Tuesday, 20 October 2020

myGovID and Government's perception of privacy

Recently, the Australian Government has been pushing its myGovID as the way it would like us, Australians, to authenticate ourselves before the government. To use the government's own words, "myGovID is the Australian Government’s Digital Identity".

Our government's record in IT systems speaks for itself, from the good old CensusFail of 2016 through Robodebt and the more recent COVIDSafe app: general disrespect for public privacy, but worse - lack of understanding of basic security concepts that put the public safety at risk. If it's evidence that you seek to support this supposedly provocative statement of mine, just watch this video where an expert discusses how the COVIDSafe app relies on a Bluetooth vulnerability in order to function (if you can use that word, given the app's track record), thus putting Australians at risk. That's just that one example; I picked the most recent.

I was therefore rather intimidated upon discovering, the other day, that I am forced to use myGovID if I seek to potentially make a living out of my profession of choice.

The first thing I did was teach myself how myGovID is meant to work. The concept behind it is simple: one installs the myGovID app on one's smartphone. The first thing the app would ask you for is an email address and a password to associate with your account. Next thing it does is scan your identification documents (e.g., driver's licence) into the app in order for you to prove who you claim to be.

Once enough of these have been verified, you can start using myGovID for what it was meant to do: when visiting an online government service that uses myGovID for authentication (tax services, in my case), instead of the normal logging in using an email address and password that we're accustomed to, one simply provides the email address they supplied their myGovID app. A notification is immediately sent to the smartphone app, which - when called upon - provides the smartphone user with a 4 digit number. Type that number into the government website you are trying to access (on whatever device you happen to use), and you're logged in.

It's all nice on paper, but what actually happens when one installs the app on one's phone?

Well, the first thing to happen to me was a long wait. Eventually, after about 30 eternity like seconds or so of an unresponsive screen, I got the following:

I "killed" the app and went through the same motions again, only to get the exact same result. It was obvious the app was trying to do something that it was prevented from doing.

My first instinct turned out to be the correct one. My home wifi uses a Pi-hole, a little contraption whose purpose it is to block ads and trackers from ever getting through my network. Think about it as a the ad blocker you're running on the browser you're using to read this right now (and if you don't use an ad blocker, what are you waiting for?), only one that filters the entire network rather than merely a specific browser. According to my network's statistics, some 7% of traffic is thus blocked on my network, a pretty significant number given all my browsers utilise ad blockers of their own.

I checked to see what it is that the myGovID app was trying to do while the Pi-hole intervened, and found the following 2 internet connection targets:

Allow me to translate the above for you:

Basically, the first thing that the myGovID app tries to do is contact Google, and it tries to do so in a couple of ways. The app won't even start if it doesn't manage to establish such contact.

Specifically, myGovID tried to connect to Google's device provisioning, which is part of what most people know as Google Analytics. Google Analytics is probably Google's most prolific online tracking tool, used by 87% of the internet's top 100,000 websites: the website (or, in our case, app) gains all manner of analytics on how users are using the site, while - in parallel - the world's biggest advertising company, Google, gathers personal information on the people using the website (for example, the user's IP address, from which a location can be derived; and, more importantly, information that can be further tied what Google already knows about the device and/or its user). Google Analytics is, thus, a major player in Google's juggernaut operation of collecting as much data as it can about people for the purpose of targeting them with ads.

The other attempted connection made by the myGovID app was to Google's Firebase. Just like any other facility offered by Google, Firebase is a useful service, especially to app developers, who can use the platform for all manner of things ranging from user authentication to data storage. And just like any other facility offered by Google, Firebase does its thing while collecting end user information and tracking them and their devices (for the usual purpose, Google's bread and butter product of targeted ads).

Long story short, once I bypassed my own ad and tracking protector, the Pi-hole, the myGovID app started working and functioned as intended. The scanning of my ID documentation proved unreliable, and the handling of the resulting errors was less than elegant, but I got over that.

So, where am I heading with this long story?

My point is rather simple. If you were to read the myGovID privacy policy (let me help you, it's here), you will not find any mentioning of it sharing data with third parties (which is what Google is; the main two parties are you and the government). If anything, the privacy policy states that

We will not share your personal information with third parties including the document issuer, the identity exchange and the online services you attempt to access, without your consent.

Yet the myGovID app does share some data with a third party. And the app definitely does so without my consent, not even my forced consent, given data is shared with Google before anything else takes place within the app.

The point is, myGovID's violates its own privacy policy. And in doing so, our government is effectively saying that not only doesn't it care about our privacy, it doesn't even recognise Google for what it is: an advertising company that makes its fortune by, as is the case here, abusing the personal information of people who were coerced into using an online tool.

Australians should know where their government stands when it comes to their wellbeing. And as is the case here, Australians should be aware that their government does not care much for their privacy, to the point of not caring when it comes to violating its own policies.

One last thing: I'd like to finish things off with an anecdote.

You might remember that the Australian Government was criticised for using an American company (namely, Amazon AWS) for storing the contact data of COVIDSafe app users, thus potentially allowing foreign access to the detailed movements of Australian citizens. The government came back with several excuses to explain why it did what it did; you can read them for yourself (here) and decide whether it did the right thing.

I will simply point at the following:

  1. No such discourse ever took place with regards to myGovID. The public never got an opportunity to ask whether allowing Google into our digital identity (which is a big thing, actually) is the right thing to do.
  2. In my opinion, the arguments raised by the government to explain why AWS was a good fit for COVIDSafe do not apply to myGovID. There are plenty of good companies out there that offer similar facilities to Google's, for a start; and in the case of myGovID, the speed of deployment was not a factor.
All of which is pointing at our government being rather lazy when it comes to picking IT solutions. Australians will continue to pay the price for this mediocrity.

Sunday, 14 June 2020

BBC Crowd Science: Third Time Lucky

The BBC Crowd Science podcast featured me for the third time in an episode of theirs!
You can check the previous two episodes, which asked what household dust is made of, here. This time around, my question was how many of the atoms I am made of were once part of a fellow human's body. The answers the BBC came up with are interesting both scientifically as well as, how shall I put it, philosophically.
I would like to use this opportunity to thank the episode's producer, Caroline Steel, who laboured a lot to provide me with the answer. I would also like to thank presenter Marnie Chesterton, who is just as fun and smart to talk to as one can imagine after listening to her Crowd Science episodes.

Check the podcast episode on Apple Podcast here, or click here to go the episode's BBC page.

Friday, 24 April 2020

Ask Stacktrace

This week's episode of the Stacktrace podcast ("life and technology from two developers' perspective") had the cohosts, Gui Rambo and John Sundell, featured yours truly - to one extent or another.
As part of the regular Ask Stacktrace part of the podcast, they answered a question I sent them. The question was about converting to become a Swift developer given an old style development background in C and assembly.
The answer - which is excellent, in my opinion, and definitely reflects my own personal experience - can be heard at the last 5 minutes or so of the podcast. You can listen to the entire episode, the question, and the answer here.

Sunday, 12 April 2020

The Case Against the iPad Pro

This April celebrates 10 years to the release of the original iPad (it was announced in January, but made available to buy on April). Late 2015 saw what was probably the biggest step in the iPad’s evolution thus far: the release of the iPad Pro.

I love my iPad Pro. In the years I owned one it has served me loyally and well. In will therefore start this post, where I am about to point a finger at the biggest issues I have with the concept that is the iPad Pro, by pointing out its biggest advantages.

Why an iPad Pro?
  • 13” (almost) screen: That screen size is very useful, assuming you don’t mind the extra bulk. Some games are made extra amazing, but more importantly reading material that was originally produced for A4 paper (like most PDFs do, not to mention magazines) is a pleasure. It comes down to [occasionally] being able to do a lot of things on this single screen, apps and operating system permitting.
  • Mobility: With a cellular enabled iPad Pro, you have a very portable but also a very powerful computing unit on you.
  • Pro apps serving pro use cases: Numerous apps out there give the iPad Pro an extra edge when it comes to productivity. Take lectures (or meeting) notes as an example: tools such as Nebo let you take handwritten notes that later get converted into digital text you can utilise whichever way you see fit; Noted lets you record the lecture/meeting while keeping your text notes associated with specific points in time of said lecture/meeting; and OneNote or Notability let you take notes, drawings, hand written scribbles, and audio recordings and mix them together. I will put it this way: I expect my university experience would have been completely revolutionised had I had an iPad Pro at the time.

As nice and helpful as the iPad Pro is, it has its disadvantages. Two of them have been there right from the start, and despite the best of Apple’s attempts are still very much there:
  • It might be called “Pro”, but it’s not pro enough:
    An iPad Pro may serve certain use cases very well, but it fails in others. Sometimes utterly so.
    The most notable case is Xcode, Apple’s own development tool (you have to use it for iPad app development): that will only run on Macs, and that’s despite of the fact today's iPad Pro can run circles around certain Mac models, performance wise. Other examples abound, including Photoshop - a tool many rely on as their primary tool of trade: yes, you can now get it on the iPad, but no, it is nowhere near “real computer” equivalent.
    Perhaps the most crippling factor in the Pro department is the iPad’s web browser. Safari was greatly improved on iPadOS 13, allowing for activities such as running Netflix through the browser rather than using Netflix' own invasive app. However, especially if one likes to open numerous tabs at the same time, one will suffer.
    This list can continue on and on, by the way. On my part, I can name the lack of a desktop grade TOR browser, the absence of firewall facilities, or various issues (and bugs) with the handling of VPNs as examples for issues on the networking side of things. Common to all these particular issues is the fact they directly stem from the way iPadOS works.
  • Multifocal activities:
    Any activity on the iPad that requires its user to perform actions outside the one main app will take longer, usually much longer, than the same activity would take on a “real computer”. Yes, these days you can take a file from one app and give it to another, but it’s so cumbersome and inefficient that - at least for me - the option of postponing the task till I can get it done on a “real computer” in 2 seconds is the preferred course of action.

There is, however, a third disadvantage hampering the iPad Pro. What’s interesting about this problem is that, rather than improving over time, it is getting worse and worse. And that problem is: subscriptions. Specifically, infrequently used apps which rely on the subscription business model.
Over the last couple of years, more or less, we have seen the bulk of the pro apps for the iPad move from a premium model (pay once to unlock the app) to a subscription model (pay on a regular basis, as long as you want to continue using the app). Apple has been a great pusher of this policy, for the obvious reason that it has been generating Apple a lot of money.
I will therefore state I do not object to the subscription model, at least not on principle. I subscribe to numerous apps that I use regularly, even to the point of dependency (e.g., my password manager of choice, 1Password). I realise app developers need regular income to sustain themselves and continue development on their apps; I also realise that many apps have running costs (e.g., weather apps need to pay for the raw weather data, podcast apps need to pay for servers, etc).
However, by now a lot of apps - too many apps - that I use regularly yet quite infrequently are asking me for a subscription fee. Does it make sense for me to pay an annual fee for an app I only use perhaps 5 times a year? Should I be paying the monthly subscription rate for such an app, effectively making the monthly fee a single use’s admission price? As nice as these apps are, and as useful as they are for that particular niche of functionality they serve, I am not that rich to be able to afford such a luxury.
As a result of this transition to the subscription model, I find more and more functionality that I used to be able to perform on my iPad Pro when needed - functionality that I almost always paid for to begin with - now gets taken away from me. For example, drawing something easily and quickly on Linea Sketch, or coming up with a simple (yet cool) design using Assembly, or taking hand written notes using the aforementioned Nebo, all now come with what is - for me, at least - a pay per use fee. The result is simple: I don’t use them anymore.
I find my usage regressing more and more towards that primitive way of doing things we were all used to before the emergence of the iPad and the App Store: “find a way to do it on Word, Excel or on a browser.” The problem is, of course, that this way is always more awkward, far less innovative, and way less productive than using the pro apps.

That is to say, what may have once been Pro is no longer the case. And, at least for now, these old style ways of getting things done are achieved way better on a “real computer”.

All of which leave the Pro out of the iPad equation, and leave the iPad Pro as - yet again - a great tool in crying need of useful use cases it could support. Till then, it's not much more than a fancy yet ordinary iPad: a cool, incredibly effective, consumption device. And not much more.

iPad Pro image by Apple, used under the assumption of fair use