After a statement on allegations by the Chaos Computer Club and the disclosure of the source code, there are apparently still concerns about the "Luca" app for corona contact tracking.
Four million citizens are already using their Corona app, say the makers of "Luca".
However, critics expressed concerns about the security of the application.
Now the Federal Office for Information Security is also targeting the app.
Berlin - "Luca is an aid to contain the pandemic - by no means the sole savior": This is how the makers of the Corona app "Luca" commented last week on allegations of the hacker association Chaos Computer Club (CCC) - but the Federal Office is still busy for security in information technology (BSI) now with the app.
The
Spiegel
reported
after a corresponding request.
Germany is in the third wave of the corona pandemic, in the last third of a “marathon”, or meanwhile “feeling”, a state between “tired” and “angry” - depending on how you look at the world.
There are not as many hopes on apps for corona contact tracking as on the vaccinations or the tests - but there are some hopes.
Creator of the Corona app Luca: "See the accusations of the CCC as excessive"
It therefore caused a sensation when the CCC demanded last Wednesday not to spend any more tax money on the app.
Club spokesman Linus Neumann had spoken of a "continuous series of security problems" with the Luca system.
The app developers then admitted that there was a vulnerability in the Luca key fob, which has since been eliminated.
In addition, the protection of the contact data was guaranteed all along.
“We feel the CCC's allegations are exaggerated,” the makers also wrote in an online statement.
"The luca app can be tricked - like many other aids against Corona."
At the same time, Hennig rejected the CCC's accusation that the Luca system was potentially able to uniquely identify individual devices at any time and assign all check-ins to them.
"From our point of view, the fundamental criticism of central data storage systems, which, by the way, are used in many areas of social life such as telecommunications providers, credit card companies and also in the health sector." These systems must be protected against misuse accordingly.
"This is the case with the Luca system."
+
The Luca app for corona contact tracking is also available as a key ring for people without a smartphone.
© Marcus Brandt / dpa
Corona in Germany: Luca app operators disclose source code
The developers of the Luca app have fully published the source code of their system for corona contact tracking under an open source license.
The code of the two app versions (Android and iOS) and the back-end system has been available on the GitLab platform since Wednesday evening.
It can now be checked by independent bodies.
The aim is to enable a transparent analysis and further development of the software, explained Culture4life GmbH, the company behind the Luca system.
Company boss Patrick Hennig said that it was also about "generating a high level of trust in the security of all those involved and interested users".
The method also ensures that the source code is often tested and possible problems can be identified quickly.
The Luca app, for which hip-hop singer Smudo from the "Fantastischen Vier" had advertised, is used in Mecklenburg-Western Pomerania, Berlin, Brandenburg, Lower Saxony, Hesse, Rhineland-Palatinate, Baden-Württemberg, Schleswig-Holstein, Saarland, Bavaria, Saxony-Anhalt and Hamburg financed from tax revenues.
According to research by the
Netzpolitik.org
portal, the funds used add up
to a total of 20 million euros.
This money will be used for the development of the app, the connection of the health authorities and the SMS service to validate the telephone numbers of the users.
(frs with material from dpa)
List of rubric lists: © Marcus Brandt / dpa
