Category: Health

Posted on

Covid-19 NHS Tracing App

I will add more detail later, but just wanted to create this for the meeting later today.

The long-awaited app is launched today (24th September).

It’s a really positive step forward I feel, even though there’s the inevitable doom and gloom merchants already slating it.

What is really a sad state of affairs (and here I stray into political waters – dangerous, I know) is that the Track and Trace (outside Wales, where we have tried to do things much more locally and involved local Public Health experts from an early stage much more) is that it does appear to be putting the cart before the horse. The app should have been in place before they allowed the pubs/hospitality outlets to be opened. It should have been made mandatory. You shouldn’t have been able to enter unless you scanned yourself in (or failing that supplied a verifiable name and address. Mini-rant over!

So it’s available on iOS devices from the iPhone 6s onwards, and Android devices from 2017 (Android 6) onwards. You download it from the appropriate app store.

This is how it works …

I’ll get back on to this following the meeting. Please post Comments, or ask Questions below, or raise a Topic in the Covid-19 Forum.

How does it work? This article from Wired UK provides a comprehensive explanation.

The BBC’s explanation of how it works (as an infographic).

Screenshots from installing the app on my iPhone 6s

The app is highlighted on the App store (at least for Apple) today …

… download and install, and start the app …

You will be asked a couple of questions, including an age enquiry …

… and then a Privacy section, which is actually very good and worth reading. The developers have done all they can to make you aware of what the app does, and how it protects your privacy.

So if you click on the Privacy link you will be taken to the UK Government website that gives you more information, after first informing you that it uses cookies …

You might like to click through to the Welsh pages to find out more about Local restrictions …

… then you need to supply the first part of your postcode. The developers have acknowledged there’s a weakness in the app currently in that if you move your location, you can’t change it in the app. They are working on a workaround/fix/upgrade. This would apply if you were to go on holiday somewhere else, or if you were a student moving away from your home.

Having done that you’re into the app, it starts scanning and you’re on your part of the Covid-19 Tracing community.

You can see that north Cardiff is at a Medium risk level (as I believe the whole of Cardiff is) …

… and then you have access to the other features of the app, as shown below …

A recent article about the NHS app which addresses possible Security and privacy concerns.

I wondered about creating a QR code for our house

This is how you can do it

… and this is what it looks like …

cb7af8f1-5a66-4b22-888c-71fbb4057e40_R8K6W825

Posted on

Covid-19 Tracing app

What is Contact Tracing, and how does an app help?

This video from The Guardian is an excellent review of how Contact Tracing works in both a traditional and technology-enable world. You should watch it.

Contact Tracing Infographic

An Infographic that explains how Contact Tracing works

Approaches to creating a Contact Tracing app

Google and Apple have combined to work out a solution that works across iOS/Android devices. Here’s a document that explains how what they have done would work …

Overview_of_COVID-19_Contact_Tracing_Using_BLE

 

But there are Privacy concerns as this BBC article (with video) explains.  Regardless of those concerns the app is being trialled in the Isle of Wight. It’s useful to know the difference between the approach being used by the NHS and the Google-Apple approach, this article explains those differences.

However there are potentially difficulties …

France (how unexpected) have threatened Google-Apple over the fact they won’t work with France’s standalone approach (a similar approach to the UK); and it has been suggested that failure to adopt a common approach could threaten international travel – as “health passports” will be impossible to implement.

Then there are technical difficulties as iOS and Android devices work in different ways (not unsurprisingly) causing success of the Google-Apple approach to be dependent on a very high adoption amongst Android users.

The new NHS contact-tracing app could be used to send malicious alerts causing people to isolate unnecessarily, The Independent has been told. The app, which is being trialled in the Isle of Wight, tells users if someone they have been in close proximity with may be suffering from coronavirus, meaning they could be exposed. But because users can set off the warnings themselves by reporting symptoms – rather than positive Covid-19 test results – it could be used to send out false alerts. Dr Michael Veale, a lecturer in digital rights at University College London, said Britain’s tracing app had no measures in place to stop individuals “maliciously triggering notifications” using its normal functionality.

Then, on the technical front, some notes from Phil Edwards’ friend

On the Apple-Google Indirect approach

“Their approach seems pretty solid. I think they’re basically exposing some features that previously weren’t available to app developers. Both seem pretty determined to limit the potential for it to be exploited by governments; I think they announced yesterday/the day before that any apps using their system can’t also access location data.

Contact tracing is totally doable without central databases. I can see why a government might want to own data themselves, but there are big downsides (especially security when building in such a rush).”

On the NHSx Direct approach

“The implementation of this contact tracing app really hits that sweet spot between ‘Are they incompetent?’ and ‘Do they have ulterior motives?’ I’d advise against installing it but I doubt it’s going to work properly anyway in its current implementation because of various oddities around how Bluetooth LE works. This isn’t a great article but covers some of it.”

A better comment from Hacker News covers it clearer:

“‘Bluetooth LE has four main states: scanning, advertising, peripheral connection, and central connection. In order to exchange the data that the app needs it needs one device in the peripheral connection mode and the other in the central connection mode. This means one device must have previously been advertising and the other scanning. The two important states are advertising and scanning.Android devices can advertise in the background but they can’t scan reliably, they can do this for a short period of time enforced by the Android time limits on apps running in the background and possibly manufacturer specific power savings measures. These limits are not well documented and cause issues on any device using Bluetooth.iOS devices can’t advertise in the background, however they do advertise an Apple specific advertisement which can’t be controlled by the app but can still be connected to. iOS devices also can’t reliably scan in the background however they can scan more reliably for iBeacons (special adverts) [1]Combined this makes it difficult to work well in the background, Android devices can’t reliably connect to any device, iOS devices can’t connect to each other but iOS devices may be able to connect to Android devices.'”

Finally, a potential for Fraud

Plus fraudsters have not been slow to latch-on to the possibility of piggy-backing on the NHS app as this article in The Guardian show (thanks Phil for the link).

Other references:

The NHS Covid-19 website

 

Posted on

ICE – that’s In Case of Emergency

 

In Case of Emergency Card

 

Recent discussion in U3A has been on what role a Group Convenor should have in case of emergency. It’s a difficult one, I haven’t fully resolved in my mind what responsibility I should have – I think it’s one that’s worth discussing. Should I, can I request that information be lodged with me? Should the group member provide it to a membership record on a database system that the Convenor can access? Or, should – and this is the purpose of this post – the individual take the responsibility upon themselves. This can be done by either carrying a card – this one is used by The Ramblers – there are many providers of this sort of card, eg ICEcard, or should we use the facilities on our Smartphones which allow access without unlocking the phone from the Home screen.