Hacker News new | ask | show | jobs
by 0xBeefFed 2249 days ago
The difference is that the old system relied on human memory which is fallible, not to mention you can omit details which would lead to further trouble (infidelities for one). In this system the only control a user has is to turn off bluetooth, or leave their phone at home if Apple/Google override the users ability to turn this off.
2 comments
skybrian 2249 days ago
I think it's up to you to upload the data? It seems like it depends how the app is designed. The protocol doesn't specify it.
link
0xBeefFed 2249 days ago
The protocol states that it will upload the Diagnosis Keys, a set of Daily Tracing Keys relevant to your exposure. So in short, if this is the case it forces the user to either upload all their keys or none.

I would like to note that a v1.1 has recently been released, my information is about v1.0.

link
Reelin 2248 days ago
The specification (at least v1.1) contains nothing about uploading keys. The API appears to provide only the minimum required for protocol implementation.

The ENSelfExposureInfoRequest class can be used by an app to obtain diagnosis keys for the previous 14 days. What an app does with those keys is up to whoever implements it.

https://covid19-static.cdn-apple.com/applications/covid19/cu...

link
0xBeefFed 2248 days ago
That does not seem to line up with their cryptography specification, which is where I am getting my information from. Thank you for mentioning this
link
gruez 2248 days ago
I thought only the DTKs are uploaded? That is, you can censor your activity on a day-to-day basis but not on an hourly basis.
link
closeparen 2249 days ago
Under what circumstances do you think it would be okay for an infected person to hide their contacts? Surely you’re not valuing your marriage over the lives that will be lost in the resulting spread?
link
0xBeefFed 2249 days ago
If a user is in close confinement with someone they fear will lash out at them if they test positive, for one. Off the top of my head, lets say you take an Uber home and the driver now has your home address, you don't know if they will try and attack you.

This is an example off the top of my head, as other comments in this thread have explained, violence against people who have the virus is happening around the world and is something that must be accounted for in these protocols.

Edit: a link to a story from another comment (https://www.washingtonpost.com/world/the_americas/coronaviru...). I hope you can see that this technology can worsen this.

link
closeparen 2248 days ago
The system doesn’t say who your affected contact is, only that you have one. The driver has no way of knowing it was you.
link
0xBeefFed 2248 days ago
If you have a Bluetooth receiver logging the different IDs you've come in proximity with and when, its easy to deduce who the positive user is by who you were in proximity of at that time.
link
burke 2248 days ago
This is why the Framework only reports matches with a very coarse granularity.
link
closeparen 2248 days ago
At what time? It could be any user you’ve been in contact with for two weeks.
link