Open-source contact tracing, part 1

Posted Jun 26, 2020 6:33 UTC (Fri) by mrybczyn (subscriber, #81776)
In reply to: Open-source contact tracing, part 1 by Karellen
Parent article: Open-source contact tracing, part 1

I'm the author of the article, so let me answer your questions.

This is usually a random value taken from the random pool of the device or server generating it.

In centralized system this number is linked to some information about the user, for example in the Singaporean application, the central server stores phone numbers of the users with their global IDs.

In the decentralized systems it is mostly just kept on your phone and published only if you get infected.

Open-source contact tracing, part 1

Posted Jun 26, 2020 11:24 UTC (Fri) by kleptog (subscriber, #1183) [Link]

By the way, thanks for writing on this. I'm really interested in how different countries have approached it and this may be a once-in-a-lifetime chance to test whether this idea can work. This virus has just the sweet-spot that makes this feasible (for something as infectious as the measles no app will save you).

Open-source contact tracing, part 1

Posted Jun 26, 2020 18:32 UTC (Fri) by Karellen (subscriber, #67644) [Link]

In centralized system this number is linked to some information about the user,

But in the centralized case, doesn't the central server already know who you are? If so, how does a random number that's been assigned to you "reveal your identity" to any entity who didn't already know who you were?

In the decentralized systems it is mostly just kept on your phone and published only if you get infected.

...so how would this random number "reveal your identity" in any way that wouldn't be wouldn't be revealed anyway?

I'm still not understanding the privacy leak here. Sorry, I'm honestly not trying to be snarky or anything, I just feel like I must be missing something really big and obvious.