Watched NZ's COVID19 govt press conference for today, and I must say I personally I find the last question quite interesting. Regarding whether we can trust the government not to misuse the data entered into the official tracing app. Whether it's a "trust us" situation.
The govt answered by appealing to the authority of the Privacy Commision, but there's a fuller answer.
The Ministry of Health published this code to GitHub, which allows anyone interested like me to judge for ourselves.
I don't give it the most thorough audit, but I feel confident in saying NZ COVID Tracer is probably the most trustworthy app on your phone. Low bar!
The log of scanned QR codes is kept local to your device, checked against a FireBase database of locations. There is however analytics, and I'm unclear whether or not that weakens the security guarantees.
Also I have to trust this is the same code handed to Google & Apple to compile, who do operate on a "trust us" basis I dislike.
I don't have a Google Play account, so an F-Droid version of the New Zealand COVID Tracer app would be much appreciated by me, even if the Bluetooth feature doesn't work.
(I don't have any experience of (successfully) compiling anything for Android, and when I tried to learn, precisely to get this app on my phone, I gave up at the point at which it became clear that I'd need to run proprietary software on my laptop in order to achieve my goal.)
@alcinnz I haven't looked at the details, but apparently there's an open source version of the German corona warn app and they're working on getting the build bit-by-bit reproducible & distributing via F-Droid, covering the 'same code' concern.
It probably operates in a less trustworthy way unfortunately.
@feonixrift @alcinnz it looks like that's the fork using microg, https://codeberg.org/corona-contact-tracing-germany/cwa-android - which also claims to be reproducible. Perhaps I should have linked to that - I'm not German and don't know the exact relationship between the projects.
I think the main issue is around the personally identifiable info you can enter - which is (as I understand) stored encrypted in an Amazon AWS bucket in Australia. Entering any of that -is- optional though.
@gamayun Yes, I do find that aspect non-ideal.
We've got perfectly good serverfarm at home, why does the NZ government keep hiring people who only know how to deploy via Amazon?
@gamayun Though at this press conference there really wasn't given enough time to even ask this question usefully...
Yeah, I seem to recall seeing it answered somewhere previously - along the lines of 'something something quick and cheap'.
AWS has a wide range of non-operating-system services that mean you can hand over large chunks of worry into a service; like database admin into RDS for example. And HSM. And so many other things that are a nightmare to manage at small scales ...
I don't really buy that managed services are a 'technical advantage'. Especially when the 'chunks of worry' being handed over are personal details to a jurisdiction where they're not protected.
If it were too much trouble - simply not collecting that data is eminently cheap and scalable.
For people who care about, support, or build Free, Libre, and Open Source Software (FLOSS).