Originally Posted by
cl3537
Yes we are in agreement, I speak with someone who was in the reverse channels for cracking the API and he doesn't believe its the signature (however they don't know a bunch of fields for the signature(UK6s) so the bossland hash could still be the problem. But they do know that the login flow was wrong for all bots and they don't fix it quickly enough for people to be safe. He beleives it is in the libraries the bots are using and incomplete information, and given there are only a few bots left its pretty easy for Niantic to look at these bots and key in on missing data.