Post Reply

[Q] Opensource

28th April 2014, 04:32 PM   |  #1  
OP Junior Member
Thanks Meter: 0
 
1 posts
Join Date:Joined: Apr 2014
Would you be willing to make this project opensource for further development?
19th May 2014, 09:41 PM   |  #2  
alephzain's Avatar
Senior Member
Thanks Meter: 2,129
 
117 posts
Join Date:Joined: Sep 2010
Donate to Me
Quote:
Originally Posted by brotoo25

Would you be willing to make this project opensource for further development?

No
26th May 2014, 02:56 AM   |  #3  
k1mu's Avatar
Recognized Contributor
Flag Virginia
Thanks Meter: 1,552
 
1,910 posts
Join Date:Joined: Apr 2011
Donate to Me
More
Quote:
Originally Posted by alephzain

No

OK, are you willing to share the source with others?
7th August 2014, 07:28 PM   |  #4  
Junior Member
Thanks Meter: 2
 
13 posts
Join Date:Joined: May 2014
More
Quote:
Originally Posted by brotoo25

Would you be willing to make this project opensource for further development?

Quote:
Originally Posted by alephzain

No

Quote:
Originally Posted by k1mu

OK, are you willing to share the source with others?

@alephzain: Framaroot is, as I'm sure you're aware, a great, handy, easy-to-use app. I was able to root my Nokia X with it, and I'm truly grateful for you for creating the app. Yet at the same time I'm quite dumbfounded by this.

The Framaroot forum section is listed under "XDA Community Apps", although I don't understand how an app can be a "community app" if the community can't do as much with it as they should be able to. I'd have understood the decision to keep the source closed if this were a paid app, but it's not, and you already have a donation app on Google Play Store which enables people to donate to you as a way of saying "thank you for all your hard work and effort for putting this app together!".

Closed source is counterproductive and I'm sure that I'm not the only person out there who is always somewhat suspicious of closed-source tools; yes, you're a trusted developer and you're probably not going to steal my data/brick my device/burn down my house, but I can't be 100% sure if I'm not able to review the source and maybe even compile it myself.

You seem like a sensible person, so I'd request you reconsider this decision and weigh the positive and negative aspects of it.
14th August 2014, 11:52 AM   |  #5  
superdragonpt's Avatar
Recognized Contributor
Flag Lisbon
Thanks Meter: 4,948
 
1,793 posts
Join Date:Joined: Apr 2013
Donate to Me
More
If this was OpenSourced i'm sure the (exploits) would be patched by OEM's .

Then no root for you.

There are things that its better to keep closed source.. ( very few)
Root exploit methods are one of those things.


Regards
14th August 2014, 04:47 PM   |  #6  
Junior Member
Thanks Meter: 2
 
13 posts
Join Date:Joined: May 2014
More
Quote:
Originally Posted by superdragonpt

If this was OpenSourced i'm sure the (exploits) would be patched by OEM's .

Then no root for you.

There are things that its better to keep closed source.. ( very few)
Root exploit methods are one of those things.


Regards

You give the OEMs too much credit. Sure, they might be interested in fixing flaws in their recent high-end/flagship devices, but older and/or discontinued devices -- such as the Nokia X, which I own and which is vulnerable to CVE-2013-2595* -- are extremely unlikely to receive such patches which'd have an impact on the rootability of the device.

Koushik Dutta wrote a free and open source Superuser management app. The app's README file answers the question, "Why another Superuser?" with multiple points, of which the first and most important is: "Superuser should be open source. It's the gateway to root on your device. It must be open for independent security analysis. Obscurity (closed source) is not security". The same goes for unofficial ways to gain root access in my view.

* There is a GPLv3-licensed implementation of CVE-2013-2595 for several devices running a Qualcomm SoC, and it's been there for almost a year, so no matter how closed Framaroot stays (which I hope it won't), OEMs have been an opportunity to "fix" this "issue", but I'm not sure how many chose to fix it. In any case, the Nokia X -- which is what I care the most about, given that it's my Android device of choice for the time being -- is vulnerable to it and as such, I'd like a FOSS rooting tool built around this exploit. Framaroot is capable of rooting the Nokia X, but Framaroot is not FOSS (yet) and I unfortunately lack the relevant Android NDK experience, so I'm not able to build a "clone" on my own, and I haven't found anyone willing to build such a tool.

Security through obscurity isn't security, no matter how hard you try to tell yourself that it is.
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes