From Elsewhere: Insecure, with bad code and virtually useless – The new NHS Covid19 tracking app.

 

There’s a very interesting piece that has gone up on Guido Fawkes’ Seen Elsewhere section. It comes from an app developer who has done a lot of work creating apps for iPhones. This particular techie has been examining the proposed smartphone app being developed by the NHS that the government expects British subjects to sign up for despite widespread concern about privacy and security.

This techie, a man named Darren Jones, is claiming that this app not only may have security and privacy concerns but is likely to be a complete failure. If Mr Jones’ criticisms are correct, the ap appears to be designed by people who if put in charge of organising a piss up in a brewery, would fail dismally at the task.

Before I continue I must say that I disagree with Mr Jones’ dismissal of privacy concerns. Yes health is important but so for many Britons is data security. Even talking to some non paranoid friends last night the general opinion is that they do not want the government to explicitly collect data on their movements and who would refuse to download it on principle. However the issue here for Mr Jones is will the app actually do what it is supposed to and inform Britons if they have come into contact with someone infected by Covid19.

The answer that Mr Jones comes to is that it will not work as intended. One of the major problems he’s identified with the NHS app is that it has to run in the foreground of the OS. If the app is running in the background and is not on the screen then it just will not work. If two people pass in the street or on a train for example and one person has the app running in the foreground and the other person has it in the background then no contact will be recorded. Mr Jones gives a detailed explanation as to the potential problems with the new NHS tracing app on his site that I will not rehash here and which I would advise people to read.

It’s obvious from what Mr Jones has said that the much hyped NHS app will not do the job that it was intended to do. What’s worse is that it is going to cost the taxpayer a great deal of money for an app that is completely useless.

Mr Jones said:

It turns out that NHSX outsourced the development of this app to Pivotal Labs which is a software company in California.
It’s also rumoured that they paid a LOT of money for this. It scares me to even mention the figures i’ve read.
If you were a company asked to produce what is effectively a simple app (I could have written this in a week) for an absurd amount of money, would you tell your client it wouldn’t work?!

What’s the solution?

Apple and Google have collectively designed an API that allows phones to discover each other even whilst in standby. There’s been a lot of debate surrounding the privacy model they have chosen, however it is the ONLY method that will allow an app to work as expected.
Install it, forget about it. If you’ve been near somebody that has recently been diagnosed, the app will tell you. Simple.

Mr Jones then went on to appeal to the government to scrap their app for something that actually works, something on which I agree with him about.

The NHS has a woeful reputation when it comes to IT projects, such as the 2018 scandal when a new system for handing over patient records to GP’s following a patient’s discharge from hospital also didn’t work as intended, affecting over 14,000 patients. Also in 2013, a new system to digitise patient records was abandoned after it was found to not work and the project to create it was found to be riven with management and contractual problems. The final bill for this epic failure by the NHS is believed to be in the region of £10 billion.

Personally I have little trust in or love for the NHS. It’s an appalling and inefficient way to deliver healthcare and it has a long record of IT failures that have pissed our money up the wall. With a record like this is it any wonder that the NHS contracted an outside company to create an app that not only hoovers up our data and shovels it into the gaping maw of the government, but is also not likely to work as intended when it comes to tracking Covid19 contacts.

 

1 Comment on "From Elsewhere: Insecure, with bad code and virtually useless – The new NHS Covid19 tracking app."

  1. Being told you’ve come into contact with someone who has or had Covid19 is rather like shutting the stable door after the horse has bolted. Besides, unless there is a process of national testing for Covid19, retesting and more retesting, how will anyone know if they’re got it when a large chunk of the population are asymptomatic?

    I fear this is monitoring of the movement of the population for other nefarious reasons introduced through the back door.

Comments are closed.