Sept. 12, 2020
5:28 p.m.
https://decrypt.co/40765/privacy-bug-found-apple-google-covid-tracing-framew... "Essentially, they found Bluetooth LE’s numeric address and the framework’s own rolling proximity ID do not necessarily update at the same time, leaving little windows in which the Bluetooth address corresponds with the old ID—a pebble to trace. They were able to eavesdrop on messages from up to 50 meters using a 'cheap and basic antenna', they wrote."