Hi
I may be wrong, but can someone help me interpret the results of this analysis correctly?
See the Network Related section: Why does Simplex.apk have a hardcoded communication with
An app that is advertised as the most privacy-friendly?
All other indicators can (probably) be considered false positives (for example, the Camera permission, which is needed for video calls)
Is that based on the F-Droid version of SimpleX from the native F-Droid repository?
I tried it with the official github .apk and same result. I have no idea what it means though maybe someone could chime in?
Found potential URL in binary/memory:
- Pattern match: “https://issuetracker.google.com/issues/new?component=618491&template=1257717”
- Pattern match: “https://android.googlesource.com/toolchain/llvm-project”
- Pattern match: “https://developers.google.com/protocol-buffers///”
Except that they need something to make an android application (android SDK) and somehow to get issuetracker feedbacks, there’s nothing to worry about ? I guess? I don’t know.
I can’t speak to that with a familiar level with the code, I can only presume or guess. All I will say is that is why I never install any app from Github or Gitlabs, because there is no third party verification of the code for releases on those sites.
I only use F-Droid after disabling all anti-features in Settings and then install apps that I know are 100% clean from all dependancies.
Download the SimpleX apk from F-Droid website and then run that to see what it says for any difference in the results.