1/4: When I installed the service Vic app on June 4 (when it became compulsory) the splash screen told me "Your personal details always stay on your phone," which is not true: your check-in details are uploaded to a central database immediately when you check in. #Vicpol @OVIC_AU
2/4: Now (surprise, surprise!) we're debating further access to that database, which never had to be built in the first place. Aotearoa/NZ and the UK have 'automated diary'-style apps in which your check-in data does stay on your phone, with notification to the affected person.
3/4: I even wrote up an idea for the best of both worlds, in which local personal data storage could be combined with automatic notification to govt if you'd visited an exposure site. github.com/AusOpenTech/Au…
4/4: IMHO access by Vic police with a warrant for investigating serious crime is the least of the concerns for this database. Unauthorised access by organised crime, abusive partners, foreign spy agencies, etc, is a greater risk - one we won't have the luxury of "debating."

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Vanessa Teague

Vanessa Teague Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @VTeagueAus

24 Nov 20
1/5: Remember how @ElectionsACT didn't need to make their source code openly available for public scrutiny because it was going through an "audit and certification process"?

They published the votes on Friday and it is immediately evident that the counting code has bugs.
#ACTpol
2/5: Andrew Conway implemented the count & found notable discrepancies with the official tallies - more than 20 votes in some cases. Our report is at github.com/SiliconEconome…

None of these bugs change the winners. They could have, but this year - by sheer good luck - they didn't.
3/5: You can check Andrew's code for yourself, of course:
github.com/SiliconEconome…

PRs welcome.
Read 5 tweets
8 May 20
1/11: A comparison on the state of CovidApp transparency in Aus, the UK and Singapore.

Singapore released app and server code weeks ago.

Aus & the UK released app code, and no server code, within the last 24 hours.

#CovidSafeApp @chrisculnane @rgmerk @noneuclideangrl @1Br0wn
2/11: Singapore & the UK have released whitepapers explaining their crypto and assumptions. The UK's is by @NCSC's Ian Levy: ncsc.gov.uk/files/NHS-app-…
In both cases, there are some things I disagree with, but I respect the authors for putting the details out for review.
3/11: Singapore rotates encrypted IDs every 15 mins.
Aus #CovidsafeApp rotates them every 2 hours.
The UK's app keeps the same one all day. The explanation is that this can helpfully nudge people about how much close contact they've had.
Read 11 tweets
28 Apr 20
1/11: Why there are there two almost-opposite technical threads here, one saying "#covidsafeapp gathers so much LESS data than anything else on your phone," and another saying "this app gathers info that no other app on your phone collects"? The answer is that they're both true.
2/11: It's true that #covidsafepp doesn't do any of the usual nasties, e.g. GPS tracking or microphone surveillance. However, it builds an infrastructure for gathering a completely new kind of mass data: fine-grained detail about who was how close to whom, when.
3/11: Just as #covid19 is a new virus that will probably be with us forever, physical proximity data is a new form of data gathering whose implications will be lasting, and which we are only beginning to understand.
Read 11 tweets
17 Apr 20
1/7: Hang on a minute, I have misunderstood something important. In my blog post I wrote of Tracetogether "Whenever you're within Bluetooth range of a person, you send them your ID, encrypted with the public key of the Singaporean authorities."
Is that what everyone else thought?
2/7: But their whitepaper actually says: "TempIDs are cryp-tographically generated by the backend service."
bluetrace.io/static/bluetra…
Those encrypted IDs you send out all the time are AES encryptions, generated for you by a central server, using a key you don't know.
3/7: The public-key-based system I thought they were using is described as an alternative that isn't implemented because of its computational burden. They add that this allows health authority monitoring by "logging the issuance of daily batches of TempIDs." Daily is a key word.
Read 7 tweets
15 Apr 20
1/6: OK, let's think of a list of specific questions - I'll start with whether "What is being proposed is no different than our existing health surveillance system." In our current system, a health official asks an infected person for a list of people & places they've been near.
2/6: Some obvious differences:
- When relying on human memory, you might forget. Automation should be better.
- When relying on human memory, you can choose to omit certain people or places. Will Australia's app have that option, or will it be all-or-nothing?
#covid19australia
3/6:
- Human memory cannot usually be compelled (at least not in countries like Aus), but data can be compulsorily acquired, e.g. under TOLA. Will TOLA, and other laws about compulsory phone-opening, be amended to carve out contact data stored on your phone by the app? #auspol
Read 6 tweets
12 Mar 19
Analysis with @SarahJamieLewis and Olivier Pereira of the SwissPost-Scytl e-voting system. people.eng.unimelb.edu.au/vjteague/Swiss… The code uses a trapdoor commitment scheme, so it is possible for an authority to provide a proof of a correct election outcome while actually manipulating votes.
This is exactly what verifiability is meant to prevent. They say they have now fixed it, but without an open public process for examining the code, we can't be sure whether other similar issues remain, or whether other Internet voting systems such as NSW iVote are also affected.
Nothing in our analysis suggests this problem was introduced deliberately. It is entirely consistent with a naive implementation of a complex cryptographic protocol by well-intentioned people who lacked a full understanding of its security assumptions & other important details.
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(