Tag: privacy

  • Watching Your iPhone Work to Protect You from Covid-19

    Much has been written about the Apple + Google Covid-19 Exposure Notification framework. This is the software that is now part of Android and iOS (13.5+) and powers Covid-19 detection apps for Android and iPhone like COVID Alert (much of Canada), COVIDWISE (Virginia) and dozens of other jurisdictions around the world .

    I’m in Ontario and use COVID Alert on my iPhone 8 Plus. The apps are fantastic pieces of work from the Canadian Digital Service and its private sector partners Shopify and BlackBerry. That said, I have always wished for more feedback from the app itself. Something that gives me a sense of it actually working. I’m the first to admit that this isn’t a rational need. When you open COVID Alert here is what you see:


    Great! You’re active! But what does that mean?

    I’m grateful that no exposure has been detected! But the app doesn’t look like it’s doing anything. I know that that’s not the case. I know that it is doing stuff but that’s because I’m a nerd and because the Canadian Digital Service maintains the source for both the Android and iPhone COVID Alert apps on GitHub .

    But how can I see it actually doing stuff?

    Well here’s one way. Both iPhone and Android allow you to see a log showing each time COVID Alert has downloaded a list of exposures from the COVID Alert server.

    On iPhone you can see the log in Settings -> Exposure Notifications -> Exposure Logging Status -> Exposure Checks .

    What I believe this means is that in that one Exposure Check done at 10:09am ET COVID Alert downloaded 246 Tracing Keys (“device IDs”) of devices that had had a positive Covid-19 test reported over the past 14 days. It also determined that my iPhone did not get close enough to any of those phones, for a long enough period of time, to warrant me getting a Covid-19 test. It’s pretty cool to see the app at work.

    What else could it do?

    I would also love the app to help me understand:

    1. How risky is my current behaviour?
      How many devices did my phone see in the past 24 hours? How many rolling proximity identifiers (RPIDs) did my phone log? I know that you are not supposed to be able to derive a Tracing Key from an RPID, but could the system run a function over a set of RPIDs and estimate the number of unique Tracing Keys they represent?
    2. How effective is the app at warning people about potential exposure?
      We had 625 new cases of Covid-19 reported yesterday in Ontario. How does that compare to the 246 Tracing Keys my phone received? Do the time frames line up? Can I compare them? What’s the effective penetration of the app?

    Closing thoughts

    You can’t tech your way out of a policy or political problem. That said, I strongly agree with the what Apple, Google, and the Government of Canada have done here. If the policy decision is to continue to deploy these decentralized, anonymous exposure notification applications on a voluntary basis then we need to keep looking for ways to make them more effective and more compelling to download and use. Sharing more useful information with people could be a way to get more people to use the app and better inform public health authorities on what to do next.

  • Apple backs down, restores ability to sync contacts & calendar without an iCloud account

    Back in October I noticed that, with the release of Mavericks, Apple removed the ability to sync your Contacts and Calendar directly between your Mac and iPhone or iPad. Instead, they forced you to use iCloud, and upload and store your information in iCloud.

    I was a bit peeved at this; so were other people. I didn’t think that I should have to share my Contacts with Apple just to move them between two pieces of hardware that I own.  Especially since I had never had to do so in the past.

    Anyway, in OS X 10.9.3, it looks like Apple restored the ability to sync your Contacts and Calendar directly between your Mac and your iPhone or iPad.

    image

    You’re welcome, internet.

  • Shame

    Dear Facebook: You are either evil or dumb. You broke our deal.

    I could accept you pushing me to make things public, and share my information with developers. Why? Because I could control what you said to whom. My Facebook profile was still my own. I could pick my friends, group them, and determine who saw what.

    It was a decent bargain: you gave me a friction-free way to keep in touch with my friends and I gave you some data that you could use to target me discreetly.

    You just broke that bargain. And not only with me, but with my parents and friends who won’t even know it. They won’t understand that when they convert their Likes, Interests, Education and Work information it will all become public. And they will get burned. This is the new malware.

    Sic transit, baby.

    How to Delete Facebook Applications – and Why you Should – from ReadWriteWeb.