NHS Contact Tracing App

Status
Not open for further replies.
Sponsored Links
IT Minion said:
Because it's done by the makers of the OS it can also work more effectively in the background. The government version is quite restricted by standard controls and battery saving tools in Android and iOS.
Click to expand...

That aspect interests me as there are people around that could get into a phone and do what ever they want to it. It's a problem with items where firmware can be undated and installed. There has to be a mechanism to put it their in the first place and later update it. Routers have often been exploited that way.

There has been mutterings about no software the NHS produces itself ever works. From my own experience I agree with that but it's isn't being done by the NHS. They had one of them on the TV - ;) beard and glasses so must be ok. University as usual in the CV19 area.
 
EddieM said:
So, their apps patch the OS?
Click to expand...
Not the right terms but yes, it hooks into the OS and the OS knows to run it with different criteria.

ajohn said:
There has to be a mechanism to put it their in the first place and later update it. Routers have often been exploited that way.
Click to expand...
Everything with an OS can and has been exploited that way. If you can perform updates of any core software then it's possible to update that with something malicious. There's lots of protections built in to try to prevent it but it's never impossible.
 
Sponsored Links
IT Minion said:
Not the right terms but yes, it hooks into the OS and the OS knows to run it with different criteria.


Everything with an OS can and has been exploited that way. If you can perform updates of any core software then it's possible to update that with something malicious. There's lots of protections built in to try to prevent it but it's never impossible.
Click to expand...

Hmmm. Do Apple and Google have backdoors into their OS's?
 
EddieM said:
Hmmm. Do Apple and Google have backdoors into their OS's?
Click to expand...
Depends what you mean. They have certificates and so on needed to push updates to devices but they both claim not to be able to break individual device encryption.
 
IT Minion said:
Depends what you mean. They have certificates and so on needed to push updates to devices but they both claim not to be able to break individual device encryption.
Click to expand...

Well it's obvious that Apple & Google must have a method of altering the behaviour of their OS's via an app. That's worrying in itself.
 
EddieM said:
Well it's obvious that Apple & Google must have a method of altering the behaviour of their OS's via an app. That's worrying in itself.
Click to expand...
Not really. They have OSs that control the behaviour of the apps that they run based on if they've been authorised by them. It's a long standing concept in software design. (Ring 0 to 3).

As to them changing the behaviour of their OS's, that's what they do every time they push out an update.
 
EddieM said:
Well it's obvious that Apple & Google must have a method of altering the behaviour of their OS's via an app. That's worrying in itself.
Click to expand...

There is no point in worrying about it. The OS in most things can be undated so yes they can do what they like. On the other hand what country hacked a number of European politicians mobile phones?

Then there are apps like these
https://www.google.com/android/find
https://www.apple.com/uk/icloud/find-my/

I changed my phone recently and vaguely remember something about not being able to turn location off once google maps was activated.. Didn't take a lot of notice so may have misread. As mentioned I believe phone location is tracked anyway for possible use by the police etc. The ability to be able to triangulate then via masts was built in a long time ago. Some USA president gave them a couple of years to sort it out. Really it's no different in some ways to them having land lines tapped - that is probably what worried them - not being able to do it on a mobile and whoopopee they can also find out where it is - just like a land line.
 
IT Minion said:
Not really. They have OSs that control the behaviour of the apps that they run based on if they've been authorised by them. It's a long standing concept in software design. (Ring 0 to 3).

As to them changing the behaviour of their OS's, that's what they do every time they push out an update.
Click to expand...

So you're saying the Google and Apple apps are ring 0 apps and the NHS one is a ring 3 app? Hmmmm.
 
EddieM said:
So you're saying the Google and Apple apps are ring 0 apps and the NHS one is a ring 3 app? Hmmmm.
Click to expand...
Not necessarily, I'm not an Android expert. But different levels of trust are baked into OSs.
 
IT Minion said:
Not necessarily, I'm not an Android expert. But different levels of trust are baked into OSs.
Click to expand...

I know, I used to write device drivers, many years ago, so I am well aware of the ring levels of protection.
 
https://developer.android.com/guide/platform

Software has always figured a bit with me. Initially to save doing loads of sums. Then a particular control project with a micro along with a bit of commercial software - hated doing that as it was boring. Then electronics and software. Mostly ABS and other automotive bits and pieces. Some PC work in C and assembler but only to help with the main job on microcontrollers. Eventually got fed up with keeping up to date with Windows.
 
IT Minion said:
Not the right terms but yes, it hooks into the OS and the OS knows to run it with different criteria.


Everything with an OS can and has been exploited that way. If you can perform updates of any core software then it's possible to update that with something malicious. There's lots of protections built in to try to prevent it but it's never impossible.
Click to expand...
With anything man made there will always be mistakes and mischief makers but we must not let it interfere with progress and the greater good.
 
Status
Not open for further replies.
Sponsored Links

Similar threads

J
App charts police officer movements
2 3
Replies
33
Views
3K
expertgasman
E
S
Amazon gets NHS Data for free
Replies
4
Views
765
durhamplumber
D
Back
Top