00:06:12 <boog900[m]> > nacl.bindin.crypto_scalarmult_ed25519_noclamp throws an error when I try to multiply by 8 (int(8).to_bytes(32, byteorder="little")).
00:06:12 <boog900[m]> libsodium checks if the point is on the prime-order subgroup before performing the multiplication and as the point your multiplying isn't it returns an error 
00:06:12 <boog900[m]> > nacl.bindings.crypto_core_ed25519_is_valid_point says the original hash_to_point value (before adding it to itself 8 times) is not a valid EC point.
00:06:12 <boog900[m]> This function checks (among other things) if the point is on the on the prime-order subgroup and as the original point isn't it returns false.
00:09:47 <boog900[m]> <anonimauzanto[m]> "After many hours of searching it..." <- monero's hash to point is non-standard IIRC and the documentation for this function says `The point is guaranteed to be on the main subgroup.` so i would say this is not equivalent 
00:12:00 <anonimauzanto[m]> Am I incorrect in assuming that the prime order subgroup is the same thing as the main subgroup?
00:23:39 <boog900[m]> nah they are the same thing 
00:42:12 <anonimauzanto[m]> If I have time in the next few days I may try to modify the pynacl library to include crypto_core_ed25519_from_uniform to test against key_image calculation. I do not use C/C++ so I cannot test the source functionality. Thank you boog900~
03:55:51 <anonimauzanto[m]> Interesting, I modified the pynacl wrapper to expose the crypto_core_ed25519_from_uniform function, and with modulus applied to the keccak hash results it produces almost the appropriate hashed point. With a slight change to the point compression encoding I have matching key image results.
03:56:08 <anonimauzanto[m]> Here is the python code I used. It requires pynacl to be modified to expose the function.
03:56:23 * anonimauzanto[m] posted a file: (1KiB) < https://libera.ems.host/_matrix/media/v3/download/matrix.org/nhwSjiAitTMFGGDmKwOUOVmd/testing_nacl_from_uniform.py >
05:54:59 <alandamjanic[m]> <bcrumb> "I use local, it's weird that it..." <- sdd it says, i am syncing, takes whole day, occupies a lot of local memory space, internet is so so but enough for most things. but monero jams things usually. is it possible that remote nodes are much faster? and how are they less secure, what most of monero users are using, local or remote. for example, who ever doed it from smartphone it has to be remote?
11:03:22 <tevador> https://www.reddit.com/r/Monero/comments/134jbdt/security_advisory_new_attack_from_malicious
11:18:04 <DanIsnotthemanBr> Why not post in dev room if its a world ender
11:20:01 <ofrnxmr[m]> dev presumably already knows
11:20:29 <ofrnxmr[m]> as this went through hackerone and hasnt been disclosed yet
11:21:35 <DanIsnotthemanBr> Looks like there going to disclose it
11:22:23 <ofrnxmr[m]> yep. i wonder if it mostly effects simple-mode users
11:23:00 <xfedex[m]> i wonder if it also affects remote nodes throughout tor, but probably yes
11:23:12 <ofrnxmr[m]> or if hes referring to s*th traitor type nodes (/s)
11:23:26 <DanIsnotthemanBr> Maybe
11:23:37 <DanIsnotthemanBr> Sith lord
11:24:08 <DanIsnotthemanBr> Lets guess the vul
11:24:25 <ofrnxmr[m]> thats probably the crux of the issue. a lot of people use sith nodes.
11:24:31 <ofrnxmr[m]> decoy poisoning
11:24:33 <DanIsnotthemanBr> Morbs break decoys
11:25:03 <xfedex[m]> or maybe the issue is linked to Known ring does not include spent output
11:25:06 <DanIsnotthemanBr> Yeah cake,feather use sith
11:26:28 <ofrnxmr[m]> xfedex[m]: so poisoning with fake decoys? dig dig dig
11:26:28 <ofrnxmr[m]> im gonna check hackerone 
11:31:33 <DanIsnotthemanBr> Ima go to sleep
11:33:26 <ofrnxmr[m]> how can you sleep knowing seth is sleeping well?
11:33:44 <ofrnxmr[m]> s/seth/sith/
11:34:11 <DanIsnotthemanBr> His asmr voice puts me to sleep
11:35:20 <ofrnxmr[m]> i should try that
11:36:10 <ofrnxmr[m]> ive never actually heard him speak. im just a hater who hates him for not acknowledging me
11:48:27 <modul8[m]> Should have used my own node. SHUMON
11:48:33 <DanIsnotthemanBr> https://hackerone.com/monero/hacktivity
11:49:28 <ofrnxmr[m]> hopefully disclosed soon
11:51:06 <DanIsnotthemanBr> Who would they report it to anyway?
11:51:16 <DanIsnotthemanBr> On dev team
11:51:44 <modul8[m]> Would be interesting to know what is meant by more than loss of privacy but no fund loss
11:52:26 <mlcboss[m]> what app can i use for having multiple numbers for sms & calls?
11:52:26 <mlcboss[m]> it will be great if it accept monero but im ok with paying with cc / appstore
11:52:26 <mlcboss[m]> i need one with asian numbers (Singapore , India , etc) 
11:52:26 <mlcboss[m]> not western (US,UK,Canada)
11:53:10 <DanIsnotthemanBr> Sounds decoy issue
11:53:18 <DanIsnotthemanBr> * Sounds like decoy issue
11:53:44 <DanIsnotthemanBr> Security response team
11:53:44 <DanIsnotthemanBr> luigi1111
11:53:44 <DanIsnotthemanBr> moneromooo
11:55:24 <ofrnxmr[m]> our main devs, yeah
11:56:00 <ofrnxmr[m]> koe, vtnerd, luigi, mooo etc respond to hackerone
11:56:16 <ofrnxmr[m]> ooo doesnt seen to like H1 lolol
11:56:23 <mlcboss[m]> is it risky to use a web wallet?
11:56:40 <ofrnxmr[m]> (he reported and fixed multisig)
11:56:44 <ofrnxmr[m]> mlcboss[m]: duh
11:57:12 <ofrnxmr[m]> when has ysing a web wallet ever been a good idea?
11:57:12 <mlcboss[m]> ofrnxmr[m]: can they track my spendings?
11:57:17 <ofrnxmr[m]> aside from"when it was the only option"
11:57:47 <ofrnxmr[m]> mlcboss[m]: yes
11:58:11 <ofrnxmr[m]> thats what a light wallet is. it does the scanning for you
11:59:20 <mlcboss[m]> is it bad to run xmr node on VPS?
11:59:29 <ofrnxmr[m]> while the view key TECHNICALLY doesnt show your spends, its a simple matter to them to  fingerorint change 
11:59:32 <ofrnxmr[m]> mlcboss[m]: yes
11:59:56 <ofrnxmr[m]> ... but define bad? for who?
12:00:50 <ofrnxmr[m]> centralizing nodes on 1 provider helps with purchasing bandwidth to seed tge network
12:01:06 <modul8[m]> I guess we gotta take the bad with thr good https://github.com/monero-project/monero/issues/8827
12:01:08 <ofrnxmr[m]> it also opens up centralized attack points
12:02:18 <mlcboss[m]> ofrnxmr[m]: is there a way to hide my xmr wallet on my computer?
12:02:29 <ofrnxmr[m]> ?
12:02:33 <ofrnxmr[m]> from who?
12:02:42 <ofrnxmr[m]> from your wife?
12:02:54 <ofrnxmr[m]> from your isp?
12:03:12 <mlcboss[m]> ofrnxmr[m]: i can't tell you but i need it to be hidden 
12:03:27 <ofrnxmr[m]> good luck
12:03:43 <ofrnxmr[m]> i cant help if im expected to be psychic
12:04:22 <modul8[m]> Use a vpn and store your monero on a portable ssd
12:04:25 <ofrnxmr[m]> my psychic powers are exhausting. i only use them occasionally
12:04:41 <ofrnxmr[m]> modul8[m]: that doesnt hide from isp or wife
12:04:51 <mlcboss[m]> ofrnxmr[m]: is
12:04:59 <mlcboss[m]> not an ISP
12:05:14 <ofrnxmr[m]> maybe from coffe shop wifi
12:05:15 <modul8[m]> Prison wallet cant kind a portablr nvme usb adapter?
12:05:24 <modul8[m]> *hide
12:05:45 <DanIsnotthemanBr> Like encrypted drive?
12:06:05 <ofrnxmr[m]> border agebts? delete the wallet
12:06:08 <mlcboss[m]> why is it matters anyways , i just don't want having a coin that used for illegal shit wallet in my PC 
12:06:12 <ofrnxmr[m]> only keep seed in an encrypted backup
12:06:25 <modul8[m]> Without knowing the goal nobody can give you a good answer
12:06:38 <DanIsnotthemanBr> ^
12:06:40 <ofrnxmr[m]> mlcboss[m]: eat s rooster then
12:06:47 <ofrnxmr[m]> a*
12:06:57 <ofrnxmr[m]> go use btc
12:07:33 <ofrnxmr[m]> and give me all of your cash please
12:07:34 <DanIsnotthemanBr> I put mine in btrfs drive
12:07:54 <DanIsnotthemanBr> Is that the answer your looking for?
12:08:03 <modul8[m]> mlcboss[m]: Spend some monero on a new laptop that only you use and nobody knows about. Easy.
12:08:39 <ofrnxmr[m]> "illegal shit money"
12:08:43 <ofrnxmr[m]> insanity
12:08:47 <ofrnxmr[m]> get out of your dumbass crypto bubble
12:08:51 <ofrnxmr[m]> money IS private
12:09:01 <modul8[m]> Oh hang on..he is judging us!!
12:09:11 <DanIsnotthemanBr> Sunno
12:09:21 <DanIsnotthemanBr> * Dunno
12:09:32 <ofrnxmr[m]> just because scam 1-1000 dog coin isnt, has nothing to do with fundanental properties on money
12:09:41 <ofrnxmr[m]> "illegal shit"
12:10:06 <ofrnxmr[m]> yall weirdos are trying to reinvent the wheel by adding corners
12:10:13 <mlcboss[m]> modul8[m]: ok fine , someone suspect me I'm doing illegal stuff 
12:10:13 <mlcboss[m]> cause they once see my computer had a Tor Browser on it 
12:10:13 <mlcboss[m]> i can't tell you who it is cause is private
12:10:37 <ofrnxmr[m]> so delete it
12:10:41 <ofrnxmr[m]> or do like me
12:10:50 <ofrnxmr[m]> and tell them to eat a rooster
12:11:12 <DanIsnotthemanBr> Fyi its not illegal to use tor
12:11:15 <ofrnxmr[m]> my exchange account was frozen a few days ago
12:11:31 <DanIsnotthemanBr> Considering us navy created onion routing
12:11:35 <ofrnxmr[m]> they wanted to know what im doing and why my ltc address is always empty
12:11:47 <ofrnxmr[m]> said they trued to call me
12:12:08 <ofrnxmr[m]> i told them "x m r, when are you relisting?"
12:12:26 <ofrnxmr[m]> account > unblocked
12:12:27 <mlcboss[m]> ofrnxmr[m]: i already did and only use mymonero web wallet on pc rentals
12:12:54 <DanIsnotthemanBr> -.-
12:13:06 <ofrnxmr[m]> mlcboss[m]: bananas
12:13:12 <ofrnxmr[m]> mymonero > might as well just use monero from he police officers car laptop
12:13:31 <DanIsnotthemanBr> Now gonna go to sleep tldr me later
12:13:33 <mlcboss[m]> DanIsnotthemanBr: i know normies see Tor as a browser used by hacker and criminals 
12:13:33 <mlcboss[m]> they don't even know it was made for privacy & anonymity
12:13:54 <ofrnxmr[m]> i use tor, i2p, moneo, torrents, youtube
12:14:42 <DanIsnotthemanBr> Terrorist
12:14:43 <ofrnxmr[m]> so because stupid people cab tie their shoes >> i will no longer wear shoes
12:14:46 <ofrnxmr[m]> cmon man
12:14:48 <DanIsnotthemanBr> Ok bye
12:15:29 <ofrnxmr[m]> gnite D
12:15:31 <ofrnxmr[m]> s/cab/cant/
12:15:50 <modul8[m]> They say weed makes you paranoid
12:15:51 <ofrnxmr[m]> these idiots say cooking burns down houses. only allowed to buy fast food > cmon man
12:16:04 <ofrnxmr[m]> modul8[m]: coke*
12:16:37 <ofrnxmr[m]> caffeine*
12:16:37 <ofrnxmr[m]> nicotine*
12:17:11 <modul8[m]> I think i misjudged how long ungoogle chromium takes to build
12:20:38 <mlcboss[m]> <ofrnxmr[m]> "i use tor, i2p, moneo, torrents,..." <- sadly Youtube is very unfriendly towards Tor user 
12:20:38 <mlcboss[m]> to solve this , i searched the video title on the web and watch it on random website that reposted the same vid
12:24:11 <mlcboss[m]> vimeo , daily motion , voice tube and other brick & mortar youtube clone
12:38:10 <ofrnxmr[m]> youre not an android user, are you
12:38:20 <ofrnxmr[m]> #monero-offtopic:monero.social  lets cont. there
12:56:44 <toralien[m]> someone should code a GPT (some FOSS derivative) / LLAMA / OpenAssitant based crypto wallet
12:57:13 <toralien[m]> instead of having the user need to do txs and control stuff by themselves it should be a dialog based wallet
12:57:30 <toralien[m]> this might be more something for ethereum though, who knows
14:25:30 <monerobull[m]> Didn't some wallet do that as April fools
15:40:40 <politicalweasel[> who needs tx_extra when you have output spam? 1095 bytes of data per tx. Aint it beautiful? https://stagenet.xmrchain.net/tx/c394b0b98259818af8e2e4eb6b99b8899c062806fdb0ac4b7d1ef5e97a125acb https://imgur.com/a/0NfBEL6
16:11:52 <ofrnxmr[m]> Isnt that a typical 16 out
16:13:14 <ofrnxmr[m]> 3,2kb 1:2 looks pretty normal iirc
16:13:51 <ofrnxmr[m]> https://xmrchain.net/tx/2a1775cb15ac83b9f353999817538af95163c6d31fbd8bac3b9ebaa7205f49b3
17:04:48 <kowalabearhugs-[> I'm surprised the dev and MRL channels have been quite since the announcement of a vulnerability in wallets that can be exploited by a malicious remote node. The latter were already questionable for an opsec POV, i believe logging and decoy selection were know issues, but this seems more severe. 
17:05:41 <toralien[m]> ofrnxmr is a fed
17:05:51 <toralien[m]> * a fed MAYBE
17:06:01 <toralien[m]> i am entitled to an opinion
17:06:12 <toralien[m]> he talks so much shit constantly, according to the cia playbook
17:09:28 <selsta> kowalabearhugs-[: it has always been known that remote nodes can feed you bad data
17:10:55 <kowalabearhugs-[> selsta: Yes. Has "bad data" traditionally referred to the DSA?
17:11:51 <kowalabearhugs-[> "The impact of the exploit is more than just privacy loss" makes it seem like a larger issues than a remote node simply feeding skewed decoys
17:12:11 <ofrnxmr[m]> <toralien[m]> "ofrnxmr is a fed" <- 100%. tell em
17:13:00 <boog900[m]> Well the fee bug is an example of an attack more than just privacy loss 
17:13:15 <selsta> the whole point of having a separate daemon and wallet is that you separate responsibilities
17:13:29 <selsta> adding checks to the wallet can be done if they don't have too much of an performance impact
17:13:48 <someoneelse49549> kowalabearhugs-[: The fact that this is a Medium CVE is already a flag. Now, this wouldn't (and isn't) a good idea, to disclose informations about the vulnerability while a decision hasn't been made.
17:13:50 <toralien[m]> ofrnxmr[m]: as far as i know you are on some xmr communit something and you are the only person i express dissatisfaction with noting that i am a donator
17:13:55 <toralien[m]> s/communit/community/
17:13:59 <ofrnxmr[m]> toralien:  before you start shitosting #monero-offtopic:monero.social 
17:14:12 <spackle_xmr[m]> selsta: Can you confirm this new announcement is genuine?
17:14:12 <Alex|LocalMonero> selsta: are you aware of the details of the vulnerability?
17:14:12 <spackle_xmr[m]> If it is, I am very surprised that it was decided to release a 'security advisory' on Reddit and nowhere else.
17:14:18 <toralien[m]> toralien[m]: not due to work done but because of the constant manner of behaviour
17:14:21 <ofrnxmr[m]> im not on anything
17:14:42 <toralien[m]> then i am content
17:14:51 <ofrnxmr[m]> rip
17:15:36 <selsta> Alex|LocalMonero: yes
17:35:00 <politicalweasel[> <ofrnxmr[m]> "Isnt that a typical 16 out" <- It's XOR'ed. If you take the first vout key and XOR with the first outPk, 2nd with 2nd, 3rd with 4rd, etc, you'll see it
17:35:15 <politicalweasel[> s/4rd/3rd/
17:36:55 <ofrnxmr[m]> yeahh i didnt even check more details first (didnt even see in in/out). apologies i had written a follow up reply but didnt send
17:41:27 <r4v3r23[m]> is there an XMPP > gaytrix bridge?
18:04:38 <lza_menace> Thought it is dANBs
18:04:45 <lza_menace> maybe bridgerton 
18:15:27 <selsta> https://old.reddit.com/r/Monero/comments/134jbdt/security_advisory_new_attack_from_malicious/jigkpgj/
18:15:31 <selsta> spackle_xmr[m] and others who asked
18:17:54 <spackle_xmr[m]> selsta: Thank you. I still don't understand why Reddit was used as the only channel to communicate the advisory, but that certainly clears things up.
18:24:14 <selsta> In the past we haven't put out advisories for medium severity bugs before they were fixed.
18:24:27 <selsta> 90 days had passed so tevador was allowed to post about it per the VRP.
18:26:51 <xfedex[m]> oh, that "vulnerability" was known for a long time
18:27:41 <lza_menace> reddit seems like the place with the largest audience
18:27:54 <lza_menace> twitter would have been good, too, though
18:40:23 <spackle_xmr[m]> I mention it more out of a concern for people using Reddit as an authoritative source for receiving security related announcements. I don't trust Reddit, and the situation seems exploitable to me.
18:40:23 <spackle_xmr[m]> Anyways, I appreciate the information. I'll shut up and go back to polishing my tinfoil hat.
18:50:55 <Rucknium[m]> It would be a good time to sign statements with PGP keys.
18:57:11 <selsta> Rucknium[m]: we did that here https://www.getmonero.org/2021/12/06/vulnerability-multisig.html
18:58:15 <Rucknium[m]> Thanks. That is the memory that I recalled.
18:59:48 <Rucknium[m]> It appears in this instance that tevador was free to choose to sign (or not) the statement with his/her PGP key.
19:51:36 <DanIsnotthemanBr> So world is not ending?
19:52:18 <uncle_rae> the sky is falling down
19:53:30 <DanIsnotthemanBr> Sounds like i didnt get my way so i posted in reddit and made it bigger then ben-hur
19:53:41 <DanIsnotthemanBr> Vulnerability
19:55:12 <selsta> it's a valid vulnerability but definitely not world ending
19:56:24 <selsta> I'm happy that tevador found a good solution with the RandomX change, otherwise we would have had to wait until Seraphis to mitigate this.
19:56:52 <RavFX> Don't we still have to hardfork?
19:57:35 <selsta> yes, but we will likely hard fork Bulletproofs++ and the RandomX change before Seraphis
19:57:45 <RavFX> Oh, nice then
19:59:41 <DanIsnotthemanBr> Out of all this at least i know there is hackerone reporting for monero now
20:02:21 <kowalabearhugs-[> selsta: Given the next HF is likely more than 6 months away do you have any idea where things stand with OSPEAD and its potential inclusion?
20:03:53 <selsta> Rucknium[m]: ^
20:05:39 <Rucknium[m]> kowalabearhugs-: If the hard fork was 3 months away, we could include OSPEAD, but it would be close. If more than 3 months, we could easily include it.
20:06:40 <selsta> definitely more than 3 months away since
20:07:32 <Rucknium[m]> OSPEAD is a wallet-level change that doesn't require a hard fork. However, we have not evaluated the risk of having two significantly different decoy selection algorithms being used by the reference implementation (wallet2). It could be evaluated (I have some possible methods), but it is out of scope for the original OSPEAD CCS.
20:08:58 <Rucknium[m]> The question is how easily an adversary could distinguish between the two decoy selection algorithms and whether that would give them an advantage in trying to guess what output in a ring is the real spend.
20:10:29 <Rucknium[m]> We don't really have to answer that question if OSPEAD is implemented in a hard fork since all users who want to use the hard-forked chain would use the updated wallet2, either directly or through a "third-party" wallet.
20:12:00 <Rucknium[m]> We know that there are "third-party" wallets that don't use the wallet2 decoy selection algorithm, but that's out of scope of this issue unless something like this is done: https://github.com/monero-project/research-lab/issues/87
20:14:07 <Rucknium[m]> Another related issue is "Avoid selecting coinbase outputs as decoys" https://github.com/monero-project/research-lab/issues/109
20:15:37 <Rucknium[m]> jeffro256 has written code to implement it. But an adversary may be able to guess that a user would be using the decoy selection algorithm that avoids coinbases.
20:16:46 <Rucknium[m]> Implementing it ^ with a hard fork would mostly avoid the wallet software version distinguishability issue.
20:18:57 <Rucknium[m]> Distinguishability is easier to analyze with the coinbase avoidance proposal because it's basically a set of binary choices, which would create a binomial probability distribution. The OSPEAD change is a change in the continuous probability distribution, which is harder to analyze.
20:20:08 <Rucknium[m]> Harder, but not impossible. Like I said, I have some ideas about how it could be done. It requires research labour hours to check things to be sure, test, etc.
20:48:20 <xxxmr[m]> 🐟
22:30:13 <L3M0R> Hi. Any recommendation for mobile wallets?
22:31:00 <L3M0R> I tried Monerujo but it kept crashing
22:32:11 <kico> L3M0R, android?
22:32:16 <L3M0R> Yes
22:32:58 <kico> hmm never had issues with monerujo on android
22:33:36 <L3M0R> It crashed while grabbing keys from my password manager
22:33:50 <kico> you can try cake maybe
22:34:06 <L3M0R> Maybe?
22:35:36 <kico> I dunno
22:35:51 <L3M0R> lol. Alright I'll into it. Thanks
22:35:57 <kico> try cake?
22:35:58 <kico> https://cakewallet.com/
22:36:35 <kico> is your android up to date? also the app? re-install might help
22:37:24 <kico> or just reach out to their support :)
22:37:25 <kico> https://www.monerujo.io/index.html#support
22:37:35 <kico> np
22:37:43 <L3M0R> Yes, and I got the app from play store
22:38:57 <kico> what do you mean with the password manager?
22:39:04 <L3M0R> keepassxc
22:39:22 <kico> it interacts with the app?
22:39:51 <L3M0R> keepass2android to be exact. It has its own keyboard which allows you to fill entries
22:40:12 <kico> yeah no clue on that
22:40:26 <L3M0R> As soon as I entered my key, it froze.
22:41:08 <L3M0R> Now I feel like creating a new wallet :P
22:41:56 <kico> good luck :)
22:42:43 <kico> but maybe try add monerujo as exception on that thingy and see if it works
22:43:20 <L3M0R> I'll try again.
22:44:35 <L3M0R> one more thing, is LocalMonero a good way to buy XMR?
22:45:34 <kico> yeah
22:46:02 <kico> L3M0R, here https://kycnot.me/
22:46:22 <L3M0R> damn
22:46:24 <L3M0R> Thanks!
22:46:38 <kico> (: yw!
22:47:55 <L3M0R> But are these reliable/trustable?
22:49:41 <kico> DYOR iGuess otherwise it's just my opinion
22:56:04 <L3M0R> fair enough
23:06:48 <L3M0R> kico: I tried installing monerujo through Fdroid and Google play protect is displaying a warning "Harmful app blocked"
23:07:09 <kico> lol
23:07:27 <kico> sorry can't help :\
23:07:45 <L3M0R> that's ok
23:07:50 <kico> oh yeah fdroid
23:07:57 <kico> will not work on normal android
23:08:10 <L3M0R> But then Google play installed some old version
23:08:12 <kico> only version on appstore will
23:08:19 <kico> google play 
23:08:46 <kico> for fdroid you would need https://f-droid.org/
23:09:10 <L3M0R> Yea I added the repo
23:09:19 <L3M0R> and installed the app and the warning showed up
23:09:33 <kico> but if you install the app from google play works?
23:09:51 <L3M0R> It runs, but with no warnings
23:10:23 <kico> not sure there is a chan for monerujo on irc
23:10:53 <L3M0R> ok
23:10:56 <kico> you should try support :)
23:11:17 <L3M0R> let me try cake
23:11:34 <L3M0R> But I like the aesthetics of Monerujo
23:22:26 <jamss[m]> <L3M0R> "and installed the app and the..." <- There's an option in settings that allows apps to be installed from an unknown source
23:22:59 <L3M0R> That is enabled
23:23:22 <L3M0R> It was Google Play Protect warning
23:24:49 <jamss[m]> Oh I think that's a setting inside Google play app