Using COVIDSafe Safely

We’re still being urged to use the government virus contact tracing app, despite its numerous problems, and questions about its security. The government promised to release the source code, but that’s still not the end of the story, as IT security expert James Newburrie explains.

The federal government today promised us the CovidSafe source code And they’ve released the client side – but no server side code. I can’t tell you what it links to or how your data is protected.

There many better programmers than me – and every single one of them knows that if you download code from a server without validating that server, a hacker can get nasty stuff onto a phone using your app. The CovidSafe app is exploitable via a function called “foundation”… I do not trust it.

How To Use covidSAFE Safely

If you insist on using Covid Safe – this is how you do it safely…

Go into your desk drawer and get that old smart phone out. Factory reset it so there is no data on it. Go to the supermarket and buy a $2 prepaid sim – use the prepaid sim to setup your old phone.

(Alternatively you could buy a cheap Android phone for this, and no other purpose.)

Setup a new gmail address and log into the AppStore and setup the phone using the new gmail address and put absolutely nothing on the Covid phone. Do not connect the phone to wifi.

Keep your primary phone clear of Covid safe. 

And the rest of the issues

About the author

Veteran gay writer and speaker, Doug was one of the founders of the UKs pioneering GLBTI newspaper Gay News (1972) , and of the second, Gay Week, and is a former Features Editor of Him International. He presented news and current affairs on JOY 94.9 FM Melbourne for more than ten years. "Doug is revered, feared and reviled in equal quantities, at times dividing people with his journalistic wrath. Yet there is no doubt this grandpa-esque bear keeps everyone abreast of anything and everything LGBT across the globe." (Daniel Witthaus, "Beyond Priscilla", Clouds of Magellan, Melbourne, 2014)