Stop recommending this shit ffs. Its super suspicous, closed source and intransparent in its operation. If the feds raid this guys house and push a malicous version (assuming its not already compromised by design), all the users are fucked. This is not a good app to recommend.

I’ve seen this app panned by folks who don’t like that it’s iOS only and the legitimate concerns they have about anonymity with android, even if you’re on graphene or the like.

Their concerns regarding push notifications on android are legitimate, they’re basically saying “we don’t want to collect data on our users and android would necessarily require this for push notifications to work”.

This does not mitigate any threat from your device being connected to Apple and iCloud, which is how the push notifications work.

So the options are a database containing push notifications and uuids that can specifically identify a user location and device maintained by the developer or using the automatic Apple infrastructure. Both are equally beholden to subpoenas and hacking but the risk level changes significantly depending.

I’d urge folks to read the independent security analysis done against this app instead of trusting me or anyone else about it.

Do you believe the independent security analysis of the app to be malicious then?

I would argue more that anyone grabbing this from the app store is painting a target on their back. It doesn't matter what permissions it does or does not have: You are now giving a mega company run by a c-suite that have demonstrably bended the knee to a fascist information that you care about this.

Push notifications are incredibly valuable. I still argue that doing it through a dedicated app at all is idiotic and it should instead be through a semi-anonymous chat system like Signal or Matrix and the like and get group blasted.

When you do business with companies in certain industries not only is your software audited but your entire development process, business processes and staff are audited.

It's not unreasonable to question a closed source application for something like this as one version was audited, but what about the next?

How do we know their dev process hasn't been compromised? Or the person building app wasn't compromised? Or that the entire thing was not compromised from the start?

Likewise, an audit without full access to code isn't useless, but hiding behavior from an audit and for a certain period of time would be straight forward. How do you know there is not a dormant command and control system in the app that will cause it to behave in a malicious manner after a set amount of time or after a specific push notification is received?

I am not saying this is present, just that Audits like this are only able to catch what they can observe and the existence of an audit does not mean to blindly trust something

Having the App be open source would be a big step towards providing the transparency needed to address these concerns users would not have to trust anyone and can confirm the builds on the app stores match what is on their Git.

I am not pointing this out to jump on the "Don't use this app" bandwagon. I am pointing it out to say that there are reasons to be skeptical of these sorts of things in our current political climate.

Remember Sabu and LulzSec

Skepticism is good but there has been an almost blind fanaticism about this.

Grapheme made a statement, correct as it may be it cast more shade on this app than necessary and that makes sense as they have a vested interest in pushing android as a more secure ecosystem than iOS as that’s their true rival in this space.

What I am getting at is it is worthwhile to be skeptical of all sides, not just take the word of a side that fits with your biases.

I’d expect, and personally would not continue to use this app otherwise, this app to receive continuous grey box analysis from independent security professionals.

Take what I’m saying with a grain of salt but I’ve done mobile device analysis professionally for some time wearing a number of hats and that’s the perspective I am speaking from

There are no legitimate concerns outside of iOS. The dev doesn't know what they're talking about. Apple and Google have identical privacy flaws in their notifications. The difference is only 1 platform allows you to use a different notification system entirely. And only 1 platform allows you to download apps without logging who is doing it.

there are no legitimate concerns outside of iOS.

Please could you explain what you mean here?

I have been on the other side of the equation professionally speaking.

I think we mostly agree.

The auditors were certainly not malicious, they can simply only see what they can observe.

Appealing to authority without explaining the caveats is risky to do and disingenuous to people who need to take security very seriously right now.

A potential vector or matter of concern does not mean there is a compromise. Without evidence of a hack or compromise you just have the idea that something could happen.

The app model in general has meant that we have given up tremendous amounts of privacy and security in general for the sake of connivence.

If I were the developer of this app I would've approached things from the inception with the question of "How do I get people to trust me who absolutely should not trust me?"

That said, it is always easier to tear down than it is to build.

If I were an at risk individual I would likely opt to use the app myself assuming I could share general location instead of specific location. In areas like LA there is likely a lot of data flowing in that would not help a malicious actor if the location is not specific.

I just did. Could you be more specific about what you're asking?

You can develop apps on Android that do not utilize the notification system that sends information to Google.

There's an entire development system called f droid that specifically focus on not utilizing Google services or Android services.

Graphene was entirely correct in their through critism of the application as some one that works with application security and privacy professionally.

My main concern is that the app isn't open source. I don't trust any software that isn't fully open source.