It’s a hack. Nobody seems to spell that out in the media coverage about it. Yes it works some of the time, but only under very specific circumstances.
Someone needs to tell it straight. It doesn’t work, we should just use the platform provided apis and be done with it.
Edit: this is an excellent summary of what’s wrong with the Australian app:
That ticket is incredibly damning of the Australian Government.
Highly-skilled technologists and cryptographers volunteer significant amounts of time in the hope critical digital infrastructure can be improved and everything is basically dismissed.
Since it is open source and uses a very common tech stack, it is easy to check and understand for as many people as possible that it is well-crafted and does not contain any obvious security vulnerabilities or backdoors. This makes it very trustworthy from an IT-persons point of view, and should in minimize the number of unsettled people who don't install the application on their handsets since they mistrust the government.
Well-known public instances like the CCC (German IT-Security NGO) did a review on the app and gave it a good testimonial - even on mass media like public television. The government and the involved third-parties like Deutsche Telekom and SAP did a lot to emphasize that there is no harm to be expected from the app and the worst thing that could happen is that it doesn't work - which would be the exact same outcome as if you just didn't use it.
Still, Germans' are hard to convince, once they made up their mind about something. The public image of the government, as well as Deutsche Telekom and SAP is often disconnected from their actual performance. The same people often disregard these instances' and companies' ideas, products and services with the same persistence they welcome or defend equaly debatable innovations and decisions from actors they look favorably upon, like Apple.
It's sad to see that the good work of many smart people is so easily disregarded. The government and the involved companies actually listened to privacy and security experts and made a lot of right choices. That's something I'd like to see more of in the future. A little bit of appreciation could go a long way for shaping such decisions for the years to come.
These apps need to use the OS APIs, otherwise there is no hope for them. The German app uses those APIs, the Australian one does not. While there are obviously trade-offs involved with the OS APIs, it's not hopeless like this clusterfuck.
This is the core reason I'm so against these duopolies. I have a startup idea that I want to implement. I've done it on windows, and it's flawless. Should work on macOS too. But these mobile OS's don't provide the right API's to do it. Android offers access to do it in a half assed way, and the way to do it right is to do it the correct way, flawlessly. So I'm stuck in a limbo, I want to be the first and last to market, prepared for when these companies break up, the OS offers access to some API's I want, and capture the market. There may be little network effects to the idea. But it's going to be a big market for everyone, with plenty of competition if idiots offer the right API's. [edited it gave away a bit too revealing info]. Enough that I don't ever connect my development machine to the internet to make sure no source code ever leaves.
My test users have asked me when will I offer a mobile app? The app needs mobile integration to make it work the way the idea was supposed to be. All OS's that the user uses, together.
And, I have no response to their questions and the mails end up collecting dust.
These fuckers ruin innovation for everyone and it makes me mad.
If these companies don't get broken up with a competitive mobile OS landscape again, don't get mad when I jump ship and go with some OS Huawei makes if it offers the right way and gains adoption.
If America wants competitiveness, innovation and a technological lead, it has work to do at home: Trust busting needs to happen fast.
https://github.com/AU-COVIDSafe/mobile-ios/issues?q=is%3Aiss...
The irony is that Germany uses iOS contact tracing, so as I live near the border I miss detection of a high vector.
Scratch that, I -would miss-, it I used the app, which I don’t because it has to be opened, manually toggled on, and stay in the foreground to do any contact tracing.
Even if it were not for the battery use, the power of defaults means that the app is rarely activated by people, (when it’s installed at all since it’s not listed in the initial iOS alert you get and pick France).
Desperate posters “here I activate TousAntiCOVID” are being placated in shopping malls and stuff.
It’s ridiculous.
Add to that a bit of science nationalism from the De Gaulle era, and we ended up with that app.
That thing utterly murders the battery on new phones as well.
I have a Note 10 + 5G and my wife has the S20 Plus and running that means having to recharge the battery multiple times a day or risk running around without any phone.
Sometimes my wife has noticed that the battery will go DOWN while being charged. so we uninstalled the app and the problem has gone.
I was an advocate for it when they were talking about releasing it... but as usual the Australian Gov is technically incompetent.
> Provides a number of approaches to workaround the ‘iOS detection in the background’ bug in iOS to a point where detection and continuity is superior to existing protocols
The technical details on the protocol (seperate from the "payload" which is contact tracing specific data) are here[1], and the iOS library here[2]. I would be interested if anyone else has verified these claims.
[1] https://vmware.github.io/herald/specs/protocol [2] https://github.com/vmware/herald-for-ios
https://github.com/vmware/herald-for-ios/issues/15 https://github.com/AU-COVIDSafe/mobile-ios/issues/29#issueco... https://github.com/AU-COVIDSafe/mobile-ios/issues/29#issueco...
* Better long tail of older device support
(meaningless if the app doesn't work, and completely debunked now that ENF supports iOS 12)
* They want to control contact tracing, rather than have the app directly notify the user
(this isn't a requirement of ENF, but the Govt falsely claims it is. In fact, ENF can still notify authorities so a contact tracing phone interview can take place. The only difference is that with ENF, you can't force a user to enter their phone number to start using the app)
* They want a better picture of the entire social graph, since ENF gives more vague / anonymous data.
This is the only partially valid claim they make, however, this is predicated on the current app actually working and providing that information, which is does not.
