20 Mar 2020 (7pm - 10.30pm)
REACH
[6:02 pm, 20/03/2020] : ๐ก[Differences among a Quarantine Order, Stay-Home Notice and Leave of Absence]๐ก
❗ 1. Quarantine Order (QO): MANDATORY❗
• A QO is a legal order issued to individuals under the Infectious Diseases Act and have legal force with severe penalties for non-compliance. It is issued to quarantine or isolate an individual who is, or is suspected to be, a carrier of an infectious disease, or a contact of a person confirmed to have an infectious disease. This aims to limit the spread of the virus in the community.
• Quarantine usually occurs in the home but can also be served in dedicated Government Quarantine Facilities (GQFs) or hospitals, should the individual not have suitable accommodation in Singapore.
• A legal order issued under the Infectious Diseases Act, anyone flouting a quarantine for the first time may be fined up to $10,000, jailed for up to six months, or both, with higher penalties for subsequent breaches.
๐ 2. Stay-Home Notice (SHN):๐
• From 11.59pm today (20 March 2020), the SHN will apply to all Singapore residents returning to the country for 14 days.
• People served the notice will not require a dedicated room and toilet, unlike those under quarantine orders, but they should remain in their place of residence at all times. They should not go out even to purchase daily necessities, nor invite visitors to their residence. Their family members may continue to live with them. They should observe good personal hygiene practices. If those under a SHN become unwell, they should avoid contact with family members and seek medical attention immediately.
• Singaporeans who breach the notice can be prosecuted under the Infectious Diseases Act. First-time offenders can be fined up to $10,000, jailed for up to six months, or both.
๐ 14-day SHN for all travellers (https://www.moh.gov.sg/news-highlights/details/additional-measures-for-travellers-to-reduce-further-importation-of-covid-19-cases)
⚠3. Leave of Absence (LOA): PRECAUTIONARY⚠
• A LOA is a precautionary measure. Those on LOA are to be socially responsible and comply, to prevent possible transmission of infections.
• Persons on LOA should remain in their residences as much as possible, minimise having visitors and maintain records of persons with whom they come into close contact. They may leave their residences for daily necessities or to attend important matters, but they must minimise time spent in public spaces and contact with others.
๐ MOM encourages companies to impose LOA for employees returning between 14 and 20 March 2020 (https://www.mom.gov.sg/newsroom/press-releases/2020/0320-companies-encouraged-to-impose-loa-for-employees-returning-between-14-and-20-march-2020)
For more information, visit https://www.moh.gov.sg/covid-19.
[7:03 pm, 20/03/2020] : https://www.channelnewsasia.com/news/singapore/covid19-40-new-cases-most-imported-united-kingdom-12560382
[7:09 pm, 20/03/2020] : https://www.channelnewsasia.com/news/singapore/covid-19-coronavirus-singapore-seniors-activities-suspended-12560624
[7:18 pm, 20/03/2020] : https://www.channelnewsasia.com/news/singapore/covid19-safe-distancing-recommendations-retail-restaurants-12560568
[7:26 pm, 20/03/2020] : [Sent by Gov.sg - 20 Mar]
False rumours on the COVID-19 situation
The Prime Minister is not addressing the nation tonight, nor is Singapore locking down.
There are false rumours circulating that PM Lee will be addressing the nation tonight to announce a lockdown.
We urge all not to spread unverified information.
Stay updated with Gov.sg WhatsApp, available in 4 official languages
Sign up here: go.gov.sg/whatsapp
[7:29 pm, 20/03/2020] : Dear REACH contributors, welcome back!
Our chat will be opened until 10.30pm tonight.
๐ขTopic:๐ข
How do you think the TraceTogether mobile app would be useful for you?
https://www.channelnewsasia.com/news/singapore/covid19-trace-together-mobile-app-contact-tracing-coronavirus-12560616
--
[8:06 pm, 20/03/2020] : Tbh gov can get telco to release your location and whereabouts anyway
[8:08 pm, 20/03/2020] : Won't know how well App works until there is an increased community transmission
[8:10 pm, 20/03/2020] : Perhaps the App can be used to chart and study population movement patterns and used for the next pandemic
[8:29 pm, 20/03/2020] : Nope the triangulation are to far apart, the Bluetooth allows a more granular tracking to < 10m
[8:29 pm, 20/03/2020] ☸️ Danny ๅฟ:
(1) The contact tracing TraceTogether mobile app - look effective in contact tracing if everyone install it in their smartphone.
(2) But just concern about "bluetooth security" --- where normally we don't turn it on.
(3) By turning the bluetooth wireless on, anyone who turn on their bluetooth within 1 m to 5 m will be able to attempt to "pair" with our smartphone.
If successfully "pair with our smartphone" and crack the passkey or pin --- then hackers can access the data in our smartphone.
(4) The tracetogether mobile app looks secured as it only exchange temporary id which is encrypted and locally store in our phone.
(5) But the concern is turning our bluetooth on all the time - where we can potentially hack by hacker near us.
(6) Not too long ago, smartphone with NFC (Near Field Communication) - also got hack when someone with NFC reader come near enough to sniff our phone kept in our pocket.
(7) Just concern with the bluetooth wireless security (as it is using static pin or key) - which is not as secure as WiFi that uses WPA2 with dynamic key.
(8) Previously, WiFi also uses less secured authentication and encryption like WEP or TKIP -- which uses static key - which can be easily hacked by hackers.
-
Desmond
[8:32 pm, 20/03/2020] : Not pairing because we are walking so fast... but detecting if u are around the region and exchange basic info, which is the ID, look up IEEE on the Bluetooth spec ๐
--
[8:37 pm, 20/03/2020] ☸️ Danny ๅฟ:
(1) There is no need to use a mobile app with bluetooth to detect you.
(2) Every smartphone come with IMEI - and they will associate with any telco base stations for 4G signal that will capture your IMEI.
(3) Can easily capture your location - like location-based tracking. In fact, all that appear the vicinity will be captured.
(4) Also if no pairing between 2 mobile apps - how to download the temp id?
---
Desmond
[8:45 pm, 20/03/2020] : https://ieeexplore.ieee.org/document/1207180
[8:45 pm, 20/03/2020] : https://ieeexplore.ieee.org/document/7120717
[8:45 pm, 20/03/2020] : https://ieeexplore.ieee.org/document/1188075
[8:45 pm, 20/03/2020] : the research might not be the actual idea, but BT, don need to be paired to work..
---
Desmond
[8:47 pm, 20/03/2020] : contact tracing requires, Meters Accuracies , cell tower cannot provide that accuracies and if the user is in basement, you cannot locate the person....
[8:47 pm, 20/03/2020] : you cannot locate the person accurately
[8:51 pm, 20/03/2020] : i cannot say anything for android but for iOS, within the programming library, only this Core Bluetooth
https://developer.apple.com/documentation/corebluetooth/cbcentralmanager
CBCentralManager
An object that scans for, discovers, connects to, and manages peripherals.
is just like wifi scanning for SSID
[8:52 pm, 20/03/2020] ☸️ Danny ๅฟ:
(1) If bluetooth don't need to do pairing to work - with exchange key - then it will be a big security loopholes.
(2) A hacker can just turn on his bluetooth, get 1m - 5m near you - and download a malware into your smartphone, do middleman attack - and steal all your data.
(3) This is precisely my security concern --- in turning the bluetooth wireless on.
(4) Even with pairing and security pin - I am already concern about its static key that can be easily hack.
[8:53 pm, 20/03/2020] ☸️ Danny ๅฟ:
Basement also need base station else no phone can work.
Desmond
[9:00 pm, 20/03/2020] : We are talking about collecting people info walking past, not phone reception
if is that easy, google and thousands of researcher like me when i teach in Aus Uni, will not spent decades solving this issues liao..
[9:00 pm, 20/03/2020] : you can choose not to download the app :)
[9:01 pm, 20/03/2020] : have a great weekends ahead!
--
Desmond
[9:02 pm, 20/03/2020] : oh ya, if is that easy, Govtech will not do this liao, cos asking people to download app, is a hassle!!
Blue and White Flag Guy
[9:02 pm, 20/03/2020] : Hahaha best answer of the night ๐
[9:02 pm, 20/03/2020] : I agree!
[9:05 pm, 20/03/2020] ☸️ Danny ๅฟ:
(1) So you agree there is a security problem.
(2) In the past Wi-fi WEP key that uses a long static key - got hack easily within half and hour - through man-in-the middle attack.
(3) A blue tooth with no security or even a 6-pin or 5-pin key (static key) --- don't need that long.
Desmond
[9:06 pm, 20/03/2020] : Haha
Please go find out how apple do their app review, please
Blue and White Flag Guy
[9:06 pm, 20/03/2020] : Actually why use BT? If WhatsApp got Live Location, couldn't gahmen do the same? It's actually quite precise in my opinion
Kelvin Law
[9:09 pm, 20/03/2020] : People, App is by GovTech. They are not stupid people. They would not introduce an app that creates vulnerability among the masses. End of the day, if one is not comfortable then don't use.
[9:34 pm, 20/03/2020] ☸️ Danny ๅฟ:
(1) The issue is not that the Govtech mobile apps lack security.
(2) It is the comms - bluetooth security - that have fragile or no security.
(3) Normally, wh toen people go into the public, they will turn off all wireless (except their 4G) - including Wi-Fi, bluetooth, NFC.
(4) The reason being, hacker can bring a rouge Wi-FI AP - and if you turn on your wi-fi - it will intercept your smartphone when you allow wi-fi auto-roaming on - and your surf internet via its rouge wifi AP -- and the hackers will steal all your vital data.
(5) Or if you turn your bluetooth on - hackers can do a simliar man-in-the-middle attack on your smartphone.
(6) Or if you turn on NFC, hacker can use NFC reader to associate with your smartphone.
(7) People usually turn on their wifi, bluetooth or NFC - in a trusted environment - eg. your home or your workplace --- where you need proper sign-in, authentication and approval before you communicate.
Blue and White Flag Guy
[9:35 pm, 20/03/2020] : It's rogue by the way not rouge, I think I say before
[9:36 pm, 20/03/2020] ☸️ Danny ๅฟ:
Yap it is rogue. Mispell.
Blue and White Flag Guy
[9:36 pm, 20/03/2020] : And Danny you aren't wrong, we can have the best security but once we use an international standard that lags behind, there will be risks
Jerick Tan
[9:44 pm, 20/03/2020] : Agree
[9:46 pm, 20/03/2020] : Govts too are limited by tech ecosystem, and such a hastily assembled app will definitely have the concomitant shortcomings. I think it's a calculated risk, a balance between epidemic control and cybersafety.
[9:48 pm, 20/03/2020] :
I no sure how BT works in detailed. But sometime come into my mind, how about ppl who on BT with BT ear piece?
Does it mean may compromise security to their phone?
[9:52 pm, 20/03/2020] ☸️ Danny ๅฟ:
Yes if hacker want to hack.
Blue and White Flag Guy
[9:55 pm, 20/03/2020] : Denying it permission gives you this
[9:56 pm, 20/03/2020] : Also, checking on the permission screen, you can also see Storage, though it's not required, at least I know the FAQ doesn't mention about it
[9:56 pm, 20/03/2020] : I mean the newspaper reported incorrectly.
[9:57 pm, 20/03/2020] : Yes, and I'm confirming the other side, that is required
[9:58 pm, 20/03/2020] ☸️ Danny ๅฟ:
It is peer-to-peer --- basically "pairing" the mobile apps. Not location tracking.
[9:59 pm, 20/03/2020] : Hmm ๐ค๐ค๐ค
[10:00 pm, 20/03/2020] : I think the newspaper should explain properly coz otherwise it is misleading
[10:00 pm, 20/03/2020] : I'm not concerned about privacy, gahmen knows a lot about us more than we do
[10:01 pm, 20/03/2020] : After all, no one will coerce you into downloading the app, we cherish our phone storage a lot ๐
[10:01 pm, 20/03/2020] : Because it states "does not collect or use location data of any kind"
[10:01 pm, 20/03/2020] : ๐คท๐ป♀
[10:02 pm, 20/03/2020] ☸️ Danny ๅฟ:
It just pair to the "infected guy" - not location tracking (eg. associate with a base station or to a GPS).
[10:22 pm, 20/03/2020] ☸️ Danny ๅฟ:
This is what it say :- No other personal detail, such as names, will be collected. Neither does the app access a user’s phone contact list or address book.
The app also does not collect or use location data of any kind, such as GPS.
"The app doesn't identify 'where' the exposure to COVID-19 cases may have occurred. It only seeks to establish 'who' else might have been exposed to the virus," according to the TraceTogether website.
This means that location information can only be established by contact tracers during verbal interviews, it added.
All TraceTogether logs will be stored locally on the users’ phone in an encrypted form.
Blue and White Flag Guy
[10:16 pm, 20/03/2020] : Don't know if you guys monitor app behaviour but TraceTogether has already got some cache size there
[10:17 pm, 20/03/2020] : It was initially around 3 MB, now it's 5.49 MB
I expect it to increase further as I allow the app to run
Caleb
[10:17 pm, 20/03/2020] : ๐ค
[10:19 pm, 20/03/2020] : Mine 6MB Since yesterday morning
[10:20 pm, 20/03/2020] : And I don't on all the time. Only when at outside at a spot of at least 5 mins
[10:20 pm, 20/03/2020] : Hahaha I enjoy analyzing the app with you ๐
[10:20 pm, 20/03/2020] : Must compare and see ma
[10:21 pm, 20/03/2020] : Fun sia ๐
[10:22 pm, 20/03/2020] : Now we are tracing together on how this app work. Lol
[10:22 pm, 20/03/2020] : HAHAHA
----
---
21 Mar 2020
REACH
[10:00 am, 21/03/2020] : Dear contributors,
Welcome back! Our chat will be open until 6pm today.
๐ข Topics today ๐ข:
Have you started using the TraceTogether app? https://www.tracetogether.gov.sg
Meanwhile, more stringent containment measures have been announced yesterday, such as the suspension of gatherings with 250 participants or more, and recommendations on safe distancing measures for our retail and F&B sectors.
How will these additional measures affect you?
REACH
[10:38 am, 21/03/2020] : [Sent by Gov.sg – 21 Mar]
TraceTogether App - Let’s all help with contact tracing efforts
- App helps contact tracers call you quickly
- Early contacting better protects those around you & reduces spread of COVID-19 in S'pore
How it works:
1. Download app at go.gov.sg/traceapp
2. Enter your SG mobile number; allow to share if you’re identified as case/close contact
3. Turn on Bluetooth; enable necessary functions
- App does not collect personal or location data
- Bluetooth signals between users’ phones estimate distance between users and duration of encounters
- Data pulled with user’s consent
Tell your friends and family; share app. The more use it, the better prepared we will be to fight COVID-19 ๐ช
More: go.gov.sg/govsg-trace
---
Xcanfacai
[10:28 am, 21/03/2020] : I share this inform to my boss. He question how safe is this trcetogeyher app. Ask us do not download first, got to check thoughly.
With bluetooth open, Will it easy for ppls to hack into one phone and steal infor?
Bluetooth also eat up one battery very fast.
Kelvin Law
[10:42 am, 21/03/2020] : I feel that we should stop underestimating the people at GovTech. Like i say again, the good people there will not create an app that can cause problems for the citizens.
Elena Woo
[10:44 am, 21/03/2020] : ๐๐ป yeppe agree.
Kelvin Law
[10:45 am, 21/03/2020] : will on if going malls n other crowded places.
Leonard Lau
[10:49 am, 21/03/2020] : I saw the walk thru and the concept behind .. very well thought and idea by Gov Tech .
--
[2:24 pm, 21/03/2020] ☸️ Danny ๅฟ:
(1) Assessing the use of Tracetogether Mobil Apps - to help in contact tracing.
a. Concept very good - as it is a good productivity tool - that can facilitate MOH in contact tracing.
b. Mobile apps - security is deem sufficient as no personal details are downloaded or exchange between phone - only temp id that are securely stored in each handphone. Info. only released upon contact to Authorities only - and no lost of personal data to unknown parties.
c. The only problem is - this mobile apps use a communication technology (blue tooth security)that is security vulnerable - with no or very fragile security --- that allows hackers to hack any handphone quite easily.
d. Why does the mobile apps require "bluetooth" to facilitate the use of the mobile apps?
i. bluetooth distance is about 10m (unblock) or about 1 to 5 meters if many obstacles.
ii. also bluetooth within range (when turn on) will be able to detect any bluetooth devices within its smartphone (so any infected person with handphone bluetooth turn on) --- will be detected an download to the mobile apps.
iii. when the 2 person exceed the distance of 10 meters - the bluetooth signal drop -- and indicate the 2 person devices are no longer in close contact - so bluetooth is a good comms for contact tracing.
(2) But the problem is bluetooth security is a big concern.
a. Bluetooth use no security or very fragile security (static key with only a 6-5 pin key) - that can be easily hack by a man-in-the-middle attack.
b. Hacker once see a guy or gal turn on the Tracetogether mobile apps --- will know that he/she use bluetooth (without even need to turn on his devices to detect any bluetooth signal).
c. Hacker will simply download a malware to his "pair bluetooth" devices if no bluetooth security or after hacking a bluetooth 5-6 pin key --- will download a malware ( and then leave).
d. Each time the hackee do eCommerce transaction eg. do banking, buy or sell share, access his CPF, etc ---- the malware with keylogger - will capture the hackee id, password, the SMS OTP that drop into his handphone and pipe them to the hacker server --- who will then use hackee id, password and sms otp to access his banking, share, cpf ----- and transfer their money, sell their share, transfer out the cpf balances etc to the hacker account --- each time the hackee access the internet via 4G or secure wi-fi to do their digital transaction.
e. The above is what the hackee is preparing to lose - by "attracting bluetooth coronatrojan" into their handphone --- and hacker only need to infiltrate once --- but steal always --- without the hackee knowing.
Now then what is a more secured way to to Tracetogether mobile apps?
aka datang .....
Jimmy Chew
[2:31 pm, 21/03/2020] : Question on every techie's mind. How secure is this app
Blue and White Flag guy
[2:33 pm, 21/03/2020] : I don't like how people insist what GovTech do is definitely right, why can't we give our feedback?
Discussion on security aspect doesn't harm anyone does it?
--
Desmond
[2:41 pm, 21/03/2020] : get an iPhone
[2:42 pm, 21/03/2020] : Haha iPhone uses blue tooth tech too ๐
[2:42 pm, 21/03/2020] : would be good if the user can access the information to see what is being stored on the phone
[2:42 pm, 21/03/2020] : If it only registers when another user is present for 30 minutes I dont really care if it gets hacked :)
[2:43 pm, 21/03/2020] : We assume that govt cannot be wrong like the PMD issue ๐คฃ๐ผ๐ช
[2:43 pm, 21/03/2020] : He was saying, hacker installing some malware in the phone ma, in reality it’s not possible la
[2:43 pm, 21/03/2020] : Cool. You have got 10k withdrawn from your account because of Trojan
[2:43 pm, 21/03/2020] : Ya lor this issue I damn angry
We cannot assume everything gahmen do is right, if not why got REACH?
[2:44 pm, 21/03/2020] : Don't need to be angry. Get voted and be at the top. Make difference ๐คฃ
[2:45 pm, 21/03/2020] : Who insisted? Differing opinions are good, I agree.
[2:45 pm, 21/03/2020] : Hahahaha but I champion one aspect only ma, ministers must generally be all-rounded ๐คญ
[2:45 pm, 21/03/2020] : So learn to accept that some opinions do side with the government.
[2:46 pm, 21/03/2020] : In Bluetooth , it stills requires authentication and authorisation before a hacker can come into a phone . Not so straight forward .
[2:46 pm, 21/03/2020] : This one is Policy and that smart Alec should be fired haha
No bike for me to ride ๐
[2:46 pm, 21/03/2020] : True true but what about low energy?
[2:46 pm, 21/03/2020] : I see. I'm not an expert on hacking apps through bluetooth signal, but will research this!
[2:46 pm, 21/03/2020] : AMAP? More like alAMAK
[2:47 pm, 21/03/2020] : What’s AMAP
[2:47 pm, 21/03/2020] : It's possible, Man-in-the-middle happens more than you can imagine
[2:47 pm, 21/03/2020] : U know how Wi-Fi works?
[2:47 pm, 21/03/2020] : Active Mobility Advisory Panel
Go shoot them ๐
[2:48 pm, 21/03/2020] : Wi-Fi in which aspect? If encryption I know we progressed from WEP to WPA2
[2:49 pm, 21/03/2020] ☸️ Danny ๅฟ:
(1) Thus normally wifi, bluetooth and NFC (Near Field Communication) -- are usually used in a trusted environment --- eg. Home, Workplace --- where you know you are communicating with a trusted source.
(2) And when done, you will normally turn off the wifi, bluetooth and NFC - when you go into a public place (untrusted source).
(3) Note :- Wifi --- in the past use WEP key (static key) or a hash TKIP key (safer but still static key) that uses very long alphanumeric as the key.
(4) But being wireless, hackers can easily do a man-in-the-middle attack to steal its static wep or tkip key and steal its key. Or use a rogue Wifi AP to let hackee associate with it to do e-Transaction and steal its userid and password.
Now a hacker can even use a credit card size (Raspberry PI) to setup as rogue wifi AP).
(5) Then wifi come up with WPA2 - that uses digital cert to do authentication and dynamic key (key that use only once) for connectivity --- so even if hackers do man-in-the-middle attack --- the key has change to a new key -- -and the stolen key no used.
(6) Bluetooth don't use dynamic key but static key --- which is very dangerous.
(7) Then can Tracetogether mobile apps use a safer comm technology ? The answer is can.
aka datang....
[2:49 pm, 21/03/2020] : Phone can only be hacked through bluetooth if the phone has already been compromised through other means. The hacker has to be within 10 metres. Seems a very remote chance thise two things could happen, but you make a fair point.
[2:49 pm, 21/03/2020] : ๐ actually should be the LTA staffs
Cos they supposed to have a tender for bike, then all the bike company comes in, they (LTA) said let market run, after that got incidents, kiasu enact law that’s so toxic for the bike company to run, all run road ๐คฃ
End of the day we pay for the damage ๐คฃ
[2:49 pm, 21/03/2020] : Akan datang, betul, kerana bila?
[2:50 pm, 21/03/2020] : Any Bluetooth devices paired to the phone will create this power usage issue .
[2:50 pm, 21/03/2020] : Orh your issue is with shared bike, not PMD ๐
[2:50 pm, 21/03/2020] : No no I not talking about power usage I mean how it detects ๐ฌ
[3:11 pm, 21/03/2020] ☸️ Danny ๅฟ: --
(1) As cybersecurity is in everyone's mind then what is the safer communication mode?
(2) 4G is a safer communication mode (as it is not possible for people to carry a telco base station around) - and telco security is tighter (only sophisticated State hackers can pull off the hacking).
(3) User handphone will normally have to associate with the telco base station for its 4G connectivity. And the base station will normally capture the IMEI on the SIM card that uniquely identified the handphone number and the handphone user.
(4) Tracetogether mobile apps can work with the 4 telcos --- Singtel, Starhub, M1 and TPG to allow the mobile apps to download the IMEI and handphone number at a specific location base station with the appropriate time and duration together with GPS - when the handphone drop off its connectivity to the base station (indicate the handphone and the person has left and together with the GPS (indicate where is the location of the person) --- except if the handphone no battery and cut off connection or the user switch off the handphone.)
(5) Noted that telco base station and GPS (location-based tracking) --- are less precise in the distance measurement of the 2 persons (infected + another person come in contact) ---- and the surface area is larger than using bluetooth --- the security is tighter than the bluetooth security.
Of course in contact tracing --- MOH and Police will have to cover a larger area and more people --- but at least cybersecurity is not breached --- as all people have to turn on 4G in their smartphone (where normally people who are security conscious will not turn on bluetooth, wifi or NFC in public places).
(6) If people feel safe using 4G, then more people are likely to adopt the Tracetogether mobile apps. In which i don't have issue with the security aspect of the mobile apps.
I am only concern with turning on bluetooth 24 hours -- and then sit in food court for 30 mins to eat --- and hacker use this time to hack my handphone.
[2:49 pm, 21/03/2020] : Phone can only be hacked through bluetooth if the phone has already been compromised through other means. The hacker has to be within 10 metres. Seems a very remote chance thise two things could happen, but you make a fair point.
[2:49 pm, 21/03/2020] : ๐ actually should be the LTA staffs
Cos they supposed to have a tender for bike, then all the bike company comes in, they (LTA) said let market run, after that got incidents, kiasu enact law that’s so toxic for the bike company to run, all run road ๐คฃ
End of the day we pay for the damage ๐คฃ
[2:53 pm, 21/03/2020: They can’t .. if they can , the other phone has to ask for your permission .. this is Bluetooth initial security handshake .
[2:55 pm, 21/03/2020] : So you are asking the same , eg I am using a Bluetooth handsfeee for phone and a Bluetooth speaker at home ..
The detection is the same .
The apps is just using the Bluetooth to poll distance like a pair of light . No Data transmit between each other
[2:56 pm, 21/03/2020] : As in the scanning lor, can see all the Wi-Fi ma
[2:57 pm, 21/03/2020] : That is Layer 2 .. I suppose
[2:58 pm, 21/03/2020] 1: Other phone? I mean , I want to see what data the app is storing on my phone.
[2:59 pm, 21/03/2020] : Please share how? As u r aluding the people from GDS, CSG & MOH didnt think properly before launching the product....
[3:00 pm, 21/03/2020] : Huh bro, you talking to yourself?
[3:00 pm, 21/03/2020] : Goes to show our inputs are still important!
[3:00 pm, 21/03/2020] : Yes, that's what I understand too. Just used to measure distances and time in the same space.
[3:00 pm, 21/03/2020] : Wah lai liao OSI model? ๐
[3:00 pm, 21/03/2020] : Your data is not stored in your phone .. it’s in the cloud .
[3:01 pm, 21/03/2020] : ๐
[3:01 pm, 21/03/2020] : Lol, just trying to keep the thread together! ๐๐
[3:02 pm, 21/03/2020] : You sure? The app says that the data is not sent until needed and only with my approval using a special code.
[3:02 pm, 21/03/2020] : It is stored in local phone, not in cloud
[3:02 pm, 21/03/2020] : What siao .. all these networking and telco stuff are about osi 7 layers.
[3:02 pm, 21/03/2020] : Data ?
[3:03 pm, 21/03/2020] : Yes the data stored in local phone
[3:03 pm, 21/03/2020] : Data is stored locally,not in the cloud
[3:03 pm, 21/03/2020] : Lai liao not siao liao aiyo
[3:03 pm, 21/03/2020] : Locally bro, if not why my storage drop? ๐ฌ
[3:04 pm, 21/03/2020] : If really scared, install mobile security in ur phone to help protect against unauthorised probing sia.
[3:04 pm, 21/03/2020] : Yes, which is good advice regardless!
[3:05 pm, 21/03/2020] : Sorry guys .. I think i am not on the same page when comes to data . I skip my input since it is going to create confusion to all .
Thanks
[3:06 pm, 21/03/2020] : Hanor hanor
[3:07 pm, 21/03/2020] 1: Sorry guys .. I had caused a mess . I will step out from this topic.
[3:11 pm, 21/03/2020] ☸️ Danny ๅฟ: --
(1) As cybersecurity is in everyone's mind then what is the safer communication mode?
(2) 4G is a safer communication mode (as it is not possible for people to carry a telco base station around) - and telco security is tighter (only sophisticated State hackers can pull off the hacking).
(3) User handphone will normally have to associate with the telco base station for its 4G connectivity. And the base station will normally capture the IMEI on the SIM card that uniquely identified the handphone number and the handphone user.
(4) Tracetogether mobile apps can work with the 4 telcos --- Singtel, Starhub, M1 and TPG to allow the mobile apps to download the IMEI and handphone number at a specific location base station with the appropriate time and duration together with GPS - when the handphone drop off its connectivity to the base station (indicate the handphone and the person has left and together with the GPS (indicate where is the location of the person) --- except if the handphone no battery and cut off connection or the user switch off the handphone.)
(5) Noted that telco base station and GPS (location-based tracking) --- are less precise in the distance measurement of the 2 persons (infected + another person come in contact) ---- and the surface area is larger than using bluetooth --- the security is tighter than the bluetooth security.
Of course in contact tracing --- MOH and Police will have to cover a larger area and more people --- but at least cybersecurity is not breached --- as all people have to turn on 4G in their smartphone (where normally people who are security conscious will not turn on bluetooth, wifi or NFC in public places).
(6) If people feel safe using 4G, then more people are likely to adopt the Tracetogether mobile apps. In which i don't have issue with the security aspect of the mobile apps.
I am only concern with turning on bluetooth 24 hours -- and then sit in food court for 30 mins to eat --- and hacker use this time to hack my handphone.
Blue and White Flag Guy
[3:15 pm, 21/03/2020] : It's ok man I subscribe to opsec news, I know how it works
And great insight from you despite the ever so lengthy messages
Desmond
[2:59 pm, 21/03/2020] : Please share how? As u r aluding the people from GDS, CSG & MOH didnt think properly before launching the product....
[3:14 pm, 21/03/2020] ☸️ Danny ๅฟ:
You go to Google and type "how to hack Bluetooth and WiFi".
They will show you how.
Leonard
[3:14 pm, 21/03/2020] : Photos is stored locally unless u choose cloud
Blue and White Flag Guy
[3:14 pm, 21/03/2020] : Huh what photos? I mean the app ๐
Leonard
[3:15 pm, 21/03/2020] : App of cuz stored locally
[3:15 pm, 21/03/2020] : If not how can the handphone company make money
[3:16 pm, 21/03/2020] : Lol. I haven't switched off my bluetooth since the day I bought my first smartphone ๐
[3:17 pm, 21/03/2020] : Aiyo Bobby you not on wrong page, you on wrong book! ๐
[3:17 pm, 21/03/2020] : Are you serious? ๐
[3:18 pm, 21/03/2020] ☸️ Danny ๅฟ:
Clement Lim
[3:16 pm, 21/03/2020] : Lol. I haven't switched off my bluetooth since the day I bought my first smartphone ๐
Blue and White Flag Guy
[3:17 pm, 21/03/2020] : Are you serious? ๐
Desmond
[3:20 pm, 21/03/2020] : Haha join ISACA
Clement Lim
[3:20 pm, 21/03/2020] : Yea. Nothing happened yet. ๐ use bluetooth for many functions like my computer dynamic lock and my home door. So lazy switch off
Blue and White Flag Guy
[3:20 pm, 21/03/2020] : HAHAHA No wonder
[3:20 pm, 21/03/2020] : I thought you blur blur never off
Leonard
[3:21 pm, 21/03/2020] : Haha
Jonathan Lim
[3:22 pm, 21/03/2020] : Gd
Blue and White Flag Guy
[3:24 pm, 21/03/2020] : Siol!
Bobby Tan
[3:25 pm, 21/03/2020] : My wife nv off Bluetooth as she dunno wat is that
Blue and White Flag Guy
[3:25 pm, 21/03/2020] : Power lah you! ๐ช
Desmond
[3:25 pm, 21/03/2020] : We talk till we all are security experts ๐คฃ
Blue and White Flag Guy
[3:26 pm, 21/03/2020] : Hahaha tell her off!
A lot of people blur sia I have to tell them off Wi-Fi, Bluetooth, Location, NFC all these when not needed ๐
Leonard Lau
[3:26 pm, 21/03/2020] : What area are you in ?
Desmond
[3:31 pm, 21/03/2020] : Me ah?
Sometimes SIRO
Sometimes PM
Sometimes Dev
Sometimes Network Engineer lor
[3:31 pm, 21/03/2020] : I run tech programmes
Desmond
[3:27 pm, 21/03/2020] : Honestly, regardless of security, we are facing the the reality of COVID 19
[3:27 pm, 21/03/2020] : And have to find a way solving the issues
Blue and White Flag Guy
[3:27 pm, 21/03/2020] : This is what we do best, fixing problems! This is how we progress as humanity ๐
Leonard Lau
[3:27 pm, 21/03/2020] : All the BCP and CRISC theories are tested .. haha
Desmond
[3:28 pm, 21/03/2020] : We can of cos comments all we want, that’s why we are part of the NATO
[3:28 pm, 21/03/2020] : No Action Talk Only
Blue and White Flag Guy
[3:29 pm, 21/03/2020] : But I'm NATO without the O ๐คญ
Desmond
[3:29 pm, 21/03/2020] : Oops my bad
EDIT: NAO
Blue and White Flag Guy
[3:30 pm, 21/03/2020] : NAT la
XaniceAfcai
[3:30 pm, 21/03/2020] : My boss just sent a msg to us not to install until he further check if it is safe.
Leonard
[3:32 pm, 21/03/2020] : What is the biggest challenge now ?
Desmond
[3:32 pm, 21/03/2020] : Vaccine
Leonard Lau
[3:33 pm, 21/03/2020] : It won’t be ready so soon .. perhaps by Dec
Blue and White Flag Guy
[3:40 pm, 21/03/2020] : We are literally on the same page here, I read a lot from NullByte :_
[3:40 pm, 21/03/2020] : :) *
Desmond
[3:41 pm, 21/03/2020] : Go and try it out in the name of research
[5:22 pm, 21/03/2020] ☸️ Danny ๅฟ:
☸ Danny ๅฟ: https://www.straitstimes.com/world/united-states/us-tests-two-generic-drugs-in-race-to-find-coronavirus-cure
☸ Danny ๅฟ: https://www.straitstimes.com/world/united-states/search-for-coronavirus-vaccine-becomes-a-global-competition?cx_testId=20&cx_testVariant=cx_4&cx_artPos=4#cxrecs_s
---
REACH
[8:53 pm, 21/03/2020] : [Sent by Gov.sg]
COVID-19: 21 Mar Update
As of 12pm:
New imported cases: 39 [33 S’pore residents & long-term pass holders, 6 visitors; travelled from Australia, Europe, N.America, ASEAN, other parts of Asia]
New local cases : 8 [2 linked to previous cases, 6 currently unlinked]
Total cases in Singapore: 432
Discharged today: 9
Total discharged: 140
Total remaining in Hospital: 290
Most in hospital stable or improving. 14 in ICU.
go.gov.sg/moh21mar
Comply with Stay-Home Notice (SHN) to limit spread of virus
1. Remain in your place of residence at all times
2. Minimise contact with others
3. Monitor your health closely
4. Maintain good personal hygiene
5. Clean your place frequently
6. Do not share food or personal items
go.gov.sg/govsg-shn
Take Safe Distancing seriously
๐จ↔๐ฉ Maintain 1m distance from others
๐ซ๐ค Don’t shake hands
๐ป๐ Work From Home if possible, teleconference
go.gov.sg/govsg-sd
Let’s play our part to protect ourselves & others
Don’t overwhelm our healthcare system
---
[8:57 pm, 21/03/2020] ☸️ Danny ๅฟ:
Wonder when 6 are unlinked, how do they get the virus?
Must be from someone who are infected but not identified.
Wonder those unlinked had finally identified the source of infection?
---
[9:21 pm, 21/03/2020] ☸️ Danny ๅฟ:
Wuhan being the epicenter can achieve 0 cases.
WHO believe the world can too.
https://www.channelnewsasia.com/news/asia/coronavirus-covid19-wuhan-reports-no-new-cases-who-12562266
--
[9:57 pm, 21/03/2020] ☸️ Danny ๅฟ:
(1) Also telco will protect their 4G network and GPS extender -- better than anyone do.
(2) User handphone - who know how to protect their bluetooth - beside bluetooth inherent security is weak?
---
No comments:
Post a Comment