Bluetooth for contact tracing COVID-19

https://www.bloomberg.com/news/articles/2020-04-10/apple-google-bring-covid-19-contact-tracing-to-3-billion-people

Any engineers around here who can tell me how they are going to solve the distance measurement problem?

(Also, if they are not going approach this massively differently than usual, i.e. if they are not going to go FOSS with this and be more transparent and more reliable than transparent aluminium, how is this not going to end up as a security nightmare? Ok, please don’t answer, I just wanted to express my angst. This would totally derail immediately. Let’s put this somewhere else, maybe.)

7 Likes

They’re using Bluetooth, which is usually ~10m connection range, but they might be able to decrease the power to bring it down to 3m or so. (I don’t know if they can do that selectively without messing up other Bluetooth uses.)

It’s interesting that they’re using a 15 minute ID key. That suggests that there’s no handshake between phones: The phone simply broadcasts that key, and any other phone that receives it, notes it down on its contact list. The temporary keys will be generated off of a private key inside the phone, containing the phone id and maybe location. The government(s) will be able to roll back the encryption on the temporary key to get the information inside. Okay, so far, but…

  • If there’s no crypto-handshake between phones, that temporary key can be fucked with in a number of ways. e.g. set up a collector in one place, and rebroadcast the keys in other locations.
  • Which governments will hold the key that lets them unwrap the temporary keys? If multiple national governments have a secret, it won’t stay secret very long.
  • What if some national governments are bad actors? (Shock and surprise!)
  • If having this app is mandatory “for the duration”, who decides when it’s over?
11 Likes

I am in quite a state at the moment, so I might have missed that, but are they talking about mandatory use and governments holding any key at all?? Seriously?

Also, I go asked an engineer who said its not gonna work, at all, with BT, since measuring distances won’t work. The problem is there since a long time, and hasn’t been solved.

Everything below is just relayed information from them. I am a biologist, so I don’t know shit about BT (apart from the “men love Bluetooth” line, of course, and some crude basics).

Now, the engineer said:

WIRED (after all, more technical than blomberg) reports:

https://www.wired.com/story/apple-google-bluetooth-contact-tracing-covid-19/

So apart from the fact that they give BT “have a range of about 30 feet” (which has nothing to do with sensing or location tracking capabilities, but with transmitting e.g. audio streams) they claim: “Several projects, including ones led by developers at MIT, Stanford, and the governments of Singapore and Germany, have already proposed, and in some cases implemented, similar Bluetooth-based contact-tracing systems.” , otherwise they do not report technical details.

A link leads to: https://www.wired.com/story/covid-19-contact-tracing-apps-cryptography/

[…] “Covid-Watch, the project White leads, instead anonymously tracks contacts between individuals based on their phones’ Bluetooth signals.” and further “The app constantly pings out Bluetooth signals to nearby phones, looking for others that might be running the app within about two meters, or six and a half feet.”

“Covid-Watch” has a “proposed system” (aka they don’t have a working system yet) includes “We are pursuing research in developing inexpensive external Bluetooth devices” (aka BT beacos, not phones) and besides a “proof-of-concept” video (in which they show that the RSSI fluctuates when you move telephones back and forth - go figure) they provided no technical background, but the claim “Singapore just released an app that performs some contact tracing using Bluetooth proximity networks.”.

The link first regarding to that leads to a news page: https://www.straitstimes.com/singapore/coronavirus-singapore-develops-smartphone-app-for-efficient-contact-tracing

… which claims that TraceTogether can calculate “within 2m for at least 30 minutes” …

A google search for the FAQ from TraceTogether: “TraceTogether […] uses received signal strength indicator (RSSI) values ​​to measure the signal strength between phones”.

No indication of 2m or 30min. Ok?

And then, theres the official statement from BT.com regarding distance measurement:

End of related info.
Some more engineers here? Should we split this off? Paging @ficuswhisperer?

I would really appreciate to have @doctorow around now. All hyperboles in Cory’s pieces aside, he might be the only person here I trust to be well enough connected to all realms of tech to actually get to someone who does know this shit on the line.

I just hope they know what they are doing.

ETA:

4 Likes

There’s some good HN discussion on this and links to more articles that go into far more technical depth than I am familiar with.

See:
https://news.ycombinator.com/item?id=22838466

https://news.ycombinator.com/item?id=22834959

I can move this fork of the discussion when I’m on a computer (it’s a pain to move things like this on mobile)

7 Likes

Thanks. I assume there will be BB headline reporting on this soon (is there already? Didn’t check yet.) This definitely would be Cory’s topic. Let’s see who covers this.

Some other media sites are also reporting, and at least adding some very modest scepticism, and info on competing/different approaches.

3 Likes

I just scrolled through both threads you provided and I didn’t notice a single post saying what the engineer I asked said - namely, that BT is basically total rubbish for proximity determination, especially regarding close contact situations.

This is weird.

1 Like

one thing the bt aspect would give is the token providing identification without ( in theory maybe) leaking actual identity, not breaking the other normally aggregated and anonymized means.

( though i do wonder: the range between two points wouldn’t be very precise but if you’re tracking the coming and going of 50 different phones, and their relationship to 50 other phones yours cant see… that you might be able to use the cloud of points for more precision. kind of like trigonometry over time )

plus, it doesn’t have to be bt alone. there’s already plenty of position data from gps and even wifi. to the point where google can estimate the time you are inside a place shopping, know when you’re at home, etc.

2 Likes

I don’t have any citations or studies handy - but from an engineering angle BT is going to be rubbish for proximity mainly because of the number of uncontrolled variables. With BT alone there’s nothing to generate spatial info other than signal strength (adding GPS could work outdoors, but that would be a further privacy nightmare) - the radios are line-of-sight, physical objects attenuate the signal, (open-air, unobstructed signals propagate many times what phone held close to the human body or near the ground would see), reflections also confound RF. There are companies that have used WiFi broadcasting MAC addresses on phones to stalk phone presence, infer foot traffic etc. (looks like one of those got acquired by WeWork, link (looks like they’ve pivoted from trying to track traffic flows across cities to focus on office spaces)). But these are very binary detection techniques, for applications requiring accuracy on the order of single digits (like the 6 foot boundary), anything on a phone would perform poorly I would think, fusing data from multiple sources would probably increase the confusion, just seems really dodgy for life-critical applications.

4 Likes

@gatto (and @moxie) mentioned location data (i.e GPS and georeferenced WiFi), and you added WiFi location (via weWork/Euclid), which is basically how AFAIR Google pitched indoor navigation some time ago.

BT alone, according to the engineer I asked, has a terrible timing problem which does (according to them) makes it basically impossible for dynamic distance measurement. The clocks aren’t precise enough for that, they said. Add attenuation and reflection, as you said.

I didn’t even do post-graduate physics at the university, but I can understand that there might be a problem if this comes together.
(Meta-question: why isn’t this discussed more broadly ATM? Or did I just miss this, due to weak google-fu?)

In regard to tracking Covid-19 infections, I am holding my breath that we don’t overhype this and that it does work, and with the maximum privacy possible. I am very much willing to temporarily allow my constitutional rights to be curbed, but if this doesn’t work… Oh fuck.

Yo, everyone, if you got a physicist or engineer with a deeper knowledge of BT and indoor navigation/distance measurement somewhere in your bubble, could you run this through them and ask them to comment?

Are we going to get results from this, or is this just a nice idea by a lot of people who think that they can do something they can’t due to physical and technical limitations of our current phones and BT technology?

3 Likes

This isn’t an indoor navigation/location problem. This is a maximum radio reception distance problem. Normally Bluetooth has a ~60’ radius. Decrease the transmitter power, part of the Bluetooth LE standard, and shrink the radius down to ~8’ between average phones. Then only phones that are within that distance will receive the temp ID beacon transmission, with no need to know the exact relative positions. (There are beacon apps for phones that already do this.)

1 Like

My monitor died and I’m not getting s new one til next Friday. I feel your pain.

2 Likes

Discourse lets you select a post and all replies from a desktop browser. It’s really a boon for long and sprawling topic like this. Mobile only lets you select one post at a time. Since folks are pretty well behaved in this topic I’m in no rush to swoop in and fix things.

2 Likes

in related news

… . regarding contact tracking, I can theoretically see the benefit and could see the worth in accepting some risk if it was actually effective. The implementation seems really questionable though from a practical standpoint - what would be the acceptable false negative rate be? Just knowing how fickle and error prone tech solutions generally are it seems like epidemiologists should make that call, not engineers - in terms of efficacy and overall factoring the consequences of relying on this as a metric. On the face of it it strikes me as a boondoggle, and in the worst scenario a pretext for the development of association warrants, deployed in haste in the inevitable future security crisis “X”. The mere existence of the tech could make leaving ones phone at home a reasonably suspicious act.

2 Likes

The engineer I spoke to basically said “naaaah, not that simple” when I suggested that decreasing power or measuring signal strength could be used. They insisted that accurate clocks were the key (which I know are the basics for GNSS, of course).

I think indoor navigation has a lot of similar problems. Attenuation and reflection do influence the resolution/position problem, relative to wifi, and Bluetooth beacons. That’s why I mentioned it, after Euclid got a mention.

So, I have worked some on problems with distance measurements using radio-frequency signals. There are three basic approaches for this problem:

1: Triangulation using the relative phase of reception on three antennas with a common reference clock. This will get you the direction of the transmitter, and if you have three such systems with known locations you can localise the transmitter perfectly. This requires specialised equipment with fixed installation points.

It also suffers from multi-path problems (that is, reflections of the original signal) that renders the problem much more difficult. With more than three receptor systems, there are algorithms for attempting to resolve this and find the original emitter. As far as I know, no one has a working system for bluetooth. And even if they did, that would be a lot of dedicated equipment to install absolutely everywhere!
This is not what is proposed.

2: Time-of-flight measurements. You ping-pong the signal. Device 1 transmits, Device 2 receives, and retransmits a signal, along with information on its own delay between reception and re-transmission, Device 2 receives, and uses this information, along with the knowledge of its own delays, to calculate the time of flight between the two devices.

The time of flight is 3.33 ns per meter. That is the accuracy with which you need to have the delays in your devices known in order to have useful data down to the meter. This is not information that exist for a phone Bluetooth system. You would also need to have a good clock, but not that excessively great. If you can count cycles on a 333 MHz clock, you can have the resolution. (Though it should be better, because you will have additional errors in the delay calculation part)

This is not what is proposed either. Can’t do it with a phone. Ultra Wideband (UWB) system chips that can do it exist, but they are not in your phone.

3: Received Signal Strength Indication (RSSI). Or rather known signal decay with distance. This is the only thing that could be done with mobile phones as they are constructed today. Theoretically well known. The power transmitted will be spread over the surface of a growing sphere. So, according to a 1/r^2 law. The equation is well known to calculate the exact attenuation at a given frequency (the Friis equation), so knowing the power transmitted and the power received will theoretically let you know the distance of transmission.

The 1/r^2 relationship means that for twice the distance you will have ¼ of the power arrive. That is -6dB in logarithmic units. (Which is how power is measured in RF) Now, the RSSI meter in a phone is not that accurate. Count a couple of dB errer. The transmission power is not that well know either! The phone may say that it is using a 4 dBm[1] nominal output power, but it will be anywhere from 6 dBm to 0 dBm, or so. It will also vary by Bluetooth channel used. For most chips the signal is stronger lower in the band. (One chip I measured had a difference of 5 dB between the lowest and highest channel. The chip-to-chip difference was also a few dB.)

This all only works for free-space emission. So if there are some obstacles there will be more uncertainty. Reflections will also make it work less well. As will putting the phone close to a human body. The errors will accumulate and I think one would not get better than a factor of 4 or 5.

I have no idea if this could in any way be considered good enough.

[1] dBm, power relative to 1 mW – 1mW is 0 dBm, 3 dBm would be 2 mW, etc.

Fourth possibility:
4 : Using other localisation data too. GPS, wifi localisation, etc. Maybe this is what is proposed?

11 Likes

Thank you very much for this explanation.

I am very curious if Google and Apple have a rabbit up their sleeves. Because if they don’t, from both what the engineer I asked and you said, this sounds like a huge tech promise which cannot be kept without cutting corners. Namely, using location data of “Alice” and “Bob”. Which makes the whole thing a privacy nightmare despite promising otherwise.

One question that remains why isn’t this all over the news articles covering the Google/Apple joint venture.

Another other is: did we miss anything crucial so we are just not getting it?

The third is: can anyone relate our concerns to the virologist and epidemiologist who are currently banking on Bluetooth tech promised to get us out of measures which are extremely hard on the economy?

4 Likes

The system that Google/Apple are proposing does not track phone positions. It doesn’t use GPS outside, and it doesn’t need to localize phones indoors. I’m not sure that Luther’s engineer friend understood that.

All they are checking is the proximity of the phones. i.e. were the phones close enough that the owners might have been within the fuzzy distance for possible COVID-19 spread?

Both Apple and Google have both had Bluetooth beacon APIs for years, and probably have assembled a library of tricks and tweaks for refining proximity estimates based on RSSI.

On the other hand, most ARM SOCs do have a high resolution timer, but usually not available to non-system apps for security reasons (counting cycles on system calls). Since Apple and Google say that they’re making additions to their OSs, perhaps they’re adding code for a ping-response distance measurement API? (The response would have to include an average delay for that phone’s chipset/drivers. Hm, the phone should be able to ping itself to measure that.)

That could be handy for a lot of things other than this application, as well as many unintended consequences.

  • The Contact Tracing Bluetooth Specification does not use location for proximity detection. It strictly uses Bluetooth beaconing to detect proximity.

If bluetooth can tell you what is nearby, then it can give you an idea of how proximity changes with time by looking at how long the two devices were nearby. For example if you and I walk in opposite directions on a path, then you get an indication of relative motion as the BT contact comes up and goes away. If another person walks at 90 degrees to the two of us, then there is more information.

Governments should just equip us all with GPS tracking bracelets and get it over with, because that is the limiting case in all of this.

1 Like

[Emphasis mine.]

I am not betting on it. As I said: if they have a white rabbit, they better pull it out, and fast.

So far, beacons are a different thing than phones. Less problems with variable environmental attenuation, less problems with variable reflection. Most importantly, they have a know position. Several of them could triangulate a phone with ease.

I don’t know shit, so let’s ask @Aciantis: is it even the same hardware, or do they use other chips? Other power sources? (As they explained, that will have an result on the measurements.)

Time is of essence, since the duration of the contact is very much influential on your probability to get infected.

Regarding the idea to use it for proximity, and this:[quote=“Michael_R_Smith, post:18, topic:168306”]
Governments should just equip us all with GPS tracking bracelets and get it over with, because that is the limiting case in all of this.
[/quote]

Are you trolling? O_o

Proximity by duration: nope, doesn’t work this way.

GPS: even if it would work indoors and wouldn’t be a total dystopian fuckshit, I don’t think we could just ramp up production of dedicated devices.
Let us keep discussing BT solutions here, shall we? That’s what was proposed.

2 Likes

No, I don’t think it can be a ping response measurement. Counting cycles isn’t your only problem. You have to know when the signal starts. BT uses 1 MHz (or 2 MHz for BT5) channel bandwidths. That’s the speed with which the signal ramps up. It takes 125 ns (¼ period) at 2 MHz to start the signal. That’s a pretty slow rise-time compared to the 3.3 ns per meter time of flight. (6.6 ns return trip). That’s really fuzzy to measure start time. This is the reason that time of flight systems all use ultra wide-band (UWB) systems, to have cleaner rise times.

And, no you can’t ping yourself. The BT chip is either sending or receiving. There is a switch selecting which path you use. There is some dead time between sending and receiving. Well, the switch is leaky. So some signal will spill over into the receiver when you transmit. Theoretically I suppose you could use this to measure the signal you are transmitting in your receiver, but I don’t know if you have enough control of the chip to be able to practically do this. The BT chip usually has its own 8-bit processor to handle all the really low level crap, like taking the IQ signals and doing symbol detection. And it does not give you access from higher up the chain. It just spits out bits.

I’m guessing that it is just proximity based on RSSI with black magic on top. (Machine learning!) And just living with the uncertainty in distance. I’m going to check in with what some other people I am working with on BT stuff have to say and see if they have some enlightening ideas.

6 Likes