- From: Ehud Shapiro אהוד שפירא <ehud.shapiro@weizmann.ac.il>
- Date: Sat, 28 Mar 2020 07:43:19 +0300
- To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Message-ID: <CAPpwrpE0sy+Q5xAwYtmhkj9e9LT_dATJnbA+SN5Qm=CpYHW+Tw@mail.gmail.com>
---------- הודעה שהועברה --------- מאת: Adi Shamir <adi.shamir@weizmann.ac.il> תאריך: יום ב׳, 23 במרץ 2020 ב-11:58 נושא: Questions about the new "hamagen" application אל: mdepartment@wisdom.weizmann.ac.il <department@wisdom.weizmann.ac.il> Hi, I received multiple questions about the security and privacy aspects of the new ministry of health application. The bottom line is that I highly recommend it. There are several possible architectures one can use for such a proximity tracing application, and the choice made by its designers closely follows the one I recommended in an email I circulated to policymakers about two weeks ago: no location information is uploaded from the user's phone to any centralized governmental database, and all the computations are carried out in a fully distributed way on the user's phone, so that the privacy loss for non-patients is almost nonexistent. In addition, use of this app is completely voluntary, the proximity detection makes use of short range bluetooth transmissions, and the code is open source so anyone can check exactly how it operates. A good summary of why security experts are comfortable with this app can be found in: https://www.haaretz.co.il/captain/software/1.8700078 Best personal wishes, and be safe, Adi. -- Sent from Gmail Mobile
Received on Saturday, 28 March 2020 04:43:45 UTC