Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

package defpackage #88

Open
kaputnikGo opened this issue Oct 5, 2020 · 0 comments
Open

package defpackage #88

kaputnikGo opened this issue Oct 5, 2020 · 0 comments
Labels
tracker Issue about the tracker database

Comments

@kaputnikGo
Copy link

i have been seeing some of these signatures "package defpackage" and they do things like this:
import com.facebook.FacebookSdk
and
import android.media.AudioRecord;

they tend to have obfuscated class names, such as:
public static final aeyd a = aeyd.a("aasl");

and generally seem to be doing a lot of things that would ordinarily be of interest to Exodus in terms of tracking etc, which makes me think that the generic defpackage name is being used as a way of bypassing signature detection and allowing multiple sdks to be incorporated into an app via this single signature.

currently looking into this app:
https://reports.exodus-privacy.eu.org/en/reports/149926/

and i also note that com.facebook.FacebookSdk doesn't register in Exodus.
this class makes many calls to "defpackage.*"
@pnu-s pnu-s transferred this issue from Exodus-Privacy/exodus Oct 8, 2020
@pnu-s pnu-s added the tracker Issue about the tracker database label Oct 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
tracker Issue about the tracker database
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pnu-s @kaputnikGo