Great now my email is being spammed again with people spreading FUD against this well documented API insisting it ruins their privacy despite all the research and papers and the ability to read the microG implementation to see it does not upload any data anywhere.
And that all despite the OP explicitly asking to not have this whole discussion again.
I’m muting this topic just… THE API DOES NOTHING UNLESS YOU INSTALL AN APP THAT USES IT AND YOU CAN DISABLE IT IN MICROG. The “concerns” of you FUD-spreaders have already been taken care of, now just let us who want to have this very well designed anonymous way of knowing if you were near someone with COVID have it. Several people I know died to this horrible disease, I don’t care if you’re not afraid or whatever, let those who want it protect ourselves against it.
No, what you have done is sharing a link that describes a well known weakness of the API for which 1. it has to be turned on and 2. that doesn’t even work on all phones and 3. You have to trace breadcrumbs by being in Bluetooth range of your victim.
The fact they found this weakness and no other, is actually reassuring. The code HAS been scrutinized and THIS is what they found.
So no, nice try, but the burden of proof is on you. I fact shifting the burden of proof is a logical fallacy that is often used by religious people. “Well, show us there is NO god”. No. If you claim something outlandish and against all prior information, if you say, an inactive bunch of lines of code (it can be turned off) are dangerous to privacy, then you need to show, your claim is true. And you haven’t done that. Not for the Google/Apple API and much less for the microG implementation. I did learn more about Google from your sources. I did not learn more about the API.
I am with @Hawthorn here. There were possibilities, it wasn’t a priority and this does not shine a good light. At least for most people, who just want to use these apps to protect themselves and others.
I’d already claimed a ‘procès d’intention’. I’m not the only one wich doubt with gglle/pple spontaneous claim about ‘Privacy’ nor ‘Security’. For example:
I’m not engineer, I read here and there, and definitively I don’t trust in gg’s leniency.
Don’t worry, I fixed it. Installed Lineage from here. Works fine on FP3, and the “with-MicroG” option lets you update to the most recent version with no troubles. UK Covid app works fine. Farewell my libertarian /e/ friends, but I’ll leave you with this. Even with a “dumb phone”, no apps, no google installed. If it has a sim card and a battery in it you can be identified and geo-located with simple cell tower triangulation, and also that “My freedom” always without fail means restricting someone else’s freedom.
Tested it with MicroG most recent version in /e/, Lineage OS, Fairphone Open, and it doesn’t work. MicroG cannot find the App and the App cannot find MicroG. Left Android for Linux mobile today, essential applications don’t work in free Android versions without G00gl Goolag, so why Android? Makes no sense to use Android if you want privacy.
I was able to upgrade to the current version microG Services Core version 0.2.12.203315 by manually. So now StopCovid France also works on a /e/ OS 9-Pie ROM.
SwissCovid Corona-Warning-App works with /e/ OS e-0.12-o and microG Services Core 0.2.12.203315
Hi @frank.bxl,
I gather from your “About me” that you describe themselves as technically adept. So it will not be difficult for you to upgrade manually.
I could not test my workaround on a Fairphone 3. Which devices should the microG Upgarde be for?
@frank.bxl, @juri.gagarin,
to verify my workaround I will release the first version of e-0.9-p-20200530-UNOFFICIAL-hero2lte and write down another workaround for me step by step. If it works as before, I invite you to try it as well. Save your most important data already once. Safety first …
I did it flashing the Nanodroid microg .zip file from TWRP, and deleting cache/dalvik. It seem to work ok for me until now. Do you know the Nanodroid microg .zip package?
and a WLAN / Wifi online connection to the WWW is required. And of course some time to complete the individual steps.
Starting point is /e/ OS 9-Pie TestROM for Galaxy S4 ‘jfltexx’: e-0.11-p-2020082569744-test-jfltexx by eOS
.
Dutch Coronamelder
“The apps is active”
.
Dutch Coronamelder | UK NHS Covid-19 | Belgian Coronalert
The apps are active.
Actually the update is easy to do if you know how. There are many single steps necessary, but no special Android or technical knowledge is required. The phone is not rooted (Magisk), no external tool (NanaDroid) is used - only TWRP Recovery is in use.