Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Tuesday June 16 2020, @10:23AM   Printer-friendly
from the defeats-the-purpose dept.

Locked iPhones rendered almost useless in Australia's COVIDSafe tracking efforts:

Software engineer Richard Nelson, who was part of a team of researchers that found other bugs in COVIDSafe, has detailed a bug affecting iPhone users, rendering their device basically useless when it comes to tracking efforts.

A locked iPhone with an expired ID cannot generate a new ID. Without an ID, Nelson said the device will record other devices around it, but cannot be recorded by others.

"A device in this state will record other people around it, but will not be recorded by others. If all relevant devices are in this state, no encounters are logged," he wrote.

"One could imagine Alice packing her bag, putting her iPhone in and going out for the day to a football game. With her device in this state, nobody else will record her presence, and if anyone around her tested positive she would not be contacted."

[...] Nelson told ZDNet that if the iPhone user was to unlock their phone, but not necessarily open the COVIDSafe app, a new ID would be fetched.

"If Alice's device was locked and had an expired token, and Alice then unlocks her device to check email, for example, and if Bob's device then scans and picks up Alice's device, Bob will be able to read Alice's ID," Nelson added.

But if the device is locked again first, it won't be read.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by FatPhil on Tuesday June 16 2020, @02:02PM (2 children)

    by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Tuesday June 16 2020, @02:02PM (#1008629) Homepage
    I agree, that's a terrible licence. Egregiously terrible. Pluck my own eyes out while reading it terrible.

    However, there's nothing intrinsically wrong with the public domain.
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by All Your Lawn Are Belong To Us on Tuesday June 16 2020, @02:21PM (1 child)

    by All Your Lawn Are Belong To Us (6553) on Tuesday June 16 2020, @02:21PM (#1008641) Journal

    Wow. I thought surely y'all were exaggerating until I opened and read the license. Why would anyone, anywhere agree to these terms? It has unconscionable clauses IMO, though IANAL. And not even a, "if a court finds any part of this unenforceable the rest of the license remains in force," so if any provision is unlawful the entirety of the agreement fails.

    I applaud a sense of trying to make a license not worded in legalese, a worthy goal. But this definitely reads like they were their own lawyer on this, so that certainly colors how I feel about their client.

    --
    This sig for rent.
    • (Score: 0) by Anonymous Coward on Tuesday June 16 2020, @06:40PM

      by Anonymous Coward on Tuesday June 16 2020, @06:40PM (#1008792)

      And not even a, "if a court finds any part of this unenforceable the rest of the license remains in force," so if any provision is unlawful the entirety of the agreement fails.

      Such a clause is basically never needed because it is pretty much the default position worldwide. While details will depend somewhat on jurisdiction the general principle is that courts will try to uphold agreements made in good faith and if a valid contract remains after removing any problematic parts, then what remains can certainly still be enforced.

      Things can become unenforceable if removing the problematic parts means one of the elements of a contract is now missing (for example, if the consideration itself turns out to be illegal then after removing it there is no consideration and thus no contract). Adding such a clause still is pointless because it doesn't do anything to re-add the missing element of the contract.