BBC News: Coronavirus: Security flaws found in NHS contact-tracing app
The new Covid-19 contact-tracing app piloted in the Isle of Wight has been pushed into light as security researchers warn of the user’s privacy and the potential abuse and deliberate prevention of contagion alerts being sent. Researchers have detailed seven different problems with the app thus far, and warn of the weaknesses in the registration process that could allow attackers to steal encryption key and potentially prevent users from being notified if a contact tested positive for Covid-19, or even lead to the creation of spoof transmissions logs and bogus contact events. The main concern suggestion as of now is for the UK National Health Service to consider shifting from its current “centralised” model, where contact-matching happens on a computer server and is more prone to hacker activity, to a “decentralised” version where the matching happens on people’s phones. To read more, click here.