Because that’s a sane habit to not disclose any private data from my users ?
Seriously that’s insane …
According to you, changing the signature would change the settings (which never occurred, and I’m quite sure I set up at least one provider immediately upon install, even if I didn’t really make extensive use of it until later)
You still do not understand the timeline right? Let me resume again what happened.
You installed from Play Store the 26th then forget about it.
At some point you updated the app with another version coming from another store or whatever and pressed yes.
Your settings where lost but you did not remember having the app before so did not notice that it happened …
Now when you uninstalled the app and installed again the app the settings where lost as expected.
Everything is logic, you forget about the first install, and you forget about clicking yes at some point. That’s the most logical explanation about what happened despite your conspiracy theories on things that are not possible …
About the IP, since i usually do not care about them as it’s only when there’s abuse, it seems cloudflare changed how they report the data when proxying and so it’s not the actual IP you used that I no longer have.
So once again no conspiracy theory just you refusing to understand how android work and not remembering your actions.
I would factory reset my device in your place.
If you are a journalist or otherwise under thread maybe contact Contact us - Amnesty International to let them check your device.
Are you sure that this is the expected behavior? Because you’ve been stating things in this thread with great confidence, only to apparently roll them back.
So the IP that you said you could confidently provide and traced to a service…was completely bogus?
I can only rely on what’s coming from you here and just a bit ago you were insisting that I’d activated the app over a cloudflare tunnel or VPN in Austria?
Based on that information there isn’t really much of an alternative to the original apk being somehow tainted, if it was actually true, which would point to an insane level of exploit.
I’ve been relying on your information which is clearly not exactly 100% reliable.
Yeah I’m definitely planning to reset. I’m not specifically under any known threat so I’ve been running checks vs. the amnesty IOCs just to reassure myself prior to doing so. HOPEFULLY it was just an innocuous (from a security perspective - obviously piracy is a real issue) upload of a modified apk to f-droid that got flagged and pulled down or something.
The IP of the original activation apparently NOT meaning anything is a tremendous relief that makes me feel much better about just factory resetting and moving on, because if that were actually true it kind of removes the wiggle room of “well, maybe I did something inadvertently”.
I crippled the image before looking at the subnet as I always do for users safety …, seriously stop with your nuts conspiracy …
Yes I am and have never said anything different I’m not aware of anything able to that do that.
Funny how you ignore all the actual facts and history of this thread just to try to pinpoint on the IP in the logs that is actually not that important since you have confirmed it was you that day …
No since the modified APK can’t reach the server it proves that on that date you installed the proper one. And that you get the modified APK from somewhere else.
This is actually pretty sure as anything else would indicate a very serious problem on your device and it would be strange that someone only tampered Symfonium on your device after such elaborate attack.
Anyway thanks again for all that time not spent on improving the app and helping others and the bad rating that kills the app future
It might not be important to you, but the idea of an app that I downloaded that’s since been flagged as nongenuine registering itself from a completely different continent is rather terrifying to me, because…the only way that that could happen would be preexisting malicious software very deeply embedded in my phone to a truly terrifying degree
I’d already adjusted the rating prior to reading this last post, and do appreciate the time that you spent on this. I’ll buy the app (which is great) and send over a bit extra on kofi to support it.
I’m still baffled at how the spurious version would have replaced the good one. I did install/update a few prominent open-source projects from F-droid in the timeframe that would line up (and for the first time in a long time so the store and a couple of other things updated, including wanting to overwrite at least some play store apps) so that would seem like the likely vector, but that getting into the main repo there would be insane too.
In the absence of the IP being meaningful it seems very likely that this is where it occurred and significantly less worrisome than the alternative - even if it’s still concerning. And I really appreciate the detail in follow up (if you’re able to email the log to me I’d appreciate that as well)
