Comments (6)
@anivar here is list of thousands of known cves in android as platform.
Should we list one by one on start screen to every ordinary user, and ask confirmation too?
foss activism doen't mean jingoism, and hysteria. It should consider practicality, value developers, should not encumber ordinary people.
from aarogyasetu_android.
This will lead to unnecessary hysteria, and hence interfere with the core functionality of the app IMO.
from aarogyasetu_android.
This is a not needed. There can be many such vulnerability in OS. It is doesn't make sense to notify everything to the user. Also it is would be very difficult to explain these terminology to a layman
from aarogyasetu_android.
@anivar Agreed, given how the app expects a user to have Bluetooth turned on all day long, a user should definitely be informed about the security risks of doing so on a vulnerable device.
from aarogyasetu_android.
Should we list one by one on start screen to every ordinary user, and ask confirmation too?
The issue is specific to CVE-2020-0022 , which have very high rationale in this context, considering current market and device penetration combining with absence of updates. And the warning is relevant because bluetooth access is 24/7.
Digital Economy is a key driver in many of GoI policies including data protection. A govt app requesting permission for making users at risk, since many of these phones used for payment apps as well. The permission collection ideally needs a warning notice about the potential risk on specified versions alone Mentioning this in the best interest of users.
from aarogyasetu_android.
Agreed with @damoo.
from aarogyasetu_android.
Related Issues (20)
- GattClient not used. Who is connecting to server then?
- New tech repport
- iOS - Translation text is missing for delete_account_title
- patient status problem when the active patient changes his handset
- This repo isn't updated as per the play store version! HOT 1
- Autostart permission
- Reporting Low SPO2 in patients across India
- BluetoothLE: Scanning nearby user not working
- New Feature to check availability of beds for Covid-19 critical patient HOT 4
- Feature Request : Notify users when Vaccines are available at the nearest location.
- Vaccination slots booked by bots HOT 2
- OTP validity mismatch
- Suggestions on New UI changes in Arogya Setu.. current UI is against desired output
- correction in autofill feature of mobile number in Aarogya Setu App HOT 1
- [BUG] Error in identity validation
- Feature Request : arogyasetu should also show if Bluetooth contacts are vaccinated
- Jรก
- [Suggestion] Add an option for choosing vaccine other than Covishield, Covaxin
- Unsuccessful account deletion
- Unable to log in arogyasetu app despite entering phone number HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aarogyasetu_android.