I tested Scrambled-EXIF with ClassyShark3xodus and it identified a “ACRA” tracker (*µ?ACRA ; 198org.acra.). But when i check on Exodus Privacy - no trackers found. https://reports.exodus-privacy.eu.org/en/reports/com.jarsilio.android.scrambledeggsif/latest/
I test app from F-Droid and PlayStore and it is exactly the same.
Is this normal, someone to explain more?
Report this upstream on Gitlab.
I believe that @oF2pks might be able to help explain the discrepancy here.
My two cents at this moment would be a basic whois of acra (dot) org. But (???)
IP Address: 184.108.40.206
Registration Date: 3/7/15
Customer: Network Solutions, LLC
Customer Handle: C05642671
Address: 12808 Gran Bay Parkway West
City: San Jacksonville
Postal Code: 32258
Country: United States
@primarto ClassyShark3xodus has been updated: fixes and latest Exodus trackers database (294 lines) https://reports.exodus-privacy.eu.org/api/trackers .
I decided few months ago to add some missing known trackers : many of them are quite unused (but present in old apks), some are in stand-by in Exodus Etip (https://etip.exodus-privacy.eu.org/ wip before final validation) and few are bug tracker.
These additions use prefixes: ° ² µ
- ° for missing: Amazon new active tracker AWS Kinesis is missing
- ² for Etip stand-by: e.g. GravyAnalytics
- µ for micro non-intrusive: Acra
All these additions have one thing in common on F-Droid: they should not be activated without the user consent; otherwise they will be flagged with antifeature warning.
So in fact, having a foss bugtracker like acra in fdroid apps, is an indicator of quality. In theory bugtrackers should only be present in debug/nightly apps; in live contributors’-team market apps, it’s fair to have acra onboard (with user consent).
I also decided to go for one single exception to Exodus official database: Mapbox is softened to MapboxTelemetry instead of the wider general map sdk detection .
More info: https://gitlab.com/oF2pks/3xodusprivacy-toolbox
PS: @uniqx @Izzy (@M66B ) , it seems prism-break.org considers Bugsnag as not
100% open-source tool (possibly due to sessions.bugsnag.com ?) : https://gitlab.com/prism-break/prism-break/-/issues/2221
The Android Bugsnag client is 100% open source: https://github.com/bugsnag/bugsnag-android/
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.