Oral  Brekke

Oral Brekke

1618929360

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

Bug hunters at GitHub Security Lab help shore up German contact tracing app security, crediting open-source collaboration.

A  security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App (CWA), would have allowed pre-authenticated remote code execution (RCE).

Researcher Alvaro  Muñoz wrote in a report this week that he and his team at GitHub Security Lab was chasing down  RCE vulnerabilities on the platform and found one in the infrastructure supporting CWA for Android and OS. The team said it worked with SAP to mitigate the issue, adding as a server-side issue, the mobile apps themselves were not impacted, and that no data was collected beyond a device’s IP address.

“There appeared to be a pre-authentication RCE vulnerability in Corona-Warn-App Server, which drives Germany’s COVID-19 contact-tracing application infrastructure,” according to Muñoz. “This vulnerability had the potential to affect the integrity of Germany’s COVID-19 response and as such warranted an immediate response from our team.”

#vulnerabilities #covid-19 #github

What is GEEK

Buddha Community

German COVID-19 Contact-Tracing Vulnerability Allowed RCE
Carmen  Grimes

Carmen Grimes

1595498460

Contact Tracing App: The Technology, Approach to fight COVID-19/Corona

As COVID-19 staggeringly lands blows to nations across the world, governments are considering ways to see their citizens through this pandemic. At the moment, a WHO situation report clocks the number of confirmed cases above two million along with more than one hundred thousand deaths. With vaccines dubbed as the best possible chance to tackle COVID-19 having no precise time frame of being ready, the talk is quickly shifting away to Contact Tracing Applications.

Contact tracing apps are digital solutions that use mobile technology to power the process of manual contact tracing. The apps follow a user’s movement, either by the use of Bluetooth technology, QR codes, or geo-location data while also tracking and keeping data from other user phones nearby. If one user gets diagnosed, the apps alert other users that they may have been exposed to the virus. As such, Contact Tracing Applications are being welcomed and perceived as an important approach to stem the spread of COVID-19 by providing a more accurate platform with data and information about affected individuals.

How Contact Tracing App Works

contact-tracing-app-devathon-

As mentioned above, contact tracing apps leverage mobile technology to trace cases of possible infection more accurately. But how exactly? Once installed and operative, the phone runs the app simultaneously with Bluetooth or location data to transmit signals with unique keys or IDs to phones in the designated range of connection. Similarly, the other phones with the app installed to detect and send back the signals.

For instance, if ‘Individual A’ has the app installed and goes outdoors to run some errands, they will interact with other individuals. In such a case, supposing all the other individuals had functional Contact Tracing Apps, each phone would exchange and store the contact data anonymously. It is important to note that the data collected only covers the app range distance to disregard irrelevant contacts and that their keys repeatedly change as individuals move. In any event that ‘Individual A’ tests positive for COVID-19 through confirmed tests, users who were previously within the proximity of ‘Individual A’ are alerted. Consequently, they are notified to check for symptoms, self-isolate, or get tested. Each time a person tests positive, the app notifies and advises the affected individuals.

In a nutshell, Contact Tracing Apps automate and supplement the traditional concept of tracing contacts to achieve extensive and realistic results in the least time possible.

What are the Benefits of Contact Tracing Apps?

Contract Tracing Apps are assets that offer indispensable solutions to health institutions and the public against COVID-19. There are several reasons why many governments are urging their citizens to use digital contact tracing apps to combat the spread of COVID-19. They include:

  1. The apps are more effective than manual tracing. While not perfect, their predictive algorithms frequently observe individuals detect new cases and analyze the probability one was infected. If one has contact with an asymptomatic individual, they are immediately notified and advised accordingly. Therefore, this saves time, energy, and resources that would have otherwise been overused.
  2. Contact tracing apps facilitate the relaxation of imposed restrictions or lockdowns. With a large number of infected people identified by the apps and put under surveillance, healthy citizens can be allowed to go about their duties. This may be a significant turning point to try and revive economies.
  3. Users’ private data is encrypted and secured. Even if you test positive, other users will only get notifications of possible infections. Your information is protected from both other users and developers of the app.
  4. They will increase the capacity to test and detect COVID-19 cases. With infected users alert, users who come in contact with affected persons come forward to be tested and treated with a higher recovery chance.

Future of Contact Tracing Apps?

Currently, the role of contact tracing apps is limited to accurately identifying infected individuals and their contacts as well as facilitating a quicker response to the Covid-19 threat.

Beyond that, the use of contact tracing apps is projected to take a different turn. One key area bound to change is how people’s privacy is handled. Tech institutions are under growing pressure to devise ways to develop privacy-preserving Contact Tracing Apps.

This will earn the users-trust, which is a pillar for these apps to help contain the disease. Technically, the technology will also have to improve drastically. The apps will have to seamlessly integrate with the user’s phone lifestyle causing minimal or no interference. With most applications having an open-source code, Artificial Intelligence, Beacon Technology, and Big Data solutions will be increasingly harnessed to power and improve them. The apps may also cut across various types of industries apart from health institutions.

How Can It Help to Trace COVID-19 and Reduce the Spread of the Virus?

contact-tracing-app-devathon-3

Contact Tracing Apps will effectively help stem lowering the cases of COVID-19. By using the apps, officials are able to monitor high-risk individuals easily. Also, should any new case arise, both users and health officials get notified they will swiftly act to trace, test, or isolate infected individuals.

Unlike traditional contact tracing, which may not get all contacts, these apps ensure that once Covid-19 cases are detected, they are all treated early, and those other individuals are not exposed to the infection. They also ward off users from high-risk areas. In the long run, they help break the COVID-19 chain by preventing further spread. Illustratively, an online publication by  CNBC states that more than 500,000 using a Singapore-registered mobile number downloaded the TraceTogether app within the first 24 hours of its launch. Subsequently, together with other government efforts, Singapore has since lowered the infection rate and eased restrictions.

If Contact Tracing Apps are implemented and used alongside other policies, we may as well be a few steps way to curbing this virus.

#android app #ios app #mobile app development #news #technology #contact tracing #contact tracing app #contact tracing app approach #contact tracing app technology #contact tracing coronavirus #contact tracing process #corona virus detecting app #corona virus tracing app #corona virus tracker #corona virus tracker live

Data Scientist Creates Python Script To Track Available Slots For Covid Vaccinations

Bhavesh Bhatt, Data Scientist from Fractal Analytics posted that he has created a Python script that checks the available slots for Covid-19 vaccination centres from CoWIN API in India. He has also shared the GitHub link to the script.

The YouTube content creator posted, “Tracking available slots for Covid-19 Vaccination Centers in India on the CoWIN website can be a bit strenuous.” “I have created a Python script which checks the available slots for Covid-19 vaccination centres from CoWIN API in India. I also plan to add features in this script of booking a slot using the API directly,” he added.

We asked Bhatt how did the idea come to fruition, he said, “Registration for Covid vaccines for those above 18 started on 28th of April. When I was going through the CoWIN website – https://www.cowin.gov.in/home, I found it hard to navigate and find empty slots across different pin codes near my residence. On the site itself, I discovered public APIs shared by the government [https://apisetu.gov.in/public/marketplace/api/cowin] so I decided to play around with it and that’s how I came up with the script.”

Talking about the Python script, Bhatt mentioned that he used just 2 simple python libraries to create the Python script, which is datetime and requests. The first part of the code helps the end-user to discover a unique district_id. “Once he has the district_id, he has to input the data range for which he wants to check availability which is where the 2nd part of the script comes in handy,” Bhatt added.

#news #covid centre #covid news #covid news india #covid python #covid tracing #covid tracker #covid vaccine #covid-19 news #data scientist #python #python script

Oral  Brekke

Oral Brekke

1618929360

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

Bug hunters at GitHub Security Lab help shore up German contact tracing app security, crediting open-source collaboration.

A  security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App (CWA), would have allowed pre-authenticated remote code execution (RCE).

Researcher Alvaro  Muñoz wrote in a report this week that he and his team at GitHub Security Lab was chasing down  RCE vulnerabilities on the platform and found one in the infrastructure supporting CWA for Android and OS. The team said it worked with SAP to mitigate the issue, adding as a server-side issue, the mobile apps themselves were not impacted, and that no data was collected beyond a device’s IP address.

“There appeared to be a pre-authentication RCE vulnerability in Corona-Warn-App Server, which drives Germany’s COVID-19 contact-tracing application infrastructure,” according to Muñoz. “This vulnerability had the potential to affect the integrity of Germany’s COVID-19 response and as such warranted an immediate response from our team.”

#vulnerabilities #covid-19 #github

Aketch  Rachel

Aketch Rachel

1618099140

How Is TCS Helping With COVID-19 Testing In India

COVID-19 cases have only been on the rise. With the non-availability of effective drugs and vaccines, one of the effective ways to control it is to detect it early in patients. However, the task is easier said than done. While a large number of test kits are being produced, they are not enough to conduct testing in large numbers.

Government-run body, C-CAMP or Centre for Cellular and Molecular Platform, has been a key enabler in driving COVID-19 testing as it has been aggressively building, managing and scaling the ecosystem of MSMEs to produce test kits indigenously. However, they might not be enough.

#opinions #c-camp #c-camp tcs #covid-19 #covid-19 testing #tcs #tcs covid-19

Abigail  Cassin

Abigail Cassin

1596574500

How The New AI Model For Rapid COVID-19 Screening Works?

With the current pandemic spreading like wildfire, the requirement for a faster diagnosis can not be more critical than now. As a matter of fact, the traditional real-time polymerase chain reaction testing (RT-PCR) using the nose and throat swab has not only been termed to have limited sensitivity but also time-consuming for operational reasons. Thus, to expedite the process of COVID-19 diagnosis, researchers from the University of Oxford developed two early-detection AI models leveraging the routine data collected from clinical reports.

In a recent paper, the Oxford researchers revealed the two AI models and highlighted its effectiveness in screening the virus in patients coming for checkups to the hospital — for an emergency checkup or for admitting in the hospital. To validate these real-time prediction models, researchers used primary clinical data, including lab tests of the patients, their vital signs and their blood reports.

Led by a team of doctors — including Dr Andrew Soltan, an NIHR Academic Clinical Fellow at the John Radcliffe Hospital, Professor David Clifton from Oxford’s Institute of Biomedical Engineering, and Professor David Eyre from the Oxford Big Data Institute — the research initiated with developing ML algorithms trained on COVID-19 data and pre-COVID-19 controls to identify the differences. The study has been aimed to determine the level of risk a patient can have to have COVID-19.

#opinions #covid screening #covid-19 news #covid-19 screening test #detecting covid