Show eRouškas around you

[petrkr]

In new version we can not see who we met (even on TUID). This update makes app much more "black box" and not trusted, we do not know what data are trasmited or received. Please give back those data. Now we can not see if anyone in tram has that app. Before we could see like only 1% of people used that (like 200ppl in tram, but only 2 tuids in range)...

Also there is missing BT discovery in code sources, that means you start do some binary blackbox in closed-source somewhere outside of github. Please make it more transparent as before.

[vanous]

@petrkr you can use the UUID 0xFD6F Scanner to see people around: https://f-droid.org/en/packages/com.emacberry.uuid0xfd6fscan/ . Does not have cumulative counter.

[vanous]

Also, you can see the Exposure Notification dialog with Exposure Checks if you disable Location (GPS).

[petrkr]

I see 'we do not track position' but if you disable position it complaints

[vanous]

@petrkr this is normal and you can read about it elsewhere online or in Android documentation - Bluetooth scanning is bundled into Location permission group on Android. Same happenes with the microG implementation of Play Services (they also have an F-Droid repo). Anyways, fine location (GPS) is not being used for Exposure Notification apps.

[davidvavra]

EN API doesn't give us information about met people. Sadly it's not possible to be transparent in this way. EN API lives in closed source Google Play services. The only data accessible is about periodic download of infected keys. You can see when the download happen and how many keys there was. You can see this information when you go to Google settings -> COVID-19 -> Exposure checks

[petrkr]

@davidvavra is it already fixed? Since you closed this issue? Old version had those data, also you on FAQ mention you those data sending when click ok "send data" so you have those data. Please close issue when it's FIXed and no "We do not want do that"

[davidvavra]

I closed the issue because it's not technically possible. See my answer for details.

[petrkr]

When it's not technically possible, why other application can do that ? And also why older application can do that? It is technically possible, you just do not want impement that by your own.

[davidvavra]

Show us an example of an app which is using Exposure Notifications API, which can do that. Older version could do that, because it wasn't using the Exposure Notifications API.

[petrkr]

You can reimplement those API by yourself to make it more transparent. On android it's better to be more open. Apple users are used to be closed, but we choose android to be more transparent and talking about tracing application it's key to be open as much possible.

Also here you have example python code, which show BLE advertisment packets:

erouska2_service_uuid16 = b'\x6f\xfd'
    # Handle erouska2 UUID
    if len(data[4]) == 28 and data[4][6:8] == erouska2_service_uuid16:
      handle_eRouska_TUID(data[1], data[3], data[4][8:])

    print("Found new eRouska {} with RSSI {}, TUID: {}".format(macToHumanHex(mac), rssi, convertToHex(tuid)))

====== RECV: AddrType: 1 MAC: 46:a0:e1:be:09:3a Type: 2 RSSI: -75 RAW Data: 03036ffd17166ffdf8e3a408fd1f8ff08af69c45190b1d6bdcfaaf1e
Found new eRouska 56:a0:e1:be:09:3f with RSSI -75, TUID: f8e3a408fd1f8ff08af69c45190b1d6bdcfaaf1e
================================================================================

[davidvavra]

You are right that there can be a feature "show eRouškas around you" which will scan Bluetooth with EN API service UUID.

It doesn't make sense to keep scanning on the background and keep history of this, this would drain battery too much. We can't access this data directly from EN API.

But I'm reopening and we will accept a PR for a feature "Show eRouškas around you".

[vanous]

Inspiration for the PR could be taken from this repo: https://github.com/marq24/UUID0xFD6FTracer/
Currently, i run eRouska and UUID 0xFD6F Scanner. Battery drain has been OK.

[vandac]

Take into account people may complain about the battery drainage and also about losing privacy because the app would scan their surroundings and would collect data, which people are afraid of.