marek22k
commented
1 month ago Maybe you could also release it on IzzyOnDroid? @IzzySoft
Open alexandervlpl opened 4 months ago
marek22k
commented
1 month ago Maybe you could also release it on IzzyOnDroid? @IzzySoft
IzzySoft
commented
1 month ago I could take a look if there were an app description and some screenshots. We can hardly list an app without at least a proper description, right? :wink:
marek22k
commented
1 month ago Maybe you can use the description from the Google Play app store? https://play.google.com/store/apps/details?id=org.amnezia.awg
IzzySoft
commented
1 month ago That could indeed be done, thanks for the pointer! But checking the APK, I see 2 issues here:
SigningBlock blobs:
-------------------
0x6dff800d (SOURCE_STAMP_V2_BLOCK; GOOGLE)So this APK was not signed by the developer. And right:
Number of signers: 1
Signer #1 certificate DN: CN=Android, OU=Android, O=Google Inc., L=Mountain View, ST=California, C=US
Signer #1 certificate SHA-256 digest: 76e3a7128368b69e24f752247cee4dbfe9bda4870d95e829cdb99548eb339f90
Signer #1 certificate SHA-1 digest: 3968d4868d2c2b671e64b21203e0b1868d6782d9
Signer #1 certificate MD5 digest: 58ebc8102516e6ca0a2daf3b97b74e70
Signer #1 key algorithm: RSA
Signer #1 key size (bits): 4096@pokamest would it be possible to provide an APK you've signed yourself with your own key, which then also would come without that blob? Google is not exactly known for transparency, so with them having signed your APK we cannot be sure what else they might have added.
Great work! It would be nice to see an F-Droid release. This makes the app harder to block and increases confidence that it's open source and respects privacy.