12 comments

[ 3.2 ms ] story [ 33.8 ms ] thread
This isn't some "oopsie" oversight on the part of governments spending tens or hundreds of millions of dollars to market the vaccines. They want fraud to be easy and commonplace to build in the justification for putting the info in a centralized database that links to your smartphone.
Police have already used our contact tracing app to make arrests. They must be drooling over the very real potential of all Australians having to keep them updated on our locations in perpetuity.
I no wonder why New Zealand is on on lockdown level 4 after opening the border for Aussies with this fake cert.
Come on mate they've linked it back to a case in managed isolation. It's not like he walked off the plane and went straight to the Auckland CBD.
When I visited NYC for a few days, I picked up a Pfizer vaccine and was amused that they gave me the little certificate card to fill out by myself, before I went to another line to get the shot.
(comment deleted)
How is it that the US and Australia with all their resources as well as high tech companies are unable to setup a privacy respecting forgery proof system [1] when tiny countries have no problem doing it. The code is even open source. [2]

[1] https://www.bag.admin.ch/bag/en/home/krankheiten/ausbrueche-...

[2] https://github.com/admin-ch/CovidCertificate-Documents

That’s a lot of reduced privacy no matter how you look at it.
You live in a country that has your name and your birthdate on file for ID, taxes, you presumably have health insurance that already knows you have the vaccine - the EU system as it is right now is designed to prevent those entities from collecting more information than that.

How is this a lot of reduced privacy?

Not to detract from your overall point - because it's a great question - but I feel that calling this system "forgery proof" only tells half the story.

Presumably public-key cryptography is how these certificates are signed and verified, which is essential for sure. But, a human is still required to verify that the information in the certificate matches some other ID, which could be easily forged. Drivers licenses and student ID cards are well known examples of such.

I think it's great that the system was designed to be privacy respecting. However with a bit of skepticism I raise the question - will this system stop anyone besides the most unmotivated of forgers? Perhaps it's still a win, but I think it's a question that deserves pondering.

> Besides the person’s first and last names, date of birth and a certificate number, the COVID certificate contains details of their COVID-19 vaccination, recovery, or negative PCR or rapid antigen test.

> Thanks to the electronic signature of the Swiss Confederation, this makes the COVID certificate forgery-proof and guarantees that it is genuine.

> the COVID Certificate Check app shows the person doing the check the name and date of birth of the certificate holder and whether the COVID certificate is valid.

> The person doing the check must then compare the name and date of birth with an ID document (e.g. passport, ID card, driving licence, residence permit, student ID card or SwissPass) to make sure that the certificate was issued for this person.

(comment deleted)
Car plates can also be forged in 10 minutes.