Hi
I may be wrong, but can someone help me interpret the results of this analysis correctly?
See the Network Related section: Why does Simplex.apk have a hardcoded communication with
An app that is advertised as the most privacy-friendly?
All other indicators can (probably) be considered false positives (for example, the Camera permission, which is needed for video calls)
Removed by mod
Hello !
Version 6.1.1 (250) arm64-v8a https://f-droid.org/en/packages/chat.simplex.app/ https://f-droid.org/repo/chat.simplex.app_250.apk
Here’s the analysis: https://www.hybrid-analysis.com/sample/9b14b4f80b479a7eb2a5e9fb22ad3f5d547690f4e30da6b5c6f0e9ed8d4039da/672727b3fd3db6063b002513
Same exact result:
Dunno if this is something we should worry about or not ? Maybe OP and myself are not educated enough to interpret the results, however I’m also not very comfortable seeing those
Found potential URL in binary/memoryfrom SimpleX’s APK. Do you have any further thoughts?Thanks.
I hope @[email protected] will dispel our doubts or a member of the Simplex.chat team :(
Removed by mod
It’s not about whether the application communicates with these addresses or not. It’s about the fundamental question: why are these addresses even encoded in the code of a VERY privacy-sensitive application?
My friend, in every answer you push F-Droid as a cure for all evil. There is no perfect store, F-Droid also has its problems (I wrote about it above). I am not an enemy of F-Droid (I also use it sometimes), but I will repeat: F-Droid control is insufficient (it’s security theater - it’s not a full audit of the source code).
Removed by mod