Hi

I may be wrong, but can someone help me interpret the results of this analysis correctly?

https://www.hybrid-analysis.com/sample/0a0238f85b8a559e8ab54f67920004db3a67a39bdbdbfa00075fd7d27e41dec4/672423b56b46e4feb006681d

See the Network Related section: Why does Simplex.apk have a hardcoded communication with

issuetracker.google.com

android.googlesource.com

developers.google.com

An app that is advertised as the most privacy-friendly?

All other indicators can (probably) be considered false positives (for example, the Camera permission, which is needed for video calls)

  • Mettled@reddthat.comEnglish
    1·
    6 months ago

    In the details for potential URL in memory, it says that’s for .onion address.

    Thank you for posting the report, after I read through it, everything to me is clean and clear. The FDroid apk does not communicate with any outside resource that is not part of the anonymous network.

    The Github version relies on Google, and to me nothing in the report suggeats that the FDroid version communicates with Google services.