly-privacy-destroying EARN-IT Act!?)


#39

they always do, that’s the key to their success.


#40

okay … to me you sound as if you have some proof that they did NOT do that already …

um NO. even if we are speculating or in some cases exercising our RIGHT to deduce things this has been only free-speech so far … no need to call names like “behaving” YET because this isn’t BEHAVIOR but more like an attitude …

and by the way, except the media, i haven’t seen a SINGLE VETTED coroners report that a deceased person has died DUE to this virus in this time frame … the cause of death remains undetermined until some actual proof is presented by trustworthy people in a form that we can audit ourselves …

until then i’ll keep BOTH my doubt AND distance (just in case) … but let’s please not speak as if everything has been determined to be TRUTH …