http://isdb4l77sjqoy2qq7ipum6x3at6hyn3jmxfx4zdhc72ufbmuq4ilwkqd.onion/security/index.html
For example, we do not consider SimpleX secure against the following classes of attacks: CPU/hardware flaws. physical observation side channels (e.g. power consumption, EM emissions, etc). Further, any user data stored on the device can be accessed with user's or root privileges, such as: user files in the app storage (encrypted or not, depending on the app settings). encrypted database. database encryption key in case it is stored on the device.