Government Contact Tracing Apps

Government Mobile Apps

Continuous outbreaks worldwide have demonstrated that government Bluetooth and QR Code based contact tracing solutions, just do NOT bring enough real-world fire power to the fight with COVID-19.

Besides hunting down and cutting the legs off COVID-19 better than another other platforms, Virtual Vaccine brings a side benefit that no other platform can provide:
Growing the country's economy substantially by massive deployment of computing power into people's hands - transferring innovation and profits from the overseas few to the local masses.

Bluetooth Problems

Bluetooth dominates the contact tracing mobile apps deployed by most governments:

Unfortunately bluetooth is turning out to be an increasingly poor choice.


Bluetooth solutions are not contact tracing solution, they are notification solution.
There is no tracking, it does not go further than the direct contact, it stops just when the real tracing work starts!

No Location Data

A fundemantal problem with bluetooth based plaform is that it is NOT location aware.

Using a tracing solution without location information is like fighing fire with a spoon when a fire host is needed. The danger now is the tendency to exclude other solutions (like the use of a fire host) since you already have a spoon in your hand.

Bluetooth promises contact tracing while preserving privacy, but without location information, it becomes a distraction to front-line contact tracers.

The limited information provided by bluetooth contact tracing platforms is just NOT good enough in handling a virus as stealthy as COVID-19 virus.

No Aerosol and Surface Tracing

Bluetooth CANNOT trace surface transmission NOR airborne transmission.

Different studies have now shown that COVID-19 virus can be airborne for hours e.g.

Bluetooth contact tracing is only a few months old, but it is no longer in line with new findings. addresses surface transmission e.g. seats on a bus and confined space transmission e.g. lifts.

No Data Editing

The most popular Bluetooth implementation Google Apple Exposure Notification (GAEN) which Australia's new COVIDTrace app is based on, exposes the WHOLE time period of the people diagnosed with COVID-19.

This can be significant barrier to adoption since most people might want the ability to remove some parts of the day from upload - even though they will NEVER do so.

Actually, another Bluetooth protocol DP-3T (which GAEN is somewhat based on) does offers ability for people to remove certain time periods BEFORE uploading to the government, but seriously, who is going to know what to remove if they cannot remember what they were doing or where they were WITHOUT prompting wih location information ?

Anyway editing is an important feature that GAEN has left out. ALLOWS user editing of data, releasing only the time and location they want.

Fundemental Problems

Ironically one of the best place see how many different attack vectors there are in the bluetooth proximity tracing is in a white paper on DP3T (which GAEN is roughly based on):

The massive effort in trying to secure something that keeps broadcasting its unique keys to the world all the time and then have the infected person's unique keys download by millions of others does not seemed worthwhile given the poor quality of the information we are getting out of it:

Is Google Serious ?

The whole point of using Bluetooth is to remove the need of location tracking, Google Apple made big annoucement on GAEN about just that point and then it turned out that Google needs Location tracking to be turned on before Bluetooth will work.

When Location data is constantly being leaked, what is the purpose of using Bluetooth instead of Location feature on the phone then ?

Since Google and Apple controls the operation of their phones, they can track everyone in the world using their phones down to a few meters - even without their consent right now. can used use WITHOUT GPS nor Bluetooth turned on, although it can alsouse GPS for those user who like constant tracking of their location -

Dodgy Intentions


Maps app is sending so much stuff their

iOS and Android Hacked

Your daily movement is one of your most private information, storing long term data on your phone which you use daily for interaction does not make sense.

Being a portable device, the phone has been taken "home" and taken apart by hackers in details that no other computer server has been exposed to. Unlike web servers inside the data centres, hackers can bring a mobile phone home and hack it 24 hours a day.

It is a fundamenally more exposed platform not just because hackers have total access to complete hardware but also because of exposure in software distribution, as the mobile app software has to travel to outside parties like Apple App Store or Google Play before being distributed to end users. There are just too many attack vectors compared to software running on a locked up computer system. As the primary device you used for interaction with the world there are just too many changing attack vectors everyday to make it secure. You visit some many different web sites each day and there are some many apps on your phone that keep geting updating themselves all the time, every single one of those actions adds to the risk of exposing your data.

Mobile phone insecurities has been confirmed with Vault 7 leaks by Joshua Schulte:

As can be seen in the leaks, once iOS and Android has been broken into, no app running on phone is safe (even so called encryption apps like Whatsapp, Signal, Facebook etc. are all in trouble) since they rely on the operating system to pass unencrypted text to them.

No Statistics

Bluetooth requires many device and environmental parameters between 2 phones to be compatiable in order to be effective.

Device wise things like hardware, operating system, bluetooth stack, power saving modes, software app versions etc. ALL have to be compatible.

Environment wise things like distance, duration, blockage, interference etc. ALL have to be compatible.

The problem is with the decentralised nature of GAEN, it impossible to measure how effective it is. has 5 different location collection interface from QR code to GPS to voice allow people of any age and phones of any type to participate.

Doubtful Security

Apple Google

Kneejerk Reaction

GAEN came about because bluetooth contact tracing apps do not run well on iOS and Android.

Not because

The whole using bluetooth idea

Zero Research

Commerical Interest

Deploying a government funded program for the public good on a commercial platform full of domineering self-interest is a bit of a mismatch.

If you don't want to dig through their treatment of app developers in the past, just look at the Fortnite case that is happening right now.

Slow Innovation

We are learning new things about COVID-19 everyday, we need to adjust our stratreact fast, governments have to react fast.

Crazy Approval Process

Dodgy Intentions

tracks everyone

QR Code Problems

Competitive Advantages

Forty-Six major advantages over ALL other contact tracing platforms worldwide:

Higher Participation

  1. Customisable privacy allows even the MOST private person to participate
  2. Multiple inputs enables phones WITHOUT bluetooth nor camera to participate
  3. NO need to install any mobile apps
  4. MULTIPLE Languages (initially English, Chinese, Arabic)
  5. VOICE interface for people who cannot see or operate the small phone screens

More Accurate

  1. Trace down to a SINGLE seat - bus, train, stadium, cinema
  2. Timing resolution down to the MINUTE
  3. GPS Signal and QR Code cross checking

Faster Notification

  1. NO waiting for polling cycle - instant notifications via sms and voice
  2. NO blind downloading by millions of phones - data traffic to affected users only
  3. AUTOMATIC phone and email notification of close contacts within minutes
  4. Early warning of close contact BEFORE covid-19 test result is out - tunable for users (e.g. those in health and age care) who do not mind some false positives

Deeper Insight

  1. Physical structure AWARE - air conditioning returns, lifts, rooms
  2. Users can contribute detailed data point that are MONTHS old
  3. Log METADATA like mask wearing, room crowding with each data point

More Economical

  1. Citizens gain ability to SELL their data to commercial enterprises
  2. Government REDUCES tracing and notification resources substantially
  3. Distributed design enable low cost SCALING up gradually as user increase
  4. Crowd-owned server architecture mean citizens take the storage and processing costs OFF the government
  5. Same contact tracing APPLICATION can be used for general tracking kids, seniors, staff without modifications
  6. Same distributed INFRASTRUCTURE can be used for other citizen applications (where citizens have private data store at home but government still have access to big data analytics on parts of those data) e.g. health

Faster Improvements

  1. NO need for Apple or Google approvals to deploy new features
  2. NO need for million of users to update their mobile apps to fix bugs
  3. State based deployment allows easy integration with State laws e.g. ALREADY implemented mandatory visitor registrations in some NSW venues
  4. INTERGRATION with centralised bluetooth systems possible (e.g. COVIDSafe), no time to investigate distributed bluetooth system (e.g. COVIDTrace)

Extra Mapping Interface

  1. Violations WARNINGS - less than 2 metres distancing, less than 1 per 4 square metres , no masks, quarantine escapes
  2. Long QUEUES indicators - virus testing, emergency departments, restaurants
  3. RECENT transmission events - 24 hours, 48 hours, 7 days

Better Security

  1. Built-in web scanner renders malicious QR codes USELESS
  2. Innovative progressive login technology allows secure and rapid ONE click password-less access
  3. Separation of system into MUTUALLY checking non-trusting processing units - servers run by different entities with built in monitoring of each other.
  4. Each transaction cut up and spread across as DIFFERENT processing units
  5. Processing units are prevented from processing data of the same user continuously or too often
  6. Separation of identity and location - no processing unit gets both
  7. Separation of keys and data - key holders have no data, they only release keys to relevant parts of data
  8. Separation of computing and network - computer always hosted on someone else's site
  9. Separation of processing and storage - processors only have access to data for a limited time, long term storage always with owner of data
  10. Data storage monitored independently to ensure processing units delete the data after processing
  11. Network traffic monitored independently to ensure no leaking
  12. Blockchain based global database prevent some processing units from cheating

More Privacy

  1. User control WHAT data gets LOGGED - not near house, not after 6pm
  2. User control WHICH part of the data is shared - remove certain time and place details before submitting
  3. User control WHO the data is shared with - exact location with researchers and rough location with fellow citizens (just warn them roughly within 100m)
  4. User control WHERE data is processed - researchers only have your location, notifiers only have your identity, no one has both
  5. User control HOW they are notified -
  6. User CAN store data at home - around a hundred dollars you can view years tracks for you and your family
  7. User CAN store data in their favourite email address - encrypted - so gmail can scan these ones to target you with ads
  8. User is the ONLY one to see the full data record
  9. User is the ONLY one to store the full data

More Adaptable

  1. Hunter and Farmer Mode