Vote Leave AI firm wins seven government contracts in 18 months

[Borg Refinery]

Full Fact: Matt Hancock misled parliament on support for tracing app



Health Secreatry Matt Hancock was wrong to tell parliament that a poll showed most people in the Isle of Wight want to download a coronavirus tracing app.



Hancock told Parliament: "According to a very early poll, 80% of people on the Isle of Wight want to download [the app]".



Independent fact-checking organisation Full Fact said this was false. "Hancock's claim is based on a Facebook poll done by a local radio station on the island, and is not representative of the island's residents," it said.



The fact-checkers added: "The problem with this is we don't know to what extent this figure represents the actual views of residents of the Isle of Wight."



Hancock and his team have a history of inaccuracies. In the 2019 election, his aides briefed journalists that one of his advisers had been "punched in the face". A video of the incident later showed that this was a lie and that there was no violence.



During the coronavirus crisis, Hancock repeatedly claimed that one billion items of PPE had been delivered. Panorama discovered this figure included items like paper towels, detergent and waste bags. Also, half the items were gloves and these had been counted per glove rather than per pair.



Later, Hancock claimed to have met his target of completing 100,000 tests in a day. The Health Service Journal revealed this figure included tests posted to testing centres as well as completed tests.



Hancock has also claimed the UK is a member of the EU's ventilator procurement scheme and that there was no 'political' decision not to join the scheme. An EU spokesperson said the UK was not a member and the Foreign Office's top civil servant Simon Mcdonald said there was a political decision not to take part.

- https://leftfootforward.org/2020/05/full-fact-matt-hancock-misled-parliament-on-support-for-tracing-app/">https://leftfootforward.org/2020/05/ful ... acing-app/">https://leftfootforward.org/2020/05/full-fact-matt-hancock-misled-parliament-on-support-for-tracing-app/



Oh yea Grand Nagus Boris...

[Borg Refinery]

I tend to agree, but theIr excuse is that  want the data so they can see how the virus is developing by local areas.  I guess time will tell.  There are definitely a lot of tech people who are quite concerned about the UK yet again taking an exceptionalist approach.



My other question is, I wasn't clear on whether the UK app does actually use the Apple approved API at all?  If it doesn't, there is nothing to stop either them, or a private company, from developing a rival app using the official Gapple authorised approach?  Apple have said they will only allow one app per country to do that.  



I agree though that up to now, I'm not seeing how the limited data they will have centrally outweighs the technical risks of this approach yet.  It's pretty consistent though with the general UK response which, in spite of the normal leanings of the right wing government that we have, has been all about central command and control.

....

The UK app all wouldn't be compatible with any other country.  So Brits would be invisible and crucially, visitors would be too (unless we want to police visiting nationals sliding a UK gov app onto their phone and always running it - not a route we should go down).

....

Source released on github now.



"@mikarv

NHSX App code for iOS/Android (not backend) now online at https://github.com/nhsx/">https://github.com/nhsx/, as well as a separate repo with a few short slide decks. Kudos to the tireless people inside who push the UK gov to not develop code in secrecy. Regardless of protocol disputes, you're doing great."

[Borg Refinery]

That right-wing guido guy refutes defenses of the app.



https://order-order.com/2020/05/06/experts-respond-government-nhs-app-rebuttal/">https://order-order.com/2020/05/06/expe ... -rebuttal/">https://order-order.com/2020/05/06/experts-respond-government-nhs-app-rebuttal/



Not a fan of his, but his arguments are quite convincing...for once.

[Borg Refinery]

I don't think the UK app does use the Gapple API.



If Gapple had done nothing or gone independent routes, it would be a valid approach



But they decided to out their rivalry aside for this.



As for developing a Gapple app for the UK, the issue would be fragmentation and confusion.



I assume it wouldn't be able to use the NHS logo or UK gov branding either



So some would use the official app, some the GApple based one and some probably use some russian malware by accident



Orcs confused messaging again.



Like telling people to avoid shaking hands and then saying you will anyway.



Or not closing pubs, just telling people not to go, and then having your dad go on telly and say he would go....





It's almost like they learnt nothing.

Because they want your data themselves, and to do dodgy stuff, that's why. Why else would they waste time doing this when as you say it's cheaper and more efficient not to reinvent the wheel?



Reason #1000 not to trust them.



Good post about Brexit by the way, I completely agree.



They've basically gotten away with subverting democracy..

[Borg Refinery]

That's exactly the point.  If I refuse to install this app, I should also delete my other apps.  Since I don't want to do that, I open myself up to accusation of hypocrisy if I refuse to install just this one app because everyone is talking about it.



That said, as I mention above, I want to see an independent analysis of the source code before I install it.



The other point is that if you are on Facebook or a whole load of other social media, you are already giving away a lot more specific information than you probably will be on this app - this app (unless they are lying), only knows your location by the postcode you enter when you first log in.  Even then, you don't have to prove it so you can put in a wrong postcode if you like.



Regarding the sinister updates to the app, apple and google don't let companies roll out apps that can't be uninstalled - if there is a sinister update, you can just uninstall it.



Also according to the design of the app (to be validated independently), none of your data or contact information is sent anywhere until and unless you tell it you are sick.  If you don't, the data is deleted on a rolling basis after 28 days.  If this is not true, we will find out when the source code is checked independently.

Mate, these are providers of solutions to the CIA.



Who's to say they won't somehow fake the source code they send to the independent vetters, or somehow quietly subvert the independent vetting process? Or quietly install a backdoor with one of the updates that doesn't get fully removed even if you uninstall it?



You guys are obviously tech saavy so you know how many dodgy apps have passed onto apple & google play.

[BeElBeeBub]

As an addendum to the messaging and not wishing to reopen the brexit side of things but i think there is a valid point here.



The Leave campaign, the major players of which now form the government, were absolute masters of disruptive messaging.



Absolutely no doubt, they were superb at blunting the other side's actions with their own messaging.



They would use "dead cats" to spike their opponents guns.



Deliberately use mixed messaging to sow confusion.



Shameless about bending political norms and traditions.



That worked superbly for the referendum. Remain were outclassed and playing a different game. They brought water pistol to a naval battle.



It worked after the referendum, they should have been crushed but a helpful opposition and pliable press plus a good helping of their skill at disruptive messaging won't the day



The problem is that when all you have is hammer, everything looks like a nail. Their approach would undoubtedly work against many opponents when the arena was public opinion and political decisions.



A pandemic has no PR department. The virus cares not for opinion polls or focus groups. All the positive press in the world can't magic up a cure.



But the government treated this, as it's leadership have done with everything for the last 5years, as a messaging issue.



It didn't matter what they did or didn't do, as long as they controlled the message...



Maybe they will get away with it.  A bit over a month ago it was front page news that deaths had hit 250 a day.



We are still way above that figure but the biggest story is where a government advisor puts his genitals.



Meanwhile the virus continues to kill people.

[BeElBeeBub]

I don't think the UK app does use the Gapple API.



If Gapple had done nothing or gone independent routes, it would be a valid approach



But they decided to out their rivalry aside for this.



As for developing a Gapple app for the UK, the issue would be fragmentation and confusion.



I assume it wouldn't be able to use the NHS logo or UK gov branding either



So some would use the official app, some the GApple based one and some probably use some russian malware by accident



Orcs confused messaging again.



Like telling people to avoid shaking hands and then saying you will anyway.



Or not closing pubs, just telling people not to go, and then having your dad go on telly and say he would go....





It's almost like they learnt nothing.

[Javert]

Putting aside the data/privacy concerns.



I fail to see why the UK thinks it can produce a better solution "hacking" than one baked into the OS of the two dominant smartphone OSes.



What happens when a Brit goes abroad?



With the Gapple scheme there should be interoperability between states.  The only issue is the visitor would need to download the database of the visited country to check if any of the tokens it has "seen" have popped up there. My understanding is the Gapple solution explicitly doesn't tie the tokens to a location.  If I understand correctly it may not even record a timestamps, it just looks for the token.



The UK app all wouldn't be compatible with any other country.  So Brits would be invisible and crucially, visitors would be too (unless we want to police visiting nationals sliding a UK gov app onto their phone and always running it - not a route we should go down).



Finally, my understanding is the Gapple solution is enabled even if you don't download the app. It just asks permission when the system goes live.  It can even give you a basic notification without the app and point you to the app for more info.



Being baked into the OS provides massively more coverage than an explicit app that needs to be downloaded

I tend to agree, but theIr excuse is that  want the data so they can see how the virus is developing by local areas.  I guess time will tell.  There are definitely a lot of tech people who are quite concerned about the UK yet again taking an exceptionalist approach.



My other question is, I wasn't clear on whether the UK app does actually use the Apple approved API at all?  If it doesn't, there is nothing to stop either them, or a private company, from developing a rival app using the official Gapple authorised approach?  Apple have said they will only allow one app per country to do that.  



I agree though that up to now, I'm not seeing how the limited data they will have centrally outweighs the technical risks of this approach yet.  It's pretty consistent though with the general UK response which, in spite of the normal leanings of the right wing government that we have, has been all about central command and control.

[BeElBeeBub]

Putting aside the data/privacy concerns.



I fail to see why the UK thinks it can produce a better solution "hacking" than one baked into the OS of the two dominant smartphone OSes.



What happens when a Brit goes abroad?



With the Gapple scheme there should be interoperability between states.  The only issue is the visitor would need to download the database of the visited country to check if any of the tokens it has "seen" have popped up there. My understanding is the Gapple solution explicitly doesn't tie the tokens to a location.  If I understand correctly it may not even record a timestamps, it just looks for the token.



The UK app all wouldn't be compatible with any other country.  So Brits would be invisible and crucially, visitors would be too (unless we want to police visiting nationals sliding a UK gov app onto their phone and always running it - not a route we should go down).



Finally, my understanding is the Gapple solution is enabled even if you don't download the app. It just asks permission when the system goes live.  It can even give you a basic notification without the app and point you to the app for more info.



Being baked into the OS provides massively more coverage than an explicit app that needs to be downloaded

[Javert]

...sooo... let me get this right.



..It's a good idea to install even more dodgy apps that harvest your data because..you have other dodgy apps, by other co's harvesting your data already? =-) And it would be hypocritical not to further harvest your data? (Re your guess about my beliefs on Brexit, it's the exact opposite btw).



I can really see why they call you Spock.



Your logic is impeccable.  :mrgreen:

That's exactly the point.  If I refuse to install this app, I should also delete my other apps.  Since I don't want to do that, I open myself up to accusation of hypocrisy if I refuse to install just this one app because everyone is talking about it.



That said, as I mention above, I want to see an independent analysis of the source code before I install it.



The other point is that if you are on Facebook or a whole load of other social media, you are already giving away a lot more specific information than you probably will be on this app - this app (unless they are lying), only knows your location by the postcode you enter when you first log in.  Even then, you don't have to prove it so you can put in a wrong postcode if you like.



Regarding the sinister updates to the app, apple and google don't let companies roll out apps that can't be uninstalled - if there is a sinister update, you can just uninstall it.



Also according to the design of the app (to be validated independently), none of your data or contact information is sent anywhere until and unless you tell it you are sick.  If you don't, the data is deleted on a rolling basis after 28 days.  If this is not true, we will find out when the source code is checked independently.

[Borg Refinery]

Btw; several more considerations here:



- Who's to say they won't release an update with sinister motives? Will all updates have their source vetted pre release? I doubt it.



And why are we so obsessed with discussing this app?



Aren't you equally interested in the govt's other contracts and NHSX/Faculty/Palantir already siphoning off every NHS Patient's data back to the US of A?

[Borg Refinery]

...sooo... let me get this right.



..It's a good idea to install even more dodgy apps that harvest your data because..you have other dodgy apps, by other co's harvesting your data already? =-) And it would be hypocritical not to further harvest your data? (Re your guess about my beliefs on Brexit, it's the exact opposite btw).



I can really see why they call you Spock.



Your logic is impeccable.  :mrgreen:

[Javert]

Have you read OP link?



Do you know who Palantir are? Good luck trusting yank spook tech guys with your personal info, I know I don't.

I agree it's a concern that Palantir or Dominic Cummings are involved, and that's why I won't be installing this app until I've seen an independent analysis of the source code, which they have promised to release.



However as I pointed out before, it would be a bit hypocritical in some ways for me to refuse to install this app, when I have such apps as Facebook already running on my phone.



The other question which I didn't ask above, is what guarantees do we have that the collected data will not be eventually given to the wrong people?  If I remember correctly, some of these companies like Palantir have already been pulled up for abusing security flaws in networks like Facebook to collect data that they should really be able to have, and then using it for arguably unethical purposes, although in those cases it was to win the Brexit Leave vote which I guess you might approve of.



Matt Hancock has promised that the data will be destroyed when the pandemic is over, but that's what Cambridge Analytica said and it then turned out they didn't destroy it till much later.

[Borg Refinery]

Have you read the articles?



As far as I can tell, the app does not require location tracking to be on, and even if it is on, the app does not use location tracking.



What it does do, is it asks you to enter the first 4 characters of your postcode manually.



Apple are pretty strict about apps that try to use both bluetooth and location tracking at the same time I think.  



Most people have bluetooth on as it's needed for headsets, watches and wearables and all sorts of other technology - it's not particularly risky if you are using proper applications approved through the Apple or Google stores.

Have you read OP link?



Do you know who Palantir are? Good luck trusting yank spook tech guys with your personal info, I know I don't.

[Javert]

How many people are going to be stupid enough to install this app.

It requires location being switched on, whereas many prefer location disabled unless they need it.

It requires Bluetooth on and enabled and visible, which is discouraged by every IT security adviser.

It's not getting anywhere near my phone.

Have you read the articles?



As far as I can tell, the app does not require location tracking to be on, and even if it is on, the app does not use location tracking.



What it does do, is it asks you to enter the first 4 characters of your postcode manually.



Apple are pretty strict about apps that try to use both bluetooth and location tracking at the same time I think.  



Most people have bluetooth on as it's needed for headsets, watches and wearables and all sorts of other technology - it's not particularly risky if you are using proper applications approved through the Apple or Google stores.