
Apple and Google Covid-19 Contact Tracing - paulbrittain
https://paulbrittain.net/covid19-contact-tracing/
======
olliej
First issue is "Private until you test positive" is incorrect.

The broadcast identifiers roll with the BT MAC addresses, assuming your device
is sane enough to do that rolling, so you can't go from a diagnosis key to a
specific device. The diagnosis keys also don't provide a mechanism that allows
you to determine the device - going forward or back from the published ones.
The protocol does not include any identifying information - the _only_ thing
that can associated day keys with a specific device is the diagnosis key
server, and that doesn't have access to actual contact info, so can't build up
anything from that.

Secondly there's the permanent tracking infrastructure: this API and the
associated crypto by design do not include sufficient info for tracking.

I think the problem here is that people keep reading the Google simplification
(that imo is slightly misleading), instead of the actual protocol and
cryptographic specifications provided by Apple. The latter of which explicitly
spells out the privacy compromises from a person who publishes their diagnosis
keys.

------
joshlk
This is a blessing and a curse.

It will create a president and soften public opinion on tracking people.

BUT the current positives are immense. If implemented well the most of the
economy could be up and running again while keeping corona under controle like
South Korea.

So overall I think it’s a positive.

~~~
mr_spothawk
would it still be a positive if the president-cum-dictator used this tool or
some descendant of it to track & trace political opponents across the country
before jailing/murdering them?

------
pleddy
It's over already

