I was one of the users who also participated in the discussions, while also participating in inquiries to discover who MobiMe actually is. I think we affected users figured it out, and the person behind MobiMe is the same person listed as the Key Principal for MobiMe's profile on Dun&Bradstreet [3]. There's also other corroborating evidence, while circumstantial and coincidental, that was noteworthy and generated a further sense of suspicion. He would delete every post containing BENABID's full name, and then lock the discussion or delete the discussion entirely. (Don't worry, his name is in public records for the company, it was never private information)
Throughout the entire ordeal, from the beginning of responding to users, to the very end, he continued to lie, attempted to deceive, and assumed that we, the damaged users, were fools. I really don't know what he was thinking. Or if he was partially using an LLM to generate responses. If you look at the series of events, from the App Store log of Raivo, to his enumeration of the problematic events in question & their causes, which changed multiple times throughout the timeframe of his responses, you would come to the conclusion that he was not acting in good faith at all (which I presumed was happening from the beginning). Any reasonable and impartial observer would come to the same conclusion. Some users lost their 2fa codes, and were locked out of accessing some of their most sensitive and valuable data. Yes, there is an element of personal responsibility (having backups codes, etc), but the actions committed by MobiMe were and are against not only the App Store TOS, but are also morally wrong (as if he cares about that), and perhaps legally wrong (civilly wrong or even maybe criminally wrong if there is more we don't know). IANAL -- we all know that practically no legal action, civil or especially criminal will ever come of this. I'm almost certain he is living in an unfriendly jurisdiction that does not enforce cybercrime laws.
Ultimately in the end, like I mentioned above, he eventually deleted all discussions (after previously deleting all issues), then closed all PRs, blocked many users from interacting with the repository, and prohibited anyone from forking the repository and creating a PR. He also reseted/removed all poor reviews of Raivo on the App Store. Basically he did everything he said he wouldn't do. Then again, I'd be surprised if he actually kept his word.
Hopefully if enough people report Raivo OTP to Apple, the new/current dev in control of the project (MobiMe aka Soufiane BENABID), he won't be able to intentionally lock out users from their 2fa tokens, because he wouldn't have an Apple Developer account. He currently operates 2: the first is MobiMe, which operates Raivo and some other apps, and the second is Soufiane Benabid, which operates some apps that are very similar to the apps under MobiMe. Basically the theme with him is that he tries to squeeze as much money out of the user as possible. He controls a few domains under his belt too (literally just ~4 IIRC).
In sum, he sucks & the (impulsive?) decision to sell Raivo (which was never open source to begin with, despite marketed that way) to a super shady company without a proper transition, coupled with said shady company proceeding to turn the app into ransomware-lite is just an unfortunate and regrettable series of events.
If you want to read the lore regarding this entire incident (you've already read enough of this comment), here you go [0][1][2][3].
I've reported his GitHub account [0], & reported Raivo (on his first account) [1] but I haven't reported an app from his second account [2] because I have yet to see evidence of wrongdoing, but I would be surprised if there is absolutely no wrongdoing of any kind. Additionally he controls the following domains [3] [4] [5] [6] [7]. If his real name isn't Soufiane Benabid, whatever his real name is, he (MobiMe) also uses the name Soufiane Benabid to publish other apps on the App Store under that respective account.
Throughout the entire ordeal, from the beginning of responding to users, to the very end, he continued to lie, attempted to deceive, and assumed that we, the damaged users, were fools. I really don't know what he was thinking. Or if he was partially using an LLM to generate responses. If you look at the series of events, from the App Store log of Raivo, to his enumeration of the problematic events in question & their causes, which changed multiple times throughout the timeframe of his responses, you would come to the conclusion that he was not acting in good faith at all (which I presumed was happening from the beginning). Any reasonable and impartial observer would come to the same conclusion. Some users lost their 2fa codes, and were locked out of accessing some of their most sensitive and valuable data. Yes, there is an element of personal responsibility (having backups codes, etc), but the actions committed by MobiMe were and are against not only the App Store TOS, but are also morally wrong (as if he cares about that), and perhaps legally wrong (civilly wrong or even maybe criminally wrong if there is more we don't know). IANAL -- we all know that practically no legal action, civil or especially criminal will ever come of this. I'm almost certain he is living in an unfriendly jurisdiction that does not enforce cybercrime laws.
Ultimately in the end, like I mentioned above, he eventually deleted all discussions (after previously deleting all issues), then closed all PRs, blocked many users from interacting with the repository, and prohibited anyone from forking the repository and creating a PR. He also reseted/removed all poor reviews of Raivo on the App Store. Basically he did everything he said he wouldn't do. Then again, I'd be surprised if he actually kept his word.
Hopefully if enough people report Raivo OTP to Apple, the new/current dev in control of the project (MobiMe aka Soufiane BENABID), he won't be able to intentionally lock out users from their 2fa tokens, because he wouldn't have an Apple Developer account. He currently operates 2: the first is MobiMe, which operates Raivo and some other apps, and the second is Soufiane Benabid, which operates some apps that are very similar to the apps under MobiMe. Basically the theme with him is that he tries to squeeze as much money out of the user as possible. He controls a few domains under his belt too (literally just ~4 IIRC).
In sum, he sucks & the (impulsive?) decision to sell Raivo (which was never open source to begin with, despite marketed that way) to a super shady company without a proper transition, coupled with said shady company proceeding to turn the app into ransomware-lite is just an unfortunate and regrettable series of events.
If you want to read the lore regarding this entire incident (you've already read enough of this comment), here you go [0][1][2][3].
[0]: https://archive.ph/fGnO3
[1]: https://archive.ph/m8xk6
[2]: https://archive.ph/X8shn
[3]: https://archive.ph/094wM