First look at Apple/Google contact tracing framework:— Moxie Marlinspike (@moxie) April 10, 2020
1) Once a day, your device derives a new key ("daily tracing key").
2) It uses that to derive a new "proximity ID" every time your device's bluetooth address changes (15min), which is broadcast to nearby BT sensors.
Login to comment
3) Your device keeps track of all "proximity IDs" it sees.— Moxie Marlinspike (@moxie) April 10, 2020
4) If someone tests positive, they choose to publish their (previously secretly) "daily tracing keys."
5) Your device frequently DLs all published daily tracing keys and KDFs to see if they match recorded proximity IDs.
While I suspect these tools will be framed as 'voluntary / opt-in' -- they will eventually become compulsory once policymakers begin to rely on them in order to decide, for example, who can leave the house or who can return to work -- setting an incredibly dangerous precedent.— ashkan soltani (@ashk4n) April 10, 2020
In Europe, officials, doctors and engineers look at how smartphones could be enlisted in the war against the spread of the #coronavirus, but can this be done without intrusive surveillance and access to a wealth of private information? https://t.co/P6Hfm8s6RA pic.twitter.com/5aj63ad75U— AFP news agency (@AFP) April 5, 2020
I really welcome the proportionate API moves, and the fact the proposed A-G collaborative protocol is decentralised is good. But going forward societies and communities need to have much more say in what gets put in operating systems, and how they can refuse it. https://t.co/zYPGm1IJiZ— Michael Veale (@mikarv) April 11, 2020
Apple and Google are partnering on technology for smartphones that will alert users if they’ve come into contact with a person with Covid-19 (but could be useful later for HIV, Ebola and other diseases). People must opt in and “privacy advocates” may fight this. https://t.co/CJgnqM1K8m— Khanoisseur ???♂️? (@Khanoisseur) April 10, 2020
Second caveat is that it seems likely location data would have to be combined with what the device framework gives you.— Moxie Marlinspike (@moxie) April 10, 2020
Published keys are 16 bytes, one for each day. If moderate numbers of smartphone users are infected in any given week, that's 100s of MBs for all phones to DL.
combine that with a dataset that does include a person's movements, purchases, etc, and things still get pretty revealing pretty quickly. but hey, it's not like *checks notes* apple or google have other sources of information about you https://t.co/fPWJ6CtGlT pic.twitter.com/qyzMx4I98f— Lindsey Barrett (@LAM_Barrett) April 10, 2020
It seems that the Apple/Google solution has the same privacy problem as other proximity tracers: it’s anonymous as long as you are not positive. Moreover it’ll most likely be linked to geoloc data+risk of linking to adtech+possibility of proximity “pranks” https://t.co/uCa3obpozX https://t.co/ccXP0OfFcL— Casilli (@AntonioCasilli) April 11, 2020
This is a common misconception about what’s happening. Google and Apple aren’t jointly releasing a contact tracing app. They’re creating an API that public health apps can use.— Casey Newton (@CaseyNewton) April 10, 2020
Which means you still need to figure out a way to get people to download a 3rd party app. Very hard. https://t.co/FyJWooR2wW
Apple & Google are both going to add OS-level APIs to enable contact tracing apps that use Bluetooth LE to track whoever you’ve been close to that later tests positive for #COVID19. This is the only way we can get back to normal until vaccine but still ?https://t.co/RWVqhnSjWx pic.twitter.com/Y1ehBOWFh6— Dare Obasanjo (@Carnage4Life) April 10, 2020
Note also that the infected person themselves has to report their status to the apps.— Jane Lytvynenko ??♀️??♀️??♀️ (@JaneLytv) April 10, 2020
According to the BBC, Trump is expected to endorse this partnership during the press conference today.
- Google: https://t.co/jnhm41V3H0
- Apple: https://t.co/NpHJUvidXH
Last point for now: 80 percent of the commentary you read about this today is going to be about the privacy implications. But before we even get there, we need to talk more about why people think that Bluetooth-based contact tracing is an effective way of tracking exposures.— Casey Newton (@CaseyNewton) April 10, 2020
Apple and Google are partnering together to help get a contact tracing apparatus off the ground in an effort to battle the pandemic.— Neil Cybart (@neilcybart) April 10, 2020
Contact tracing has been positioned as a tool for navigating the next ~18 months until a vaccine becomes available.https://t.co/d5x11DWwGh pic.twitter.com/p3SuwwE3Y6
Is there anything in the Apple/Google API to stop me from pretending I tested positive to troll everyone my phone passed on the street?— Casey Newton (@CaseyNewton) April 10, 2020
They’ll never know who triggered the alert, right? Seems ripe for abuse.
Just today, I wrote about why Bluetooth-based contact tracing is a flawed solution.— Casey Newton (@CaseyNewton) April 10, 2020
- Hard to get population-wide adoption. Singapore managed to get 12%.
- BLE data collection is not granular to the level of 6 feet. Can lead to many false positives. https://t.co/b1Nb3aDb23
This is a very good summary of concerns about the Apple/Google Bluetooth contact tracing system. I was musing about an identical system a few weeks ago and for these very reasons chose not to propose it publicly. Marketing this as "privacy-preserving" is problematic. https://t.co/BY0qkEMpRm— Michael Ossmann (@michaelossmann) April 11, 2020
Privacy analysis on decentralised apps changes when tracing apps track globally, and are not interoperable instances managed by different organisations/government entities but global infrastructure. Not sufficient to analyse protocol only and here you start seeing the difference. https://t.co/Ph6W9PzYLo— SedaG (@sedyst) April 11, 2020
i usually don't RT threads to debunk them but this one is particularly bad and dumb— Chris Beiser (@ctbeiser) April 11, 2020
point one is about a decrease in privacy.
if I have coronavirus, allowing the last three days of my bluetooth presence to be correlated together doesn't really sound like the worst. https://t.co/GUzPVe3EHN
Bluetooth signals traverse walls, linking you to your neighbor even if you've never actually been in actual physical contact (for example, in an apartment building).— ashkan soltani (@ashk4n) April 10, 2020
Not to mention the "prank" aspect of being able to light up everyone you've been near's devices with "you've been exposed to covid" (without them knowing you're the culprit) at any time, without some kind of pretty heavy manual ID/result verification at the moment of reporting.— Moxie Marlinspike (@moxie) April 10, 2020
BREAKING: New infrastructure for contract tracing is coming to our phones using Bluetooth.— Andy Slavitt @ ? (@ASlavitt) April 10, 2020
Strong privacy protections— but I hope EVERYONE opts in for one another. This is time to pull together in new ways.
Thank you to @Apple & @Google https://t.co/kZ9Lv8TNT1
If anyone can anonymously blast up keys, they can create a situation where there's GBs of data for all devices in the world to retrieve and compute. There would likely need to be some kind of rate limiting on a combination of stable IDs (phone number, IP, etc) to prevent it.— Moxie Marlinspike (@moxie) April 10, 2020
All that aside, these APIs are novel in terms of what becomes possible from the app layer.— Moxie Marlinspike (@moxie) April 10, 2020
I'm not super optimistic about opt-in contact tracing becoming a major factor, but I do kind of anticipate that someone will end up using this for some other interesting thing.
So first obvious caveat is that this is "private" (or at least not worse than BTLE), *until* the moment you test positive.— Moxie Marlinspike (@moxie) April 10, 2020
At that point all of your BTLE mac addrs over the previous period become linkable. Why do they change to begin with? Because tracking is already a problem.
This is the best news I've heard in awhile. We need to ramp up testing dramatically but testing needs to be paired with contact tracing. Google and Apple are teaming up to automate this process by embedding technology in their smart phone apps. https://t.co/40oqzzk8mY— Judd Legum (@JuddLegum) April 10, 2020
Major news from Apple and Google: The companies have partnered to add Covid-19 contact tracing to iOS and Android so your phone can notify you if you’ve come into contact with a person who has tested positive. Frameworks for public health apps in May, deeper OS integration later.— Mark Gurman (@markgurman) April 10, 2020
I am glad Apple and Google are moving forward in developing contract tracing technology to help public health. What it will look like will need to be seen. But we may need to exchange a little piece privacy for great good of public health. #COVID19 https://t.co/mBatSjo86l— Eric Feigl-Ding (@DrEricDing) April 10, 2020
Apple & Google teaming up to trace everyone who could potentially have coronavirus is another science fiction plot made real. This is all "opt in" but how long does that last? What privacy looks like in post-pandemic world is unimaginable to me right now. https://t.co/cXCoKqorDW pic.twitter.com/bz5iNKi3C8— Kashmir Hill (@kashhill) April 10, 2020
I feel like the crypto in the COVID tracing apps is so simple that it doesn’t need much explanation. But I also see plenty of people nervous about the privacy these things provide. Is it worth explaining?— Matthew Green (@matthew_d_green) April 10, 2020
I keep seeing references to a 60% usage rate to make contact tracing effective. Is that a real number? How would we get there? Let's assume that at least a third of the country won't participate bc of range of objections, from well-founded to tinfoil-hat-wearing. https://t.co/ffRRNhhzIp— Peter Kafka (@pkafka) April 10, 2020
Kudos to @Apple and @Google for cooperating on contact tracing to help curb infections. But they are not actually building an app, just making it possible. I wish the companies were making the app and auto-installing it. People would still have to opt in, but usage would rise. pic.twitter.com/uHX3msX6ke— Walt Mossberg (@waltmossberg) April 10, 2020
I share a lot of the skepticism about contact tracing, but the adoption part I think could be surprisingly easy. If you tell people the only way they can see their parents, go to church, eat at a restaurant, etc. is to download an app, they'll do it. https://t.co/CATqyemFzo— Kevin Roose (@kevinroose) April 10, 2020
Great analysis from Moxie on the Apple/Google COVID-19 privacy-oriented tracing framework. B/c testing positive and reporting it releases to all devices keys associated with you, a Bluetooth-snarfer (run by ad-tech firms) in a given space could reconstruct your identity. https://t.co/bRf8KwsYGI— Glenn Fleishman (@GlennF) April 10, 2020
Third caveat is that it seems likely some kind of PII would have to be combined with what the device framework gives you.— Moxie Marlinspike (@moxie) April 10, 2020
Keys published by a device have to then be in turn "published" to *all* devices in the world. That's a major DoS vector!
Looking forward to Apple v. FBI round 2: COVID-positive edition.— Matthew Green (@matthew_d_green) April 10, 2020
That's phase 2 of the project. It will be eventually pre-installed at an OS level on Android and iOS.— Matthew Panzarino (@panzer) April 10, 2020
Contact tracing is important— Zephyr Teachout (@ZephyrTeachout) April 10, 2020
Basic questions: Have Google and Apple committed to destroying all health information gathered and not using it for any advertising purposes? What oversight provisions is the gov putting in place so contact tracing info isn't used for targeting ads? https://t.co/ru093m2UoW
That seems untenable. So to be usable, published keys would likely need to be delivered in a more 'targeted' way, which probably means... location data.— Moxie Marlinspike (@moxie) April 10, 2020
I mean, you could do ad hoc stuff so that anyone who wants to see an NFL game in person needs to opt-in, and I guess the NFL could run that? Etc. But that's not getting you to real contact tracing.— Peter Kafka (@pkafka) April 10, 2020
"To bully governments into adopting privacy-invasive, discriminatory, and ineffective surveillance measures under the cloak of coronavirus-fighting app, Google and Apple are working on implementing OS-level proximity tracing. Tim Cook and I are dangerous political adventurists." https://t.co/2mOeLOh6Gn— Casilli (@AntonioCasilli) April 10, 2020
FINALLY: a bluetooth based decentralized framework for digital contract tracing by Apple & Google— ప్రదీప్ రెడ్డి / Pradeep Reddy (@raamana_) April 10, 2020
I expected NSA/CIA to step up early-on with their massive abilities and infra to track and map the #COVID19 spread precisely but nothing so far!https://t.co/WOd9nyPicz @Techmeme pic.twitter.com/klUhOmt6WH
My deep dive into the privacy implications of Apple & Google’s new partnership for privacy-protecting COVID-19 contact tracing, including lots of detail on how it works & compares to Apple’s Find My. https://t.co/WzKiVvTxVc @tidbits pic.twitter.com/IWprYZEJ2T— Glenn Fleishman (@GlennF) April 10, 2020
What's after flattening the curve? Next comes massive #COVID19 testing & contact tracing. Apple & Google announced a Bluetooth LE based contact tracing platform. Phase I in May is an API then Phase 2 is opt-in tracking with anonymous keys for IOS/Android. https://t.co/9B63FeRHA1 pic.twitter.com/DE94H4oBuT— @RobertLufkinMD (@robertlufkinmd) April 10, 2020
@SenatorDurbin #YesS386 block ENTERS 4⃣5⃣ th day to review 3 minor simple edits! he deliberately calls major changes! No, they are not!— PASS S386 ON FACTS (@Chandra19990036) April 11, 2020
Learn how tech powered by LEGAL IMMIGRANTS in GOOGLE and APPLE is helping control Coronavirus in USA! https://t.co/BIlU3VNxd3#ILsen #ILpol https://t.co/WiAYsIGaQG pic.twitter.com/UY8YOkGBx3
11/ Another new thing: @Apple & @Google are jointly (!) building apps to track folks who crossed your path, facilitating Covid contact tracing (Figs). It’ll be op-in, which should lower creepiness factor. Could be v. useful, but only if folks trust/use app https://t.co/J4zsW1GIYs pic.twitter.com/zYMJn4BRoO— Bob Wachter (@Bob_Wachter) April 11, 2020
This is HUGE.— Alex Whitcomb (@AlexWhitcomb) April 10, 2020
This Apple/Google system would keep extensive data on phones that have been in close proximity, giving public health officials a voluntary contact-tracing network and alerting you if you were in contact with someone infected with Covid-19.https://t.co/AFXhh86RUU
Here's how Apple and Google will enable Bluetooth-based Covid-19 contact tracing on your phone. https://t.co/dpbSpPnsMX Not a perfect system in terms of detection or, depending on implementation, privacy. But it could be an important part of the effort to get back to normalcy.— Andy Greenberg (@a_greenberg) April 10, 2020
There's no perfect way to protect privacy while electronic contact tracing. But the Apple + Google proposal—opt in, bluetooth, data stored locally for people who haven't tested positive—strikes a good balance, imo. Discussing soon on @CBSThisMorning https://t.co/AWTqAEm7ZO— nxthompson (@nxthompson) April 11, 2020
This could be done with Holochain:— Marcus Newton (@themarcusnewton) April 11, 2020
- Device appends signed position data / bt IDs to local chain at a given frequency
- Upon testing positive, user chooses to publish local chain to DHT, along with signed confirmation from testing facility as to likely duration of infection https://t.co/IvgSB0PyC4
Relevante Fragen an globales Contact Tracing á la Apple/Google vom Initiator der @signalapp .— Anne Roth (@annalist) April 11, 2020
"I'm not super optimistic about opt-in contact tracing becoming a major factor, but I do kind of anticipate that someone will end up using this for some other interesting thing." https://t.co/3sOyz6zb7x
Login to comment
Login to comment
Login to comment
Login to comment
Login to comment