The Australian government's COVIDSafe app: have you installed it on your phone?
More than a million Australians did, in the first four hours of its release last night. For real.
Should you or shouldn't you download and install this app on your smartphone?
According to this IT specialist Brad Spooner, from Spoontech IT, he says NO. You should not. And if you have: delete it immediately, he recommends. "It's a hacker's paradise", he says bluntly.
More about the app here is below, but first, here is what Brad thinks.
“Who developed this app?" Brad questions. "Not us in Australia, it was made in India."
He continues: "Where is the security report to say that it's not using your data unlawfully? And where is the proof it isn’t?
"Considering it is using bluetooth which is the most unsecure wireless protocol known to man, and the pairing passwords are 0000 and 1234 for most devices... like, really? And we are calling this safe?
"Bluetooth, once paired, can access everything on your phone and it doesn’t have co-ordinate capabilities like GPS, meaning they are connecting everyone via bluetooth and getting your info from the phone and using GPS to broadcast your position so they get anything you have from any phone and know where you are and how far you are away from the people you are with!
"Money making? Get ready for a fine in the mail without even realising it.
"You buy a new phone and bluetooth to your old phone and it connects to download ALL your files. Who is to say this app it not automatically pairing to each phone? What about the fact bluetooth is unstable and easily hackable.
"I can download apps to my phone that can connect to every discoverable bluetooth enabled phone (of which there are lots) and download anything I want. Also, the fact that for bluetooth to see each other the phone has to be made discoverable always. So when you pair a normal device the bluetooth is only active for two minutes or so. So for it to pickup people you walk past it has to be discoverable 24/7.
"This is a major security risk as I could use the two common passwords as per those mentioned above and connect to anyone's phone, anytime.
"Imagine if you had photos on there that you don’t want the world to see!
"One million people downloaded it in the first four hours because they want the lockdown to end early, and that's how the government have marketed it, but where did they give us enough information to assure us it's safe? They didn’t.
"This app is also going to be used for social distancing rules, so beware they are watching everything now. Watch your mailbox.
"Another point is if you remove the app who’s to say they have not still installed an underlying app to continue keep an eye on you anyway long term, like Google already do.
"Plus with bluetooth being on 24/7 and discoverable, it's going to drain battery life from people's phones.
"People are in a COVID-19 brain dead state due to lockdown and just want this over so they have all band-wagoned on this app, but really, they have just been sucked in by the whole “it will be over quicker” thing, which is bull. You know what, it's the government's way of keeping an eye on who is doing the right thing.
"I have been in IT for over 29 years and I have dabbled in the dark side of the web many times, and let's just say if you downloaded this app as much - as you thought you were doing the right thing - I would uninstall it ASAP and just stay home and stay safe in your own way."
The Australian government instead says:
Your information and privacy is strictly protected.
And, the site also states:
When you download the app you provide your name, mobile number, and postcode and select your age range (see Privacy). You will receive a confirmation SMS text message to complete installation. The system then creates a unique encrypted reference code just for you.
When an app user tests positive for COVID-19
After the pandemic
Deleting the COVIDSafe app
What are your thoughts?