1/4: In the absence of any source code for the #covid19au tracing app, I decided to pull the TraceTogether code and start looking.
2/4: First observation: the decryption of IDs is done on the cloud, which in the Singaporean case is through Google Firebase.

Here& #39;s what happens on the cloud when you test positive and give a public health official the list of encrypted IDs of those you& #39;ve been in contact with:
3/4: Maybe @CyberGovAU & @Cyber_Sec_CRC have insisted on changing that aspect of the design for Aus. If they haven& #39;t, the answer to, "Does the commonwealth government learn your contacts when you test positive?" would be, "it depends whether Google decides to tell them."
#auspol
4/4: This also indicates the false dichotomy of govt-vs-corporate privacy invasion. A government system can hand a great quantity of information to tech corporations.

We need to see the code for Australia& #39;s Covid19App, all of it, ASAP. #auspol #COVID19Aus
You can follow @VTeagueAus.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: