Don't trust exodus website result

The exodus website is using ir testing the apps from Google play store and not from f-droid. So it could be, that there are different versions are available. Example : telegram or twidere.

The exodus website is than showing the resolut of the playstore apk with trackers. But the version in f-droid (most times older) has no trackers or only the ‘good’ 143org.acra tracker. Which is an open source framework for crash reporting.

From my site if view, you should install an app from f-droid and than proof it with ClassyShark. That’s the better way

3 Likes

Good point.

I think it would also be useful if we could create a list of trackers – the real ones, the bad ones – and write what they do or what they are likely to do.

ClassyShark it is stand alone that is not exodus whom search in exodus server what exodus think about the package name and don’t care where it from.
for user who use many repository /e/apps f-droid they will compare with what they find in google store.

But that’s the problem and the users will get wrong information. That’s the reason i have created this post.
Better using ClassyShark offline on your phone to get the right information about ‘YOUR’ apps and not from play store.

1 Like

Or maybe ask to exodus (that is free software) to add ofline analyse like ClassyShark and help them…

Why, ClassyShark is available and good.

1 Like

As far as I understand it, Exodus is more interested in Google Play commercial apps, whereas ClassyShark is interested in anything you installed on your phone.

So if you installed a dubious app, and most commercial apps are dubious at best, run ClassyShark and if it does not pass the test (if there are trackers), just delete it.

That’s it :smiley: :+1::+1::+1:

I only use ClassyShark, recommended :ok_hand:

Is there maybe an app that checks the whole system for trackers? I mean all the installed apps?
Or using classyshark one by one on apps is the only way?

This is what i’ve done, then once you have done the all pre installed apps, you only need to scan them individually as you install them, with aurora you can manually download apk first and scan before you even install it.

2 Likes

I just used the app Exodus Privacy to check all the installed apps. I do not install apps with trackers (it turned out one of the apps I used had Crashlytics but deleted it by now).

I wonder why the out-of-the-box microG Services Core has 3 trackers:

  • Google Analytics
  • Google Doubleclick
  • Google Firebase Analytics
    Are these false positives by Exodus Privacy? Sometimes an analysis show trackers which are actually not in use.

This is where the MicroG packages come from. We pick up the latest builds and add them to the builds.

Yes, this is why I’m wondering. This is from wikipedia: “MicroG as “the framework (libraries, services, patches) to create a fully-compatible Android distribution without any proprietary Google components”. … it has been considered as a way around Google’s Huawei ban.”

If I understand correctly, the whole purpose of microG is getting rid of evil (proprietary) google. What would be interesting to know is what kind of data google receives if there is microG on the phone. Is it correct, that e.g. using Signal means that google receives the IMEI number (even without google play services)? Some clarification regarding those trackers by microG would be helpful too.

Google play services is one spying tool. But there are some spying code in android sources and in a lot of apps like gmail or gmaps or Whatsapp or FB and and and.
That means only replacing google play services is only one step.

And … this has all nothing to do with the original topic of this post. I would prefer to open a new one. Thx