Robert Vollmer

I don't know if this has something to do with the issue, it's just a guess. The easiest way to try would be to move a few apps back to...

Question to you guys: I could sign further things with the same key as the Xposed Installer (which has been downloaded millions of times since 2012, so it should be...

> This is talking about Android OS release builds but I'm assuming the xposed zip is similar. The Xposed ZIPs can only be flashed using custom recoveries like TWRP. As...

> This short article is worth reading: https://tails.boum.org/doc/get/trusting_tails_signing_key/ Seems to be down... As I realized that extracting the key from the APK and using it to verify signatures on other...

> Involving multiple third parties is actually a great strength. Sure. Nevertheless, isn't it a false sense of security to rely on how many people trust a certain key? Couldn't...

OK, after some hours of digging into GPG-related documents, I was finally able to generate a new key (7235F333, sign-only) and a subkey (852109AA, sign-only), transfer only the secret of...

@foresto Any chance you could give me some short feedback on my questions/remarks above?

Sure, no problem. Just FYI, I have gone forward and sent my master key to a PGP keyserver: https://pgp.mit.edu/pks/lookup?op=vindex&fingerprint=on&search=0xE82F08717235F333 I think that should also include the subkey, so it should...

Thanks for your patience and reply! > You might also consider making the subkey passphrase different from the master key passphrase. Already done. > By the way, it occurs to...

Was the process name the same? This function might indeed be called multiple times in the same process if multiple packages/APKs are loaded in the same process. That can be...