With Android and Play, figuring out device compatibility is somewhat of a black art. Which really just is a nice way for saying 'the whole Android ecosystem is one giant compatibility hack'.
Good to see that PEPP-PT is about to go up in flames by breaking central promises (privacy; anonymity) even before the project leaves the vaporware stage.
The thing that doesn’t seem obvious to many is: PEPP-PT & Co aren’t temporary solutions that will be shut down, once the crisis is over, because COVID-19 is not going to go away any time soon. Even if we were able to get <insert your country here> COVID-19 free within the next couple of months, there are lots of places with poor medical care (slums, refugee camps,…) all over the world where the virus can survive and from where it can be imported again at any time.
Contact tracing only makes sense at the point of time, the virus gets imported (not during the epidemic). Since we never know if/when that will happen, we also can’t de-install our tracing apps. In other words, we are looking at a long lasting privacy invasion. Hopefully, nobody is still as naive is to believe that during this time (we are talking decades at best till the virus can be eradicated worldwide), the system won’t be repurposed and abused.
Version 4.13 is vulnerable to a man in the middle attack during login. The security hole requires a targeted attack to exploit. The risk assessment is low. The attacker may capture the session cookie and the encrypted password. Upgrading to 4.14 is highly recommended.
Hm, looks like Google is trying to cash in on COVID-19 now. I really can’t think of any use for these mobility reports for disease control. The one for my region (backup), just to pick an example, says that there has been a 72% mobility drop compared to baseline for transit stations. Ok, there are about 493 train stations alone in Hesse, scattered across 21.114,94 km². So, how exactly is it going to help with COVID-19 planing to know that all of them combined are now seeing 2⁄3 less of an unknown number of people in a 24 hour period?
Of course, the raw data could probably be visualized differently, more precisely - e.g. for (paying) business customers.
What Google does here is using COVID-19 as a pretense to justify applying location data for different purposes than it was originally collected for and pitching a highly questionable, shelved product. So, for whom is “mobility trends” actually intended? I’d say banks and venture capitalists. This is pretty much an investors tool, but it also has military applications.
PSA for those, thinking that privacy shouldn’t matter all that much during the COVID-19 crisis:
On average, every infected person passes the virus on to 2 to 3 others. For your “victims” that spells 14 days home alone without sex. Plenty of downtime to ponder who’s responsible.
I keep telling people that infection tracking via smartphone (app) is a crackpot idea. But, hey, as Arthur C. Clarke puts it:
Any sufficiently advanced technology is indistinguishable from magic.
Computers are magic for most people, miracle cures are in high demand during any crisis and therefore politicians would like to believe nothing better than the “technology will (somehow) save us” mantra. All will be well if only we had an(y kind of an) app!
Well, there’s Pan-European Privacy-Preserving Proximity Tracing for example. It builds on an interesting idea: assign a unique number to every smartphone. Let the smartphone constantly broadcast that number to all other devices in the immediate vicinity via Bluetooth. Once a day, every phone then rings up a central server to ask if any of the numbers, it has “seen” in the past 14 days have been reported as “infected”. If so, the user is prompted to get tested and, in case of a positive result, to report his own number. It’s a nice, privacy aware protocol (no data beyond the number is required and you stay anonymous the whole time), but ultimately useless. Why? Simple: We are past the point of no return at which we could have eradicated the virus through strict quarantine. COVID19 is in the general populace, meaning it will spread till we either develop a vaccine or herd immunity. Eventually we will reach a level of endemic infection at which the next next ping will come shortly after any test we do. In other words, the app would be telling the I should act, at all times, as if I had contracted the virus. Coincidentally, that’s exactly the same thing, we are already suppose to do. The only difference being that we don’t have an app to drive us crazy with suspense at the moment.
Of course, PEPP-PT is not entirely pointless. It may not do much in terms of disease control, but at least, this way, politicians will get a relatively harmless Gris-gris that might keep them from buying from highly questionable firms such as Palantir.
Coming to think about it, we now have a shitton of spare time to kill on youtube, we just can’t afford to waste money on frivolous products any more. I really wonder how Corona will affect advertising.