/* ---- Google Analytics Code Below */

Friday, May 29, 2020

Steve Gibson on Why Contract Tracing Won't Work

I have inserted links below to this analysis of Apple/Google attempts at generalized software based tracking.   

See also related Bruce Schneier article:   https://www.schneier.com/blog/archives/2020/05/me_on_covad-19_.html   With considerable and often thoughtful discussion.

Steve Gibson  in Podcast:
Contact Tracing Apps R.I.P.    https://twit.tv/shows/security-now/episodes/768

https://www.grc.com/sn/SN-768-Notes.pdf

Software-based Contact Tracing is Doomed




Why? Academics who have modeled the system have determined that to be effective, 80% of all smartphone users would need to voluntarily opt-in to using the app... and that's never going to happen. As we saw, the instant the Apple/Google initiative was announced, both the non-technical and, sadly, the technical press went berserk over the privacy implications. Even highly technical individuals, who should have known better, spoke out with errant, frightening and unfounded warnings before they understood how the system worked. This podcast looked at the system’s technology carefully and understood exactly what and why the Apple/Google team had designed it as they did. We found that the API itself absolutely protects the user's privacy.  

But, in practice, that doesn't matter at all. For one thing, as we've discussed since, health officials really do have a need to collect real-time geographical location data as part of a workable system. Adding "where you were when it happened" would go a long way toward making up for a lack of pervasive use of an application. For example, if only a few people in a large gathering were app-enabled, and it was determined from the app that that was the most likely infection event, then a call could be put out for other non-app-enabled people who were also present at that event to take the necessary precautions.

As we noted previously, the importance of also knowing where, which Apple and Google scrupulously avoided using, has already occurred to the state of Utah, who has created a much more useful solution which is also -- necessarily -- much more invasive, even though it was thoughtfully designed with things like immediate user-deletion of all data and short-term self-expiring location data.

The simple truth is, a short-term sacrifice of privacy is required for spreading events to be located and managed. Even fully human-mediated contact tracing is, by definition, a short-term sacrifice of privacy. Someone whom you've never met and don't know anything about, needs to interview you to determine everything you're willing to share about where you've been, what you've done, and who you've been in contact with for the previous two weeks. Tell me that's not a massive imposition on one’s privacy. Of course it is. But that’s what’s necessary.

Google says that people are constantly clearing their web browser histories. And that's just cyber. Many people apparently really don't want anyone else to know where they've been and what they've been up to. At least when interviewed by a human contact tracer, someone can choose to “elide” anything they’re embarrassed to share. But you can't do that with an app. So how many people are going to voluntarily install what amounts to spyware?

As we well know, many people have an inherent mistrust of the government and its motives.
We've already seen people worrying that this might just be the start of more pervasive monitoring with statements like “If they are allowed to do this, they'll always want more and why would they ever want to stop?” and so forth.

So, no. It was a noble idea. I loved the cleverness of the technology. But it's clear that as a voluntary initiative it's never going to get off the ground. 

No comments: