What happened to Radar Covid and Firebase: what is this tool for and what does its presence mean in the code

Must Read

Disc Room Review: Step aside, Super Meat Boy!

The authors of Minit are back in the limelight with a puzzle game with frenzied action, all reflections, timing and rotating blades. Guarantees...

Pokémon Espada y Escudo – Nieves de la Corona, Análisis: el camino a seguir

El Pase de Expansión recibe su segunda parte, un territorio nutrido en contenido y horas por delante, más un nuevo modo, las Aventuras Dinamax:...

BioVYZR: this personal air mask is a complete protection with KN95 filters, anti-fog and reversible gloves

In the fight against the coronavirus there are many options. One of them is the one proposed by VYZR Technologies, a...

The political attack against the ‘big tech’ can benefit the medium

Big tech being in the eye of antitrust may benefit smaller rivals. The acquisitions of Amazon, Apple, Facebook, and Google, giants worth...
Brian Adam
Professional Blogger, V logger, traveler and explorer of new horizons.

The current Radar Covid application for Android, as reported and published on GitHub by developer Jorge J. Ramos, contains a trace to Firebase, a Google tool frequently used in app development, mainly to obtain analytics and information on errors.

As we indicated in our in-depth analysis of the Radar Covid code, currently Android app code does not match code posted on GitHub, and one of the differences is precisely this: the trace to Firebase is not in the GitHub version, but it is in version 1.0 that is currently used in Android.

What is Firebase and what is it used for in Radar Covid

Image 2020 09 18 09 45 23

Firebase, as Google itself explains, is a tool that allows you to record events in applications. In other words, serves, among others, to send error reports to the developer. The main “problem” is that in order to send these reports, it collects various data along the way: phone model that has downloaded the app, usage time and others.

In the case of Radar Covid, the Secretariat tells us that Firebase has been used to detect bugs in the app and thus accelerate its development

Each developer can use Firebase for a specific purpose. From the Secretary of State for Artificial Intelligence (SEDIA) they tell us that this tool was used during the testing phase of the application to “speed up development” (detect bugs) and that, in the updated version (the one published on GitHub), it is no longer implemented.

“For clarification, no user data has ever been collected. It was simply used during the testing phase to speed up development, no more. In the updated version you can see that it is no longer there.” SEDIA spokesperson.

Although it is not known exactly what data Radar Covid collected in its testing phase, SEDIA ensures that no data was ever collected from users. The privacy concerns with this code are that, according to the GDPR (General Data Protection Regulation), apps are obliged to report the presence of external code (in this case, Google’s), something that has not been done .

While it is true that they have skipped this step since the full version will not use Firebase (as reported by SEDIA), taking into account that version 1.0 in Android has traces of software, it should have been indicated according to the Regulation.

Does Firebase pose a privacy risk?

Radar Covid App

Not at the beginning. In the first place, because the frequent use of Firebase is to take analytics about errors and use of the application, something that SEDIA subscribes to, stating that it has been used in the development phase of the app to streamline the process. The current app contains a trace to Firebase, but there are no explicit references in the code to Firebase itself. What there is is a reference to a folder called ‘Pods’, a small remnant of a system called Cocoapods, the recommended means of implementing Firebase.

Version 1.06, released on GitHub, no longer contains any traces to Firebase. From SEDIA they tell us that this is the version that will come to Android, with the relevant changes

The most important thing here is that the version published on GitHub, which is the most current version, no longer contains this code. In fact, if we look at the version of Radar Covid for iOS, 1.07, this trace is not present. On Android we still have version 1.0, which is not up to date and contains discrepancies with the GitHub code.

So that, when the android version update the promise is that there will be no trace on firebase. The tool was used during the development of the app (without being specified in the privacy policy) and, after fulfilling its function, it will be removed from the app’s code, as in the case of iOS.