Comments (9)
Hi All, thank you for this discussion. I believe our new "Security and Privacy Analysis" document might answer some of your questions. We hope this help.
from documents.
Yes of course the user could disable it at will (possibly inside limits mandated by public policies), but still I guess a very large chunk of users would end up broadcasting their IDs from their homes in late evenings, or from their workplaces during working hours.
from documents.
See #24
from documents.
To mitigate the risk of revealing location data of home address, people should deactivate bluetooth for the app while at home. I do not see a safe mechanism to automate this.
from documents.
@FroehlichMarcel Don't we all meet people while at home? Friends, relatives, visitors, neighbors, baby sitters, cleaning ladies, mailmen...
In the moderate social distancing scenario we are going to live in for the next months, most close contacts might happen inside or near homes (and the same reasoning applies to workplaces). Sacrificing them might mean losing a lot of possible contacts.
Interestingly enough, this would also be where a gps-based tracing would most likely fail.
from documents.
@inaitana Right. Still the assumption basic is that I use it because I want to trace, not because I have to.
So when I deactivate BT (to avoid skimming of my broadcasted IDs) then I do it because there is nothing to be tracked (e.g. over night). If the app provided a prominent switch and status, it could be helpful.
from documents.
Would it be possible to control the sending strength of the Bluetooth and lower it when at home?
Detecting that the user is at home could maybe be done with checking if connected with the home WiFi (the user could confirm that in the app) or GPS (user selected home on a map).
Negative results of this are:
The app has information about the user's home / geolocation.
To prevent the app holding pinpointed geolocated data, the app could download the housing data from the current city, region, province/state (download a level higher to add a little bit of anonymity) via OpenStreetMaps or something like that and then check if the user is inside a house.
A very complex way to mitigate the app knowing the user is in his home but still knowing it is in a home, all with the end result to lower the broadcast signal strength so malicious other can not record EphIDs while the user is at home.
from documents.
@danielbeeke Geodata is a no-no in this app. WLAN probably hard to avoid.
I am more concerned that the data can be linked by commercial data aggregators than by people walking down the street. Google and some more likely know your WLAN.
from documents.
Don't we all meet people while at home? Friends, relatives, visitors, neighbors, baby sitters, cleaning ladies, mailmen...
This is not my understanding of the term "social distancing" at all. Nobody should be coming over. Mailmen leaving packages out front, is a small, but necessary risk. Of course it's a spectrum of response, and as we make it past the various peaks, we should be considering how to gradually relax this.
More to your underlying point though... I agree that most contacts will be somewhat localized. Making the ability to remove yourself from isolation and probe specific locales seems worrisome to me.
from documents.
Related Issues (20)
- Was DP-3T Exposure Calculation.pdf Android only? HOT 1
- Stability of distance estimation in case of using a bluetooth Extender HOT 2
- [Public Engagement] Visual Explainer / Scrollytelling on Privacy Preserving Proximity Tracing
- Mistake in communicating how information is passed around, in CH implementations of the apps HOT 3
- Reproducibility of Figure 1 in "DP3T - Exposure Score Calculation.pdf" HOT 3
- Risk calculation when exposed to multiple infectors both for < 15 min. HOT 7
- Naive secret sharing would allow for "jamming" on a non-physical level
- Why did the SwissCovid team not disclose the existence of the LASEC report? HOT 15
- Add support for multiple epidemics HOT 1
- [DOCUMENTATION] FAQ on Apple/Google framework issues HOT 1
- App feature request: Show stored app data as visualization of contact events HOT 3
- Schedule for F-Droid (and/or direct download) release of the Android app HOT 3
- [DOCUMENTATION] Cartoon, Dutch version, one pager: wrong text in picture 6. HOT 1
- Smartwatch App - Market Analysis (WearOS, WatchOS, Fitbit OS and Garmin Watch OS) and way forward HOT 1
- Who controls the 0xFD68 Bluetooth UUID?
- Potential privacy issue of new Exposure Notifications Express? HOT 3
- Wrong text on panel 6 of the NL onepage graphic HOT 1
- Update French onepage translation HOT 2
- Would like to understand the time window for notification
- Question: Where can I find the BLE MAC randomization code in DP^3T?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from documents.