Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
zerforschung Profile picture
@zerforschung
Jan 11, 2022 20 tweets 7 min read Read on X
Scrolly
Now let's move on to sports: the whole world is talking about the test certificates of a tennis player right now. #Djokovic

🧵 Thread 🧵
Novak Đoković is a serbian tennis player who recently entered Australia – without vaccination, but with two PCR test certificates.
A positive test result from December 16th and a negative test result from December 22nd. He is therefore considered to be recovered.
With this he got a special permit to enter the country unvaccinated – but this permit was then considered insufficient when he entered the country. In the meantime, however, a court has allowed him to enter australia.
In cooperation with @SPIEGEL_English, we took a look at the court documents and tried to understand the technical details. 🕵️
In Serbia PCR test results are managed through a central test result registry. After the test, you get a test certificate with a QR code. Scanning this will take you to the test registry website where you can validate the test. screenshot of a test certificate
However, the website itself contains only parts of the information of the paper certificate: The name of the person tested, the test result, and a test number.

So it is not possible to check when someone was tested with the help of the test result page. screenshot of the test result website
Because we like to look at URLs, we did the same in this case. 🔎

There is one exciting detail that stands out right away: There is a code in the URL that starts with a Unix timestamp. URL to the verification website of the December 22 test, wit
Unix timestamps are a standard to represent points in time. It is the number of seconds since 1/1/1970 at midnight. So the current time is: 1641903476, which is about 1.6 billion seconds since the beginning of "unix time".
The timestamp in the certificate URL (1640187792) can also be converted to a human-readable time. In the negative test of December 22nd the timestamp and the date in the test certificate match. URL to the verification website of the December 22 test, wit
For #Djokovic​s positive PCR test, which according to the court document was evaluated on December 16, the timestamp (1640524880) is from … 🥁 … December 26. Wait, that doesn't seem right 🤔 URL to the verification website of the December 16 test, wi
There is also a "confirmation code" on the test result page. We were able to find some more tests and found that the first part of this code is an ascending test ID and corresponds approximately to the number of PCR tests reported for Serbia at that time.
But something is wrong with #Djokovic​s positive PCR test result: the test ID of the positive test (7371999) from Dec. 16 is larger than that of the negative test from Dec. 22 (7320919). The test that was supposedly performed earlier was therefore entered into the system later 🤔
And also if we look at the test numbers reported by Serbia on ourworldindata.org/explorers/coro…, in period from 16/12 to 22/12 about 75,000 tests were performed - but the test IDs of #Djokovic differ only by 50,000. Table of the number of performed tests in serbia. Between th
This number fits much better if we believe the timestamp and assume 12/26 as the date of the positive test: Because between 12/22 and 12/26 about 50,000 tests were reported (ourworldindata.org/explorers/coro…) – thus fitting many to the documents at hand. Table of the performed tests in serbia between the 22nd of d
But there seems to be more wrong with these test results
And with that, we pass on to the weather. 🌤️
This thread is also available in german:
We have also posted this thread as a blog post: zerforschung.org/posts/djokovic…
On HackerNews someone gave a plausible explanation for the timestamps:
They are regenerated when you download the PDF with the result.

This explains the inconsistencies in the timestamps - but not in the confirmation codes - because they remain the same.

news.ycombinator.com/item?id=298948…
And the inconsistencies also exists in them. The confirmation codes are ascending, so the result from the 16th should have a lower number than the one from 22nd. However, it is the other way around.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with zerforschung

zerforschung Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @zerforschung

zerforschung Profile picture
Jun 19, 2023
The "Passe France Allemagne", free train tickets for young people from germany and france, were immediately sold out last week. But with a few tricks, you could still get one afterwards. How this was possible, and how we also found a databreach with 245,000 records… 🧵 Screenshot of the dashboard...
To celebrate the Franco-German Friendship, the german minister of transportation @Wissing and his french colleague @CBeaune came up with something special: 30,000 free Interrail tickets per country for travel in 🇩🇪 and 🇫🇷 for young adults between 18 and 27.
The tickets were quickly sold out - but those with a few technical skills could still get their hands on a pass after registration closed.
Read 7 tweets
zerforschung Profile picture
Jun 19, 2023
Die deutsch-französischen Freundschaftspässe, kostenlose Zugtickets für junge Menschen, waren letzte Woche sofort vergriffen. Mit technischen Tricks konnte man sich aber weiter registrieren. Wie genau, und wie wir außerdem ein Datenleck mit 245.000 Datensätzen gefunden haben… 🧵 Screenshot der eigentlich i...
Um die deutsch-französische Freundschaft zu feiern, haben sich Bundesverkehrsminister @Wissing und sein französischer Kollege @CBeaune etwas Besonderes ausgedacht:
Je Land 30.000 kostenlose Interrail-Tickets für Reisen in 🇩🇪 und 🇫🇷 für junge Erwachsene zwischen 18 und 27.
Die Tickets waren im Online-Portal schnell vergeben – doch wer ein paar technische Kenntnisse hatte, kam auch nach Ende der Registrierung noch an einen Pass.
Read 7 tweets
zerforschung Profile picture
Jul 18, 2022
Wir haben uns den Report zu TikTok genau durchgelesen: Das ist größtenteils Quatsch. Schauen wir uns die Behauptungen nacheinander an 🧵

0. Um den Report zu bewerben, sagt das Analyse-Unternehmen unter anderem: "TIKTOK IS NOT COMPATIBLE WITH OUR APPROACH TO PRIVACY". Ach tatsächlich? Um den Report zu bekommen, muss man Name, Telefonnummer und E-Mail-Adresse angeben. Spannender "approach to privacy"... 🤔 Downloadformular mit Abfrage von First Name, Email Address u
Damit eure Daten geschützt bleiben, könnt ihr den Report auch im Internet Archive mitlesen: archive.org/details/tik-to… #ServiceTweet
Read 22 tweets
zerforschung Profile picture
Jan 11, 2022
Kommen wir nun zum Sport: Die ganze Welt spricht gerade über die Testzertifikate eines Tennisspielers. #Djokovic

🧵 Thread 🧵
Es geht um Novak Đoković. Der ist kürzlich nach Australien eingereist. Ohne Impfung, dafür mit zwei PCR-Testzertifikaten.
Einem positiven Testergebnis vom 16. Dezember und einem negativen Testergebnis vom 22. Dezember. Er gilt demnach als Genesen.
Damit hat er eine Sondergenehmigung bekommen, um auch ungeimpft einreisen zu dürfen – die dann bei der Einreise aber als nicht ausreichend angesehen wurde.
Mittlerweile hat ein Gericht jedoch entschieden, dass er erstmal einreisen darf.
Read 20 tweets
zerforschung Profile picture
Oct 26, 2021
Manche haben Leichen im Keller - andere einen Datenabfluss.

Der Auftakt-Blogpost der Schul-App-Wochen (#BackToSchool) bei zerforschung: zerforschung.org/posts/scoolio/
scoolio hat inzwischen auch eine Pressemitteilung veröffentlicht: scoolio.de/ausbildungsmar…

Dazu ein paar Anmerkungen: 🧵
> Nach Hinweis des Hacker:innen-Kollektivs von Gorillas, Luca und CDU-App erweitert die Schüler-Community Scoolio ihre Sicherheitsfunktionen

Klarstellung: Wir gehören weder zu Gorillas, noch zu Luca und auf gar keinen Fall zur CDU.
Read 8 tweets
zerforschung Profile picture
Oct 21, 2021
Aus dem Lagebericht des @BSI_Bund ergibt sich, dass wir wohl ein Drittel der CVD-Fälle beim @certbund im Berichtszeitraum zu verantworten haben 😇

Danke für die gute Zusammenarbeit 🤝 Im Berichtszeitraum hat das BSI 25 von Externen gemeldete Co
@BSI_Bund @certbund This! Viele Unternehmen haben keinen klaren Security-Kontakt auf ihrer Website. Wir empfehlen allen Unternehmen, eine security.txt (securitytxt.org) bereitzustellen 🧑‍💻📧 Nach den Erfahrungen des BSI sind bislang wenige Hersteller
PSA vom @BSI_Bund: Nicht gehackt zu werden ist auch gut für den Fortbestand deines Unternehmens 📈🤠 Cyber-Sicherheit made in Germany Cyber-Sicherheit als Wettbe
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(