|
|
|
|
|
|
by chvid
2242 days ago
|
|
|
For example (from the paper) in a decentralised approach how would you protect against: The targeted false alerts problem Assume an attacker wishes to target a particular user and cause them to self-isolate. They can get sufficiently close to the target to create a proximity event that will score as high risk. If the attacker self-decalres symptoms, in the process submitting this contact event, the target will be notified to self-isolate The mass notification problem Consider a malicious user, who can collect broadcast identities from around a particular area, such as a hospital, and record them all. They can register a malicious pseudo-device and generate realistic-looking but entirely fake contact events for all the BroadcastValues it has observed. |
|
|
You require, for example, a registered healthcare provider to approve the act of marking yourself as symptomatic. Which basically means that you can't mark yourself as symptomatic unless a doctor agrees/diagnoses you, which is a good idea anyway, given the amount of people who are like "my flu in december must have been COVID".