• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » News » Coronavirus symptom apps are already showing their security problems

Coronavirus symptom apps are already showing their security problems

by Chris Stokel-Walker
12 May 2020
in News
0
Woman using a phone with the coronavirus tracking app installed

Woman using a phone with the coronavirus tracking app installed

65
SHARES

A major flaw in a widely-used app raises questions about how much to share

From Singapore to the UK, and all places in between, we’re being encouraged to download and install contact tracing apps to help track the spread of the novel coronavirus, which causes covid-19, responsible for hundreds of thousands of deaths worldwide. The apps, which often use Bluetooth low energy connections to monitor how we interact with each other, are designed to help us out of the lockdown that has kept us all indoors across the globe.

But there are issues with handing over so much personal data to apps that have been developed so quickly, as researchers are rapidly finding out.

Telling everything you know

Data privacy experts have warned repeatedly about the issues around such contact tracing apps, and the risks involved in using them. While it’s important to monitor how coronavirus is spreading within a community, it’s also important to maintain personal privacy, not least when you’re disclosing elements of your health.

For that reason, advocates of data protection have proposed decentralised apps that are easier to store data on, and don’t run the risk of someone managing to access vast amounts of information about people. They’re also advising users to be careful about what kind of information they provide, steering away from giving names, birth dates or anything else that could be used to directly identify them.

It’s a fine line to tread for the average user between staying safe from the medical issue that is ensnaring the world, and not getting caught up in the risky business of having your personal information hacked at a later date.

More haste, less speed

Many of these apps have been designed, developed and rolled out quickly, often without rigorous user testing. The UK’s own coronavirus symptom checking app is believed to need to pass an Android phone at some point for the Apple version of the app to actually work – an indication of just how bad it can be.

Singapore’s own app suffered from a low uptake in part because it required the app to be open and the screen switched on at all times to work – difficult when you’re holding your phone in your pocket. But the biggest fear is a data breach – and we’ve just learned that what was a hypothetical issue is now a reality.

Jio’s symptom checker springs a leak

Indian mobile phone network Jio, which has rolled out superfast mobile connections across the country, released its own symptom checking app in India in late March as a way of helping monitor symptoms just before the Indian government shut down the entire country.

Users could answer questions and report symptoms to the app, which would then collate the data to monitor the spread and scale of the severity of coronavirus. But a security researcher has identified that for a time, Jio transmitted that data to a database available on the internet and accessible without a password.

The database had millions of logs dating back to mid-April, including ages, gender and details of people who took the app-based test. It’s a privacy nightmare, and one that Jio said they took immediate action to fix when they were informed of the vulnerability.

But it highlights the issue with trying to develop things like this at such a speed, and particularly when you’re dealing with the personal data of those participants. This isn’t just your age and your thoughts – this is private healthcare data that could be used against you by hackers.

The data wasn’t just limited to India, either. Some people outside the country had downloaded the data, including in North America and the UK and entered their details, leaving them potentially exposed to hackers. So when you’re asked to install a symptom checking app, think twice about what you share with it.

Share65TweetShareShare

Related Posts

Elon Musk

Elon Musk to offer $100 million prize for ‘best’ carbon capture tech

22 January 2021
Alphabet shutting Loon, which used balloon alternative to cell towers

Alphabet shutting Loon, which used balloon alternative to cell towers

22 January 2021
Parler loses bid to require Amazon to restore service

Parler loses bid to require Amazon to restore service

22 January 2021
Bitcoin heads for worst weekly loss in months

Bitcoin heads for worst weekly loss in months

22 January 2021
Next Post
satellite firing a laser

Could hackers turn satellites into weapons?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83031 shares
    Share 83021 Tweet 0
  • 8 best cybersecurity podcasts for 2021

    56 shares
    Share 56 Tweet 0
  • Facebook is tracking you: learn how to delete all Facebook data

    56 shares
    Share 56 Tweet 0
  • How to find what Google knows about me and get back my privacy?

    0 shares
    Share 0 Tweet 0
  • Most common passwords: latest 2021 statistics

    381 shares
    Share 381 Tweet 0
Elon Musk

Elon Musk to offer $100 million prize for ‘best’ carbon capture tech

22 January 2021
Is there life on Mars?

Is there life on Mars?

22 January 2021
Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
Alphabet shutting Loon, which used balloon alternative to cell towers

Alphabet shutting Loon, which used balloon alternative to cell towers

22 January 2021
what is wireguard

WireGuard protocol: everything you need to know

22 January 2021
Parler loses bid to require Amazon to restore service

Parler loses bid to require Amazon to restore service

22 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!