Tim

@JsBergbau Did you read the "[Datenschutzfolgeabschätzung](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung.pdf)" Document? Especially [Annex 5](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage5.pdf) could be interesting for you.

@dsarkar You applied the https://github.com/corona-warn-app/cwa-documentation/labels/in%20review label here more than two years ago. Was the review meanwhile finished? What were the out comings of it?

Did you ever change the time on your device while the test was registered?

https://www.coronawarn.app/en/#privacy under the point "Security" also says: "Security assurance of application development through Secure Software Development Lifecycle, which includes among other things threat modeling and end-to-end risk assessment, security planning,...

Penetration test were also mentioned in https://dbtg.tv/cvid/7519454 at around minute 12.

The BSI [responded](https://twitter.com/BSI_Bund/status/1413492584694038528?s=20) to a question I asked them on Twitter, it's not planned to publish the security audits ("Eine Veröffentlichung der Berichte als solches ist aktuell nicht geplant.").

@rugk Is the [argument](https://twitter.com/MleSeb/status/1413563070266363906?s=20) from the Twitter user a valid one? For me it sounds logically that they won't publish these audits because hackers then would know what doesn't work...

@heinezen Thank you for the explanation (and for rising this topic again)!

Is there any update available here? Will security audits be published directly on GitHub or is it necessary to request them via a FOI request?

Just for the record: This would definitely be a huge change which should not be done without testing all functionality of the page afterwards. Regarding the accessibility: Adding a dark...