Problems with the government’s coronavirus contact tracing app on Android phones could leave them open to being tracked for days.
Jim Mussared, the software developer who discovered the bugs, says they’re easily fixed.
“All this started because I wanted to explain to my friends why they should install the app,” he told AAP.
“If you’re in any way in a vulnerable situation for which long-term, multi-day device tracking could be a major threat, do not install the app,” he said.
Update on COVIDSafe analysis. Two serious Android issues, reported in as many ways I can find. Also, the iPhone app likely works in the background in most scenarios, despite claims to the contrary (there has been some misunderstanding of how it works).
— Jim Mussared (@jim_mussared) April 29, 2020
However his recommendation would be for most people with Android phones to install the software.
For iPhones, he says while the problems that open up potential tracking aren’t there, COVIDSafe doesn’t reliably work unless the app is actively in use.
His advice is similar to that given by WESNET, an organisation that offers technology safety advice for domestic violence victims.
It says people whose abusers have sophisticated technical abilities should think about their specific personal circumstances before downloading the app, and suggests if they do install it, they should consider leaving their phone behind during any meetings they might want to keep secret.
The first issue Mr Mussared found in the Android app relates to the way an anonymous ID is requested from the server every two hours and could result in a phone being allocated the same identifier for days on end.
A second, similar problem relates to unique information Android phones send out even if the temporary ID changes.
He’s also found two other issues about information the phone sends that he believes should be disclosed in the privacy policy.
He discussed the bugs with the government agency in charge of the COVIDSafe app on Monday, more than a week after he first found and reported them.
“I just want this app fixed. I haven’t slept for eight days, right, I’ve worked tirelessly to get attention to these issues,” he said.
“I’m not out there to try and facilitate people doing creepy things.”
Health minister Greg Hunt says some five million Australians have downloaded the app, about a third of the adult population it is urging to do so.
“I’m delighted that Australia is now passed five million downloads and registrations of the COVIDSafe app,” he said.
“A technology sector leader said to me yesterday that it took Facebook 10 months globally to achieve their first one million users.
“Australians together have in less than 10 days achieved five million downloads and registrations. And that’s an extraordinary achievement.”
-with AAP
The post Coronavirus app tracking problems identified with Android appeared first on The New Daily.
**Business and Marketing support on best price; Hit the link now----> http://bit.ly/2HsQmSi