Analysis find security vulnerabilities in UK's NHSx contact tracing app
Security researchers have found seven problems with the NHSx contact tracing app including: weaknesses in registration that could allow attackers to steal encryption keys; storing unencrypted data on handsets; generating a new random ID code only once a day; and design decisions with respect to Bluetooth connections that could enable tracking. These questions are independent of whether the app is centralised or decentralised.
Writer: BBC; Chris Culnane and Vanessa Teague
Publication: BBC; State of IT