# Information security final report remarks From: [Jan-Pieter](mailto:jan-pieter@baert.jp.net) and [Gertjan](mailto:gertjan.desmet@ugent.be) The report is already very good, but we want to make it perfect, hence the nitpicking. All remarks are in order of text and the used syntax for replacing is based on the [sed](https://linux.die.net/man/1/sed) syntax, with extra liberties, lines starting with "???" are not sure and need to be checked by the other reviewer. Note that most of these are **suggestions**, don't blindy copy them. For your convinience we made them all using [ ] checkmarks so you can tick the boxes when controlling them. ## General: - [x] perhaps include a table of contents (on a new page)? - [x] References on a new page? - [x] s/fig./figure/g ## Chap 1: - [x] s/west Africa/West Africa/ - [x] "dropped below unity" what does this unity mean? do you mean "one"? - [x] Figure 1/2 what does EBOV mean? - [x] s/can be expanded further /can be expanded upon further/ - [x] s/for at risk people/for people at risk/ - [x] s/Our system would allow .../Our system would help .../ (other systems might allow it as well) - [x] s/at risk subjects/people at risk/ - [x] "we have no idea" this isn't true, we have some idea, but our system would give a better guesstimate (guessed estimate) - [x] s/A problem that arises/One of the major problems that arises/ - [x] s/western world/Western world/g - [x] s/people attach great importance.../ privacy is of great importance/ - [x] s/would track their everyday/would track everday movement/ (reason: no need to specify 'their' for a general public) - [x] s/used for malintent/used maliciously/ - [x] s/This malintent/ This/ - [x] s/homes/homes \/ stores/ - [x] s/So it is important that every.../ Every attempt at implementing contact tracing therefore should always be keen on keeping the privacy of those being tracked safe as one of its major objectives/ ## Chap 2: - [x] s/Originally we wanted/ Our original idea was to/ - [x] s/On second thought too many/On second thought there are too many/ OR s/.../On second thought, the use of smartphones would give too many practical problems from our point of view.)/ - [x] "every model is different" this is true, you have blondes, browns, redheads, maybe clarify that it's about smartphone models - [x] s/We have thus decided.../ Thus, we have decided.../ - [x] s/This device/The device/g (No need to specify THIS, it's clear from context) - [x] s/and it will be mandatory/and will be mandatory/ - [x] s/can send certain specific/can send specific signals/ (No added value from 'certain') - [x] /s/store a limited set of/store a limited amount of/ (This part is not yet explaining our approach, so need for "set") - [x] s/This simplicity.../The device itself should not be too complicated, such that the cost of these devices can be low. Realisticly speaking, a cost of around €10 per device would be ideal./ - [x] "tens of euros", this means about a few billion (±450 million people) for the [European Union](https://en.wikipedia.org/wiki/European_Union), this is not that much compared to the economic damage from e.g. COVID-19, perhaps add this as well, [damage eu](https://www.europarl.europa.eu/news/en/headlines/society/20200416STO77205/covid-19-s-economic-impact-EU100-billion-to-keep-people-in-jobs) - [x] s/Keeping the economy.../ This cost would be justified because it can keep the economy going, in contrast to what has happened with the economy recently/ ( A small hint towards the real-life situation is often welcomed quite good.) ### Chap 2.1: - [x] s/We will now give.../Firsly, we will give a.../ - [x] s/Our device will keep track/Our plan is to have a device that will keep.../ - [x] s/... you come into contact, a time.../you come into contact with, along with a timestamp, location and proximity of the encounter/g - [x] s/The device will store all... on your device/All accumulated information will be stored encrypted locally on the device. - [x] s/using an embedded device/using embedded devices would allow us to make sure.../ - [x] s/doesn't get erased/can't be fiddled with/ - [x] I love the word "Fiddling" :smiley: - [x] s/The law needs to/The law should also be altered such that fiddling with the device or storage will be illegal and punishable./ - [x] s/No connection.../Only if a person has been confirmed as infected, a connection between the device and the government servers will be made to transmit the data./ - [x] s/At that point/ At this point/ (Only one point specified, so "this" is a better way to indicate we are talking about the same point in time) - [x] s/about your infection/about **their possible** infection/ #### Chap 2.1.1: - [x] s/governments/government's/ - [x] s/Your E-ID/Belgian E-ID's use an auth.../ - [x] s/Therefore when someone/Therefore IF someone should get a hold/ (We hope that it doesn't happen, when signals that it probably will happen) - [x] s/hashed ID's that person/hashed ID's, that person/ - [x] s/the government to check/the government to verify/ - [x] s/when you get infected/in case you get infected/g - [ ] why the "?" in figure 3? #### Chap 2.1.2: - [x] s/Now that every.../Once everyone has a device, including you, each encounter can be registered in the system using said devices./ - [x] s/will constantly/ will periodically/ - [x] s/will locally/ will internally store/ - [x] s/... you come into contact, a time.../you come into contact with, along with a timestamp, location and proximity of the encounter/g - [ ] perhaps move figure 4 to just after the first paragraph and add location in it - [x] s/where one of these two signals are/where one of these signals could be imprecise, due to environmental interference/ (e.g. instead a tunnel) - [x] s/we could pickup unusual signals/we could pick up on unrealistic\/very improbable signals/ - [x] 'When this information is sent from...' <- What does this sentence mean? - [x] s/locally store his encrypted encounters/localy store this encounter encrypted/ - [x] s/This prevents anyone/This prevents unauthorized individuals... Only the government's authorized personnel who have access to part of the multikeys will be able to see the data when needed./ - [x] s/would be a catastrophe/would be catastrophic/ - [x] ??? "We don't use the decryption before someone gets infected" perhaps advice some law to prevent this? (for e.g. stolen devices by malicious govt.) - [x] s/should not pose a problem/should not pose a problem since the usage will be *relatively* low in comparision to the other operations in our system./ #### Chap 2.1.3: - [x] s/No connection to../Our method of contact tracing would have no connection to govt. servers until.../ - [x] s/This will allow/This allows us to.../ - [x] s/your doctor's office/the doctor's office/ - [x] s/At that point/After this information has been sent (to the govt.),/ - [x] s/about your infection/about **their possible** infection/g - [x] s/This way we have less vulnerable traffic/ This way we have less traffic, thus less exposed potential vulnerabilities and a better overal security./ - [x] s/Your still encrypted data/Your data, which is always encrypted, since there is never any.../ - [x] "On top of this the hash", 1) This isn't correct, we send hashes for all contacts since the specified timestamp (e.g. 2 weeks ago)(**NOTE**: These hashes are **NOT IMPLEMENTED YET**), since this allows to identify tampered records 2) The sentence got cut off 🙃 - [x] s/Therefore no one single/Therefore, there is no way that one single person.../ - [x] s/Using this private multikey/This private multikey will be the only to deciphere the information./ - [x] s/this infected person/the infected person/ - [x] s/All now at risk people/All people who might be at risk of infection/ - [x] s/the person's doctor preferably/their doctor. This is preferably done through safe channels/ - [x] s/scope of our system/scope of our project/ - [ ] figure 5: s/his device data/their data/ #I know this is nitpicking, but "their" is the gender-neutral possesive pronoun # Second review - [x] Titel page: Maarten de Mildt should be before Robbe Van Herck ## Chap 1: ### Chap 1.2: - [x] Check First review (at time of this review certain things that apply to this part haven't been changed **yet** (or at least not checkmarked)) - [x] s/bad intentions/malicious intent/ - [x] s/application/system/g - [x] s/big percentage/most/ - [x] s/we have assumed.../In our implementation we made the assumption that.../ - [x] s/in our solution we make use of a device on which the application is embedded/in our system we use embedded devices/ - [x] s/the spread of the virus/the spread/ ## Chap 3: - [x] s/had to be made/have to be made/ - [ ] s/application/system/ - [x] s/application's users/endusers/ - [x] s/In this section... be discussed/ In this section we will the discuss the decisions that we have taken along with some possible... present in our approach. ### Chap 3.1: - [x] s/The decisions that...questions/ In this section we will explain why we have made certain decisions in the form of 'FAQ' (Frequently Asked Questions)/ - [x] s/These will.../ These are possible questions about the basic design decisions users may have/ - [ ] encompass? what does it mean? - [x] ??? s/if an accident has happened/if it was intentional or accidental / - [x] s/the offender// (remove) - [ ] engraved? like engraved in stone? - [ ] extra FAQ: what if somebody switches it by accident (you take the tracker of your partner when departing from home)? - [x] s/Card Stop/'Card Stop'/ - [x] s/as discussed in the answer to question 1/ as discussed in question 1/ (you allways discuss in the answer, not in a question) - [x] link to question one (\ref in latex) - [x] ??? s/What would stop the government/What stops the government/ - [x] s/government can/government may/ - [x] s/Because of this/This is the reason why/ - [x] s/the data of its citizens/this kind of data of its citizens/ - [x] s/The data of a person/The contact-data/ - [x] s/he/someone/ (gender neutral and all that stuff) - [x] s/tested positive for the virus/tested positive/ (it doesn't have to be a virus, it can be a bacterium as well) - [x] s/Apart from that the.../ Apart from that, the/ (forgotten comma) - [x] s/This results in the.../ This limits the amount of data the government can access to a limited period./ - [x] s/could be taking/could be taken/ - [ ] ? rate limiting could be used as well (one govt. official can only do X querries each day) - [x] s/Using the devices will be made mandatory/We advice the usage would be made mandatory/ - [x] s/An ... will have to/... would have to/ - [x] s/What this .../The exact deetails of this should be decided by the government/ - [x] s/The encryption.../The encryption of the data will make it impossible to anyone but the government.../ - [x] s/The answer to question.../How to protect the people's privacy from potential abuse by the government is alread answered in question 5./ - [x] s/What stops... such that he/What stops ... such that they have to go in quarantine/ - [x] s/based on the device id/based on the *unique* device id/ - [x] s/the spread of the virus to others/a spread of the infection/ (it's not just a virus that's a possible hazard) - [x] s/via the/via a combination of/ - [x] s/RRSI/Bluetooth/g - [x] s/When there is enough distance between/When the distance is too great/ - [x] s/is not to determine with 100%/is not to perfectly determine/ - [x] s/goal is to lessen the spreading/goal is to have a better idea who is at higher risk of infection and should be tested and where potential 'hot' zones with a higher risk of infection might be/ - [x] s/Therefore loggin.../ Therefore the potential amount of 'false positive' contacts are not an issue, as these will be a small fraction of the actual data. - [x] s/And in addition to this.../Another benefit of using both GPS and bluetooth is that large differences between the two can be detected and serve to some extent to detect if someone tries to fake data, since faking both is that much harder./ - [x] s/In addition to that is the.../ In addition, the ... is only stored for a limited timeframe. Only.../ - [x] s/only when someone is infected/only if someone is infected/ ('when' indicates that it is sure to happen at some time, 'if' not) - [x] s/Using multi-key/Using a multi-key/ - [x] s/Because of this a lot more people will quarantine themselves then there are people who actually are infected/This means we will have people in quarantine that actually shouldn't, because they are not infected. - [x] s/But this is.../However, this is a lot better than the alternative where we have people not in quarantine when they should be. - [x] s/that the infected people/that those who are infected/ (repetitivity) - [ ] s/if an user/if a user/g - [ ] 13: GPS locations are stored, this can be used to create a heatmap - [x] s/someone who has the virus/someone who is infected/ - [ ] 15: perhaps move chap 4 since it's related to the POC ### Chap 3.2: - [ ] ? *Other* possible problems ? - [x] s/a lot of thing will have to be/a lot of things will have to be/ - [ ] s/application/system/