New correspondance on proximity-tracing by Denis Roio, hacker, social entrepreneur and privacy expert at Dyne.org, also known as Jaromil.
Denis Roio (aka Jaromil) is a researcher in philosophy of technology, artist and software artisan whose creations are endorsed by the Free Software Foundation. He has been involved in Bitcoin since the early days and since 2000 he has been dedicated to building Dyne.org, a software house gathering the contributions of a growing number of developers who value social responsibility above profit. Recently, Denis Roio has been involved in two European research projects, D-CENT and DECODE, both focusing on “Decentralised Citizen Engaged Technologies” and a “Decentralized Citizen Owned Data Ecosystem”.
My goal is to share musings, howtos and analyses in the style of the Austrian technopolitics tradition, to observe and possibly predict what will soon be happening and we will likely remember for decades to come as a memorable event, that of the COVID19 pandemic.
The ideal audience I think of when writing this diary is a mix of policy experts, technologists, activists and entrepreneurs; my wish is to provoke, inspire and get inspired about possible solutions we may want to refine and realize across cultural, geographical and political boundaries.
This is the time to imagine new ways to organize society and develop the technologies that can facilitate this shocking transition.
In this particular 4th post of the diary I will touch a few topics:
1.Responses and resistance to lock-down measures
2. Proximity tracing technology weaknesses
3. The method and purpose of proximity tracing development
I’m doing so from my lock-down in the South of Italy, now 6 weeks long and still counting, far from my residency in the Netherlands and close to a country that has suffered earlier than others in Europe from the pandemic and that is now expecting to lift some isolation measures in May.
I’m well conscious other countries like Spain, France, UK, Germany and USA are now going through the shock of daily death-counts and forced isolation and my thoughts of solidarity go to all of you out there.
Be strong and keep faith: there will be a new beginning.
Tales of resistance
In many different European countries has now become clear that, due to the exponential growth of the viral infection, lock-down measures are necessary to protect wide portions of the population that are exposed to serious risks.
What is now evident to many is that with these measures we’ll see the birth of resistance. At the risk of banality let me quote Aristotle in Politics:
“Man is by nature a social animal; an individual who is unsocial naturally and not accidentally is either beneath our notice or more than human. Society is something that precedes the individual. Anyone who either cannot lead the common life or is so self-sufficient as not to need to, and therefore does not partake of society, is either a beast or a god. ”
Lockdown scene :
I believe that resistance to lock-down measures — manifested in many forms be it a private party or a couple walking hand in hand or an anti-establishment demonstration — is to be understood as a natural resistance to isolation. It is very difficult to discern between such violations and assess their risks: since they are “natural” especially in the scenario of a prolonged lock-down.
Now please watch this fascinating video. This is a swarm of wild-boars through the vineyard of a town nearby where I’m confined and not too far from the coast; speaking of which, watch this other video shot in Punta Aderci a beach where boars were never really seen before — as on most other beaches, since they live on mountains.
If you don’t get my point, watch these stags showing off some fashionable horns through the shopping street of Villetta Barrea.
Admittedly my point is not easy to land now. What I “sense” in this situation is a metaphorical lesson for the policies to come, because we will have to deal with this pandemic for longer than a season.
Nature will fill the gaps — be it animals or social life — and the gaps will widen if the one-solution-fits-all is adopted.
We must design for natural resistance to be within
For policies to be strict against nature is pointless: just like water, nature will get through sooner or later and we’ll have to design its presence within the system.
Likewise, physical isolation measures are pointless unless they are carefully adapted to any peculiar cultural, natural and social contexts.
Also nation-wide measures are doomed by failure and this is evident in the current situation in Italy, where not only nature is taking over, but the general constriction of the population to the same isolation measures explodes in soft and hard violations of the new norms. Because a state of exception that is centrally managed will disrupt all territories in different and unpredictable ways, catering to different necessities and overlooking different shortcomings.
Federal governance will be a new norm: power to regions.
The reason I’m writing this is not to throw predictions around, but to push critical thinking beyond the easy polarized stall of counter-practices in a state of emergency: it is important for humanist and social-democratic movements excluded from power right when we need them most. Capitalism will be bankrupt for a long while now and where the possibility for change won’t be made, barbarism will be the only thing left.
Going wall to wall, resistance vs. coercion, we’ll just create wartime platforms.
In light of the necessary fiscal spending measures to come then we need new methodologies and KPIs for prof.Mazzucato’s “entrepreneurial state”: public sector clearly needs to maximize a friction-less fiscal spending plan, but that should go to communities of practice that can deal with cultural and technical mediation.
Wasting money on the usual suspects won’t help, we need ethnographic research to individuate healing processes and facilitate their growth.
By the way: no, this is not done developing a mobile app. Speaking of which…
The proximity tracing state-of-affairs
In one of my past stories “New forms of rationality and liberation” I’ve shared one argument in support of the adoption of decentralized and privacy preserving proximity tracing as a viable solution to the COVID pandemic challenge: it may alleviate the weight of uncertainty when trying to control the spread of this infection.
Such an experimentation doesn’t comes without risks of course. Last week we detailed concerns in an open letter to the Italian government which was successful in changing the development and deployment plan of the proximity tracing app to be adopted in Italy.
Recently also this article in English language does a pretty good job on bringing a dish of dystopia on everyone’s table by going over the risks of the so called contact apps.
I’d like to go down to technical details now, mainly sharing some pointers for further research and then my opinion.
If you are a technologist please now take some time to read around about the “corona app” buzz in your own language. In the English speaking bubble alone a lot of protocols and applications came out already, while the Google and Apple PR department has landed a great deal of visibility for their relatively small efforts in this race: they are basically fixing bugs and allowing people to use BT ADV broadcasts with a small change of their restrictive policies.
It should be evident to most people protesting the “corona app” that operating system manufacturers like Google were already able to track the hell out of everyone without consent well before COVID19 was just the sneeze of a pangolin in Wuhan.
In the new scenario of contact tracing apps such OS manufacturers will still be on top of the hill since they hold tight centralized policies on market access. But it is somehow notable that they will provide a proximity-tracing SDK inspired by the best decentralized and privacy-preserving protocol out there (DP3T aka dpppt.org) to avoid the wild telco + state-actor data-grab behind the corner.
Should we be happy about any of these developments? I’m Not Sure. Sincerely I’ll be really happy again only when I can join a party and drink from a stranger’s glass, dance on tables and make out on the couch without carrying fears of infection for the following two weeks, like a long-lasting hangover guilt-complex for being the party libertine I usually am.
The point of contact tracing is receiving notifications about positive tests of people we have met in the past weeks in the most privacy preserving way possible.
This is important to keep in mind when designing such systems: we don’t need anything other than notification, which will be part of the sort of self-measuring routine that most people having an active social life will do, in order to assess when a test is needed. Of course this application may come also handy for location monitoring and therefore be instrumental to the cautious re-opening of restaurants, bars and who knows maybe dance-floors one day.
The reason why these systems should be carefully engineered for being privacy-preserving and decentralized is that hackers will hack the hell out of them, from ISO/OSI Layer 3–4–5 of Bluetooth, a mishmash of a wireless protocol of needless complexity — utterly broken almost since its inception.
The nation-wide adoption of a proximity tracing app based on bluetooth and enforced by policies (be them public sector or private sector imposed for instance on workers of a factory) will certainly open a huge surface of attack to all sorts of cracking practices similar to wardriving and capture-the-flag offensive security e-sports…
My development setup to demonstrate the weak spots of #BLE for contact tracing.
Anticipating a solution a secure element gets used, too. pic.twitter.com/4lAvKiAAYQ
— tomfuerstner (@tomfuerstner) April 18, 2020
It will be an hilarious chaos for some, terrible for others and not fun for those having to deal with the consequences of spoofing, id-faking and procured alarms all practices that are relatively easy (script-kiddie-easy) to be tried out even by the usual techie fixing your computer, so be thankful to Tom here for making it obvious.
Even in case of the DP-3T protocol there are well known vulnerabilities being debated which in some cases may lead to centralization and reliance on security by convention, stuff like ministries of health claiming their servers won’t ever be hacked, oh yeah… Read “Risk of de-anonymisation of infected users is much higher than estimated”.
There is a clear explanation offered by the Ada Lovelace institute (nothing less expected from such a wonderfully named organisation) in their recent policy document titled “COVID-19 Rapid Evidence Review: Exit through the App Store?” and reciting in brief that for national policy to rely on these apps, they would need to be able to:
1. Represent accurate information about infection or immunity
2. Demonstrate technical capabilities to support required functions
3. Address various practical issues for use, including meeting legal tests
4. Mitigate social risks and protect against exacerbating inequalities and vulnerabilities
At present the evidence does not demonstrate that proximity tracing tools are able to address these four components adequately.
Let me just add that to be effectively developing this tech we don’t need a tender for app makers or even worst consulting firms racing for it, but research communities to participate in defining innovation and assessing its risks and opportunities.
Which brings me to the next point…
The proximity tracing shit-show
I’m not sure you heard about the “Corona APP” public tender in the Netherlands, its worth mentioning because it has two big merits:
1. It made very public a process that is usually not by means of a new TV-format: an e-Sports style “appathon” in live streaming. The Dutch invented the big-brother reality show for private households, and now this…
2. It made obvious how ridiculous are the usual suspects participating to public-sector ICT tenders, which are generally well known in NL for lack of delivery and tendency to over-spending the national budget.
I guess is worth developing Dutch language skills (or book translators) to read the technical report of this tender which is published online as a code review of the “appathon”.
There is even a website dedicated to tracking the development of these apps (holy recursion, yess! a contact-tracing-app-tracking-website!) initially listing if they are open source and then documenting their progress.
Frankly speaking, from an expert perspective I think all this attention is quite ridiculous — good news is that the whole app craze has been dialed down.
But let me share a few highlights after this remarkable popcorn crunching session, starting with the same riff I’m chanting in my posts:
We need to change the way public spending is done. Public sector should go public, adopt indicators based on community development and stop lobbying behind the curtains with the usual corporate stooges.
Also its clear that development is so popular among a growing portion of tech-savvy population that it can make its way into a broadcast and more than a few thousand people will find it worth following.
Welcome to the public tender show! A whole new level of participatory budgeting, live streaming to your screens!
Not bad. Not bad at all. I see no reason why hackatons and e-Sports shouldn’t replace hours of football commentary on prime time TV. It’s all so fresh!
Plus the Dutch government took a remarkably honest attitude for this whole story, recognizing none of the 7 candidate apps has actually delivered what they promised and daring to say it in public, after a whole show about it.
I can well imagine In Italy the government would have multiple NDA deals to cover up for them and ship something overly complicated and utterly unusable like the PEC (RFC6109) or the upcoming “Immuni app”
May this be the start of a new era of public-sector development in which free and open source is the standard and we dare to call failures with their name?
Many things suggest this can be a change we look at, let alone the fact many software providers including Microsoft are embracing “open source” — or shall I say “doodknuffelen” here?
If we manage to overcome the presence of too-big-to-fail players like multinational consulting firms and marketeers selling expensive ICT hype, there is a good chance for developer communities to claim their expertise and bring home some precious tenders and perhaps facilitate the birth of a new breed of software industry.
This is in my opinion the best outcome to this whole app story, which has otherwise taken too much attention on our screens, just like other ICT hypes have hoarded tax-payers money in the past years. I’m saying this without much hesitation today, because protocols are there and we have demonstrated how easy they are to implement.
So… what now?
OK lets forget the corona app hype now for a moment.
Let’s stop and think about that we really need.
A place to stay, enough to eat
Somewhere, old heroes shuffle safely down the street
Where you can speak out loud about your doubts and fears
And what’s more, no one ever disappears
You never hear their standard issue kicking in your door
You can relax on both sides of the tracks
And maniacs don’t blow holes in bandsmen by remote control
And everyone has recourse to the law
And no one kills the children anymore
No one kills the children anymore
Pink Floyd – The Gunner’s Dream :
People need to be aware of their risks.
This situation carries an incentive on its own: people want that.
It may be useful to have ways to let us and anyone else record encounters as anonymous “links”, be them meetings or parties or days at work, links are situations we have exposed each other to our bodily fluids. When one of the participants to these “links” is at risk or even diagnosed with a virus, then this app will send a notification to everyone in the same “link”. Nothing else. The app will not know identities of linked people nor remember the link nor offer any chat functionality nor try to sell people condoms over amazon. Period… oh no, wait, no period tracking either!
Do one thing and do it well! — UNIX philosophy