Ramblings of a Tampa engineer

This is my first Android APK Teardown. The idea comes from Android Police. The general idea is to decode the application and generate a diff report between the previous version. Then inform the public what you found.

So lets start. Seeing how this is my first one. I'll give you a little heads up of what I do. I will disassemble the application and make a comparison between the previous latest version and the version I'm tearing down. In this example we will use 1.43.0.  Some terms to learn that I will use often and expect you to understand:

  • Disassemble = Decode the APK into .smali (disassembled java) and resources (xml, images, etc)
  • Resources = Images, templates, layouts, strings, things that make the "visuals"
  • Source = The disassembled java. In Ingress, this Java is obfuscated so comparing obfuscated smali is very difficult. Our main comparisons will be resource based.
  • APK = The package that Android Applications come in
I'd rather not explain the tools involved, even though I maintain one of them :p

Ingress 1.43.0 Teardown

Region Scores

I saw many new additions of strings and data called
Also included were some images called "player_marker" and "region_bounds". This is probably an overlay for the scanner to help find regions.  My hopes with this, is that we are nearing an extra feature where instead of a constant "global" fight. There are smaller "regional" fights. For example, my city stays blue 90% of the time, but other cities stay green. Hopefully this change will add an extra layer of smaller warfare and encourage players to fight for control of their region.

New Graphics


There were also new images in (hdmi, xhdmi, xxhdmi)

Don't really know what these are for. I was hoping for a level 9 or 10 image, but no luck there. Maybe this is a new representative of player cards of some alternative view.

SMS Verification

There was a ton of stuff about SMS verification on top of included phone number meta-data for a huge amount of states and countries

I hope this is an attempt to stop spoofing. If you think about banned spoofers. They just create a new email and viola: new spoofer account. It seems this method of SMS verification might enable users to verify their phone number to play. Immediately, this might prevent users who play using tablets via bluetooth sharing their GPS from an iPhone, but it's still progress towards stopping spoofers nonetheless.

Google Play Services Checks

Another hint towards blocking spoofing, is a new integers.xml file I found
<integer name="google_play_services_version">4030500</integer>
Along with another change in the manifest.
<meta-data android:name="com.google.android.gms.version" android:value="@integer/google_play_services_version"/>
This I hope again, is trying to force users to keep their Google Play Services updated, as a method to keep spoofed clients out of play.


<service android:exported="false" android:name="com.nianticproject.ingress.alarms.NemesisAlarmHandlingService"/>
Once a service has been created. You know alarms are coming. What for though? Not exactly sure, though its onHandleIntent for the alarm pauses the location tracker (as seen below with a snippet of code).
const-string/jumbo v1, "com.nianticproject.ingress.ACTION_PAUSE_LOCATION_TRACKER"

invoke-virtual {v1, v0}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z

Wallets, Redeems, Plus Ones, Sharing?


I saw many usages of "plus one", "communities", "loyalty", "card", "wallet". Things also pointed to Item Rewards. None of it sounds good personally, due to the nature of micro-transactions, though I couldn't find any resources yet, just source. So this means there are no public facing resources yet for this "backend" code.

Last minute thoughts, ending comments

I found things called "GlyphResults" and "Glyphs". Not sure what it means or how it ties into the scanner. Maybe the next version will have more keys or information to this.

Now, this was my first teardown. Maybe this is known knowledge. O well, had to start somewhere.

I'm starting to realize that I need to cleanup my Wordpress as well. I need to find a good lightbox plugin, so images don't take two clicks to view and return back to post. Along with my narrow post view and lack of code highlighting. I need some work on this.

With that, my first teardown. Hope you liked it.

Ingress 1.43.1 Teardown

EDIT: 1.43.1 has been released. This is the smallest update ever but thats because it is a X.X.1 release (generally for bug fixes). This update supposedly brought "Regional Scoring", which we discovered on the above teardown but the only changes in the entire APK were 5 slightly changed images, two variable renames and 3 source file changes (as shown below).


const-string/jumbo v0, "2014-01-08T20:59:14Z d1b40fbfabeb opt"


const-string/jumbo v0, "2014-01-14T18:01:09Z d10d7b7cce81 opt"

Funny thing is, this APK was launched yesterday (January 17, 2014), but it is labeled as being built on the 14th. That is when 1.43.0 came out, guess I don't understand their build/test procedure at Niantic. My guess is that they rolled out 1.43.0 to everyone in order for Regional Scoring to begin working, except you needed 1.43.1 to actually see it. (This was left in the hands of testers and Niantic, since the build dates of the APK's don't line up with when they were released).

I'm a bit confused how such little changes "activated" the Intel tab. All that happened was a few images and a build date change. There must of been a server side check for 1.43.1  as the regional code was running in the background without a visual since 1.43.0. I'm tempted when a new version is announced but not yet available to spoof my version to the next one.

On second thought, I don't want to be banned. We will only stay with reading the APK and understanding it. Never rebuilding it.

You’ve successfully subscribed to Connor Tumbleson
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Success! Your email is updated.
Your link has expired
Success! Check your email for magic link to sign-in.