[HN Gopher] How I helped fix Canada's Covid Alert app ___________________________________________________________________ How I helped fix Canada's Covid Alert app Author : todsacerdoti Score : 136 points Date : 2020-08-24 16:29 UTC (6 hours ago) (HTM) web link (seancoates.com) (TXT) w3m dump (seancoates.com) | thefounder wrote: | Nice to see it uses Go on the back-end | burke wrote: | > I'll be honest: I barely knew anything about the CDS and I | expected some runaround from a government agency like this, and I | was pleasantly surprised | | I'm one of the team that did the initial implementation of the | server and iOS app before handing it off to the CDS for the | latter part of implementation, and I've been really, really | impressed with the CDS. They're a great model for what tech in | government should look like. | lwansbrough wrote: | Actually the CDS was based on the Obama era model created in | the US Digital Service. It's a great idea and I was pleasantly | surprised to learn that the Canada COVID app (which is very | well designed!) was created by them (well, and Shopify :) ) | ghostpepper wrote: | I had no idea there was a Canadian Digital Service - I'm glad | to hear that it not only exists but that it's a relatively | efficient government organization. | | On a somewhat-related note: you wouldn't happen to be / know | who is responsible for the BC CDC Covid results service, would | you? | | I was disappointed to see this page, which asks for personal | information including your PHN, served over HTTP. | | Not only that but there is actually a disclaimer saying it's | fine to ignore the big red padlock because the iframe uses | HTTPS (which is also technically not true as far as I can tell | - the iframe _redirects_ to HTTPS though). | tempestn wrote: | I also noticed the BC CDC use of http and reported that to | them a couple months ago. Nice to see I'm not the only one. | burke wrote: | Nope, sorry, no insight or connections there. | danudey wrote: | > I had no idea there was a Canadian Digital Service - I'm | glad to hear that it not only exists but that it's a | relatively efficient government organization. | | Canada is kind of... weird, in this regard. I knew about the | CDS, and was on their mailing list (they talk about pretty | neat stuff and it sounds like a neat place to work), so this | didn't surprise me, but... | | So a while ago, we (the company I worked for at the time) had | some servers hosted at a hosting company based here in | Vancouver, though the servers were in Seattle. | | Well, we got an e-mail from our host, forwarding some | automated e-mails that _they_ had received from the Canadian | government (possibly the CDS, but I don 't think so) | notifying us that we had open memcached ports (11211) on some | of our servers. | | I went and checked the configuration, and sure enough we'd | had a configuration error, where memcached would only accept | one IP address to bind to, but our script had provided two | (because the servers had an internal and external), creating | an invalid config which was never deployed, so memcached was | just listening on [::]:11211, and since it wasn't supposed to | be open we didn't have any ACLs on the access routers. We | fixed the configuration issue and switched to a default-deny | policy and all was fixed, but it was surreal that an e-mail | from the government was what tipped us off. | bonestamp2 wrote: | That's funny, and it reminds me of something we discovered | too. | | We use bugsnag on many of our client web apps to catch | javascript runtime errors and with one of our apps we | frequently come across problems that reference javascript | functions and variables that aren't ours. | | Sometimes it turns out to be a benign plugin, but in many | of these cases it is a known virus or dangerous browser | plugin that is trying to log keystrokes, mine crypto, | extract banking info, etc. | | We have gotten to the point where we can often tell them | which virus they have, how we know, and include removal | instructions. Our app is very expensive so most customers | are people who need our tools and use the app everyday, | which means we can often tell them when they got the virus | too. It's way out of scope for our role in their life, so | it's a little bizarre for everyone involved, but the | customers seem to appreciate it at least. | Kluny wrote: | I don't know a ton about the CDS, but at least one of their | employees is a former coworker of mine from the VIP team at | Automattic. He was team leader for a group that had EXTREMELY | high customer satisfaction goals as its mandate. I see his | influence here - or maybe they just hire people like him. | scoates wrote: | Yeah, my interactions with them were all great. Really | refreshing. | OJFord wrote: | I haven't worked with either of them, but I'm British and | similarly impressed with our GDS (G for Gov.) - this is | interesting: https://www.publicsectorblogs.org.uk/2018/07/gds- | across-the-... | shaggyfrog wrote: | I'm glad that the Canada COVID-19 contact tracing app is open | source and available on GitHub, and I'm glad people can push | fixes to it, but this kind of bug exists because it's using React | Native unnecessarily, and dragging in a zillion dependencies. | | I don't see why both the iOS and the Android versions can't be | fully native, besides a desire to have a single codebase. The | apps aren't doing anything fancy, UI-wise. They are basically | just integrating with the native contract tracing system | framework on each platform. | | Dragging in React Native and its giant web of dependencies makes | the codebase harder to audit and manage from a security | perspective. It's also a product of Facebook, which is greatly | concerning from a privacy point of view. | | I still have this app installed on my iPhone and I keep it up to | date, but I really wish it was built differently. | radicalbyte wrote: | This is exactly what we're doing with the Dutch Contact Tracing | app. Native apps. | | The workflow in our UI is larger than most and we support more | languages (including right-to-left language). It's just not | complex so - IMHO - it's a no-brainer to build the two out in | parallel. | | We're also building it in the open and in English - come take a | look here: https://github.com/minvws | | Disclaimer: I'm working on the server. | jeromegv wrote: | It was initially built by Shopify engineers and it's their go- | to technology so I guess that's how it came about. | mikewhy wrote: | > but this kind of bug exists because it's using React Native | | Considering how this issue was from a package that isn't | included with React Native, this seems like a bit of a stretch. | kennywinker wrote: | the native way of doing this on iOS would be | `SCNetworkReachability` which is part of the built-in | SystemConfiguration framework. That call requires the | endpoint to check as an input - thus prompting the developer | to think about if they are contacting an unnecessary third | party. | | So while this isn't really the specific fault of react | native, it does seem to me to be the fault of a non-native | framework that encourages developers to use higher level | abstractions rather than system frameworks. | mikewhy wrote: | The library in question did use that function, but without | something set up at the endpoint, it's not very useful: | | > A remote host is considered reachable when a data packet, | sent by an application into the network stack, can leave | the local device. Reachability does not guarantee that the | data packet will actually be received by the host. | | https://developer.apple.com/documentation/systemconfigurati | o... | | More details in this issue: https://github.com/react- | native-community/react-native-netin... | advisedwang wrote: | The desire to have a single codebase seems pretty reasonable: | | * Reduces development cost | | * Provides more consistency for users (simpler to document and | explain) | yoru-sulfur wrote: | I used to work at CDS a couple year back, worked with both Tim | and John (The people who responded to the GitHub issue). | | I'm glad to hear that his interactions with them were relatively | without friction. A big part of what they're trying to do is lead | by example for how modern software development can take place | somewhere like the government (Taking a lot of cues from GDS and | 18F). | sgarrity wrote: | Nice fix and nice write-up of the fix. A Canadian herough. | canada_dry wrote: | +1 @scoates. | | Next up, can you please help fix the broken "Alert Ready" | Emergency Alert System!! | rubatuga wrote: | As a Canadian, many thanks to OP for removing unnecessary | requests to Google! | jszymborski wrote: | Came here to similarly give thanks to this outstanding Canadian | citizen. | scoates wrote: | simlevesque wrote: | hey because of your post on r/biereqc I got great beers | from Mondial de la biere thanks for that | | it's funny how small the world is | kozmonaut wrote: | OP is a fine man, thanks for doing your duty to Canada! | ramshorns wrote: | It'd be nice to see COVID Alert in F-Droid, or somewhere else | that doesn't require nonfree dependencies. | kozmonaut wrote: | OP is a fine man, thanks for your duty to making this app better ___________________________________________________________________ (page generated 2020-08-24 23:01 UTC)