My own feeling is that cleanapk are doing in good faith and are willing to make things well.
On what inside info’ would you base that? e foundation won’t talk about it and tries to claim “3rd party,” shutting off discussion immediately:
Even though it’s obvious the info.cleanapk.org site is hosted in the same neighborhood as other e foundation sites.
PING e.foundation (51.15.109.81) 56(84) bytes of data.
64 bytes from 81-109-15-51.rev.cloud.scaleway.com (51.15.109.81)
PING e.email (51.75.90.184) 56(84) bytes of data.
64 bytes from mail.ecloud.global (51.75.90.184)
PING info.cleanapk.org (51.15.64.39) 56(84) bytes of data.
64 bytes from 39-64-15-51.rev.cloud.scaleway.com (51.15.64.39)
PING api.cleanapk.org (178.63.53.85) 56(84) bytes of data.
64 bytes from static.85.53.63.178.clients.your-server.de (178.63.53.85)
Why should we trust a site that can’t keep their certificates up to date? When I browsed to cleanapk.org, it showed me:
"Your connection is not secure
The owner of cleanapk.org has configured their website improperly. To protect your information from being stolen, Tor Browser has not connected to this website.
Learn more…
cleanapk.org uses an invalid security certificate.
The certificate expired on September 7, 2019, 12:00 AM. The current time is September 8, 2019, 1:56 PM.
Error code: SEC_ERROR_EXPIRED_CERTIFICATE"