tripleblindai / safe-places Goto Github PK

Unfortunately I cannot provide the test data I am using as it is personal data.

Steps to reproduce
Redact two files containing different data (in this case, one from Spain, one from the US) from the same day
In the publishing tool, load both files
Publish the data

Expected behaviour
The file exported from the publishing process should contain both redacted datasets

Actual behaviour
Only one dataset is included. The following is visible in the console:

Uncaught TypeError: Cannot read property 'length' of undefined
at updateStats (index.html:1504)
at updateExposurePoints (index.html:1404)
at updateDateRange (index.html:1343)
at HTMLDocument. (index.html:1314)
at e (jquery.min.js:2)
at t (jquery.min.js:2)

Ideas up for discussion

Technical requirements:

• the application itself should be server independent (just html & js) cc: @penrods
• health organizations can host the application on there own (actually, they can just download the application and use it locally) cc: @penrods
• simple modifications should be possible using a standardized/common tecstack cc: @penrods
• the use of APIs like Google Places API, or the Safe Path API should be optional (saving, editing, etc. should work without an API and local files)

Technical actions:

• start using a frontend framework (react.js & redux)
• Unifying location scrubber (reduction tool), publisher and path creator into a single PWA

Backend

• enable downloading clustered case download (the app will send it's path boundaries to the server and only receives data for this area)
• having a sample implementation of a API

Version 0.1-alpha

• Create branch for react implementation @kyletowle
• Have all the current features in place with a nice UX and a solid technical foundation

Version x.x-beta

• Implement feature requests and ideas from health officials
• having the API implementation

I'd like to try this as part of private-kit. How can I set this up to run?

There is an error (from google) about page not being able to load correctly, when either the API key OR the Billing is not valid or activated. This should be made more clear and presented to the user. For example, you can test for valid API key using code like that found in my own map. But we also need to test for Billing.

When you adjust the date range on the Sample_PrivateKit.json data, the marker in California disappears and you can't get it back.

Probably some off-by-one error or rounding issue on the date range.

A "hidden" point shouldn't be deleted, since the person doing the editing might have only temporarily hidden it and can't tell that they are doing a permanent deletion.

The only way to move from redaction to publishing and vice versa is to press the back button. It would be a nice usability improvement to add a explicit UI control to achieve this.

In the event that a health authorities site has been compromised, there needs to be a way to support an immediate revocation of the compromised data set from that authority.

Specific use case
The website of a health authority is compromised, and the data from that authority is modified to give erroneous results, perhaps adding in time-locations that will alarm the public. The authority would want a way to immediate retract that data while the site is brought back under control. It should be acceptable to retract all data for that authority, as long as that authority can be re-enabled when appropriate.

There are some bugs in the Publisher that doesn't allow the code to be rendered.

• https://github.com/tripleblindmarket/safe-places/blob/develop/publisher/index.html

Since we have access to the redacted anonymous data already from the city officials, we should be taking a step further and predicting the next predicted site, given the existing ones. Think of standard posterior estimation.

Officials might also be able to incorporate information into their modeling that is not publicly available, making this much better suited as a Healthcare Authority operation rather than a client-side calculation.

v2 could take it one step further by performing prediction on encrypted data from users directly

It would be useful for the tooltip to show an approximate speed for travel groups. This could allow a redactor to distinguish between walking, riding a bike or moving in a car or plane.

It would be useful to have a short description on how we recommend HAs deploy the docker containers, and the security architecture.

For example - how many users can be supported by a single container with spec X

I'm assuming no data leaves the browser, but it would be good to state that so that it is clear why we don't need TLS/SSL; why backups aren't necessary etc; that there's no persistence and no need for auth.

These statements can then be supported by tests.

There seem to be many bugs in these tools. Here is a list:

• The drawing tools are covered by the redaction tool window. (see #41)

• There is an error (from google) about page not being able to load correctly, when either the API key OR the Billing is not valid or activated. This should be made more clear and presented to the user. For example, you can test for valid API key using code like that found in my own map. But we also need to test for Billing. (See #42 )

• There seem to be some code errors in the jquery according to FF/Chrome debuggers. (See #43)

• There are a many additional CSS errors... (#29)

• Even after I manage to draw points and boxes, both: (#46)
  (a) - the time sliders and
  (b) - the save button is always grayed out!? Why is that?

• The map always start in Boston. I'm not in Boston, so where do I change this default?

• In Brave (a Chrome mod) there's only a blank white page... (#39)

Steps to reproduce:

1. Redact a file and export from the redaction tool
2. Load the file into the publishing tool

Expected Behaviour
File is loaded with no errors

Actual Behaviour
The file is loaded, but a popup appears that says "[object file]". The below stack trace is visible in the console:

jquery.min.js:2 Uncaught TypeError: Cannot read property 'length' of undefined
at updateStats (index.html:1504)
at updateExposurePoints (index.html:1404)
at updateDateRange (index.html:1343)
at HTMLDocument. (index.html:1314)
at e (jquery.min.js:2)
at t (jquery.min.js:2)

Both the time-sliders and the Publish button are grayed out in the apps.
What's going on?

I'm not able to import anything into the publisher app. Always get some error about the JSON.

What is the correct format and how to import it?

Feature: encrypt data stored on device with a device-specific key that is non-trivial to decrypt (e.g., key > 2048 bit).

Why: for rooted devices, it is imperative to prevent other apps to access Safe Paths data.

I think it would be best to have a running version of this tool, that public health and government officials can play with. Not sure where we would host it, but we can upload our own geodata and use this as a "live" version.

• Khahlil

Current Behavior

When I select a point to delete on the Redaction tool, the Delete All button is highlighted, instead of the Delete button

Expected Behavior

The Delete button should be highlighted

1. Open IE11
2. Browse to: https://safeplaces.extremesolution.com/location-scrubber/index.html

Expected Result:
Loads the SafePath WEB app

Actual Results:
Displays a blank page.

https://github.com/tripleblindmarket/safe-places/blob/65d1fe0cc8b8bb22db46572285d0d1eb276cef80/publisher/index.html#L1078

I think it should be ???
exposurePoints.push(marker)

I want agencies to register themselves along with a GPS extent box. The Publisher tool can make this easier for a healthcare authority to determine this by displaying the min/max GPS coordinates. Then the authority just needs to adjust the map view to roughly cover the agency's area in the map view.

This only needs to display the min and max.

The time range is not accurate in the UI. I uploaded a small dataset covering a couple of hours in the redaction tool, and the range was displayed as "18/04/2020, 00:00:00—19/04/2020, 01:00:00". The actual time window is much smaller.

Steps to reproduce

1. Unzip and upload the attached file into the redaction tool
2. Look at the date/time range slider labels.
   1587215334455.zip

The yellow travel points should probably appear at the bottom of the pile when there are several overlapping markers.

We should have some facility to import/add external time-location data to the published dataset. Two specific use cases come to mind ...

1. Someone is diagnosed but does not have the app, and does not have google map tracking data that can be imported to the app. The health authority might be able to interview the person and reconstruct at least some of the data.
2. The health care authority may wish to "seed" the initial rollout of data from data they've already compiled. Gives immediate value to a health authority wanting to implement as fast as possible.

There seem to be some code errors in the jquery according to FF/Chrome debuggers...

The drawing tools are covered by the redaction tool window.

Add clear instructions to the readme on how to:

• 1. Get an Google API key (for the map) starting from having only a gmail account. (How to navigate and what to click etc.)
• 2. How to enable account Billing in the Google console

Steps to reproduce:

• Open the redaction tool
• Upload a JSON file that is not in the right format

What happened:
The sea is shown in the map, but no error is visible to the user. Errors are thrown to the JS console e.g.

Uncaught SyntaxError: Unexpected token , in JSON at position 281
at JSON.parse ()
at FileReader. (index.html:1104)

or

Uncaught TypeError: Cannot read property 'time' of undefined
at FileReader. (index.html:1427)

What I expected to happen
I expected to see an error that is visible to the user, and advises them that the file format is incorrect.

https://github.com/tripleblindmarket/safe-places/blob/b18bd9363016b312f79b421638db0bd8d4bc1bb0/publisher/index.html#L1159

Looks like auth is being handled by doXHR but this doesn't appear to be called.

Saint Lucia reports that the unix timestamps are off by 3 hours from local time when they load the GPS data into the redaction tool.

It is possible for Javascript in HTML5 to save directly to the filesystem (allowing the user to pick the folder, etc). See saveText() in the index.html -- there is a commented out stub, but it isn't working.

The dataset I am using is me in my house for 2.5 hours with GPS / bluetooth switched on. Most of the data points correctly show in pink as I am in the same location. However, when I use the "Hide < 1hr" it hides all non-travel. I would expect that these locations would be identified as similar enough to be the same location, and therefore that I had been there over an hour, and would not be hidden.

Steps to reproduce:

• Unzip and upload the attached
• Select Hide < 1hr
  1587216857693.zip