Expert Reaction On Security flaws found in NHS contact-tracing app

Wide-ranging security flaws have been discovered in the coronavirus contact-tracing app being piloted in the Isle of Wight. The security researchers involved have warned the problems pose risks to users’ privacy and could be abused to prevent contagion alerts being sent. GCHQ’s National Cyber Security Centre (NCSC) has acknowledged the issues, promising to fix some and review others. But the researchers suggest a more fundamental rethink is required. Specifically, they call for new legal protections to prevent officials using the data for purposes other than identifying those at risk of being infected, or holding on to it indefinitely.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
May 20, 2020 9:01 am

This app was never going to be perfect right from the outset, but it is refreshing to hear that the government are listening to independent research and taking on the suggestions with the next revisions. Like with many apps, the first version is rarely even of any use but it gets it onto peoples phones, where they can easily roll out newer versions.

Once the majority of people have the app, then its intentions are clearly going to have better effects. However, the biggest issue is around the distinct lack of legislation protecting this data. Not knowing if and how the data could be used in the future – or even if it will be deleted – is important to the users. It is vital that the public’s privacy is at the core. Without this, the public may turn its back on the app before it has had enough time to roll out to the correct amount of people and come into any sort of effect.

Last edited 2 years ago by Jake Moore
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x