Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,784,212 Members 42,720 Now Online
XDA Developers Android and Mobile Development Forum

[Q] Opensource

Tip us?
 
brotoo25
Old
#1  
Junior Member - OP
Thanks Meter 0
Posts: 1
Join Date: Apr 2014
Default [Q] Opensource

Would you be willing to make this project opensource for further development?
 
alephzain
Old
#2  
alephzain's Avatar
Senior Member
Thanks Meter 2,071
Posts: 117
Join Date: Sep 2010

 
DONATE TO ME
Quote:
Originally Posted by brotoo25 View Post
Would you be willing to make this project opensource for further development?
No
 
k1mu
Old
#3  
k1mu's Avatar
Recognized Contributor
Thanks Meter 1,544
Posts: 1,908
Join Date: Apr 2011
Location: Virginia

 
DONATE TO ME
Quote:
Originally Posted by alephzain View Post
No
OK, are you willing to share the source with others?
My Android devices:
vzw Samsung Galaxy S4 stock NC5 rooted
Samsung Galaxy Tab 2 10.1, also stock but rooted.

VZ Droid Incredible 2 rooted but otherwise stock.
Samsung Galaxy Tab 10.1
 
Jack Phoenix
Old
#4  
Junior Member
Thanks Meter 2
Posts: 13
Join Date: May 2014
Quote:
Originally Posted by brotoo25 View Post
Would you be willing to make this project opensource for further development?
Quote:
Originally Posted by alephzain View Post
No
Quote:
Originally Posted by k1mu View Post
OK, are you willing to share the source with others?
@alephzain: Framaroot is, as I'm sure you're aware, a great, handy, easy-to-use app. I was able to root my Nokia X with it, and I'm truly grateful for you for creating the app. Yet at the same time I'm quite dumbfounded by this.

The Framaroot forum section is listed under "XDA Community Apps", although I don't understand how an app can be a "community app" if the community can't do as much with it as they should be able to. I'd have understood the decision to keep the source closed if this were a paid app, but it's not, and you already have a donation app on Google Play Store which enables people to donate to you as a way of saying "thank you for all your hard work and effort for putting this app together!".

Closed source is counterproductive and I'm sure that I'm not the only person out there who is always somewhat suspicious of closed-source tools; yes, you're a trusted developer and you're probably not going to steal my data/brick my device/burn down my house, but I can't be 100% sure if I'm not able to review the source and maybe even compile it myself.

You seem like a sensible person, so I'd request you reconsider this decision and weigh the positive and negative aspects of it.
 
superdragonpt
Old
#5  
superdragonpt's Avatar
Recognized Contributor
Thanks Meter 5,327
Posts: 1,719
Join Date: Apr 2013
Location: Lisbon

 
DONATE TO ME
If this was OpenSourced i'm sure the (exploits) would be patched by OEM's .

Then no root for you.

There are things that its better to keep closed source.. ( very few)
Root exploit methods are one of those things.


Regards
If you like my work press Thanks, and feel free to Donate, and buy me an beer



Latest work:


Mediatek MT8317T SoC: (Acer Iconia B1-710)
Custom Kernel

Mediatek MT6582 SoC: (Wiko DarkMoon)
Custom Kernel
JB 4.2.2 / Carliv Touch Recovery
Unofficial LeWa Os v5

Mediatek MT6577 SoC: (ZTE V970 / v970m)
Custom Kernel

Mediatek MT8125 SoC: (Asus Memo Pad HD 7)
JB 4.2.2 / AOSP /VibeUI / Carliv Touch Recovery

All the other Projects

 
Jack Phoenix
Old
#6  
Junior Member
Thanks Meter 2
Posts: 13
Join Date: May 2014
Quote:
Originally Posted by superdragonpt View Post
If this was OpenSourced i'm sure the (exploits) would be patched by OEM's .

Then no root for you.

There are things that its better to keep closed source.. ( very few)
Root exploit methods are one of those things.


Regards
You give the OEMs too much credit. Sure, they might be interested in fixing flaws in their recent high-end/flagship devices, but older and/or discontinued devices -- such as the Nokia X, which I own and which is vulnerable to CVE-2013-2595* -- are extremely unlikely to receive such patches which'd have an impact on the rootability of the device.

Koushik Dutta wrote a free and open source Superuser management app. The app's README file answers the question, "Why another Superuser?" with multiple points, of which the first and most important is: "Superuser should be open source. It's the gateway to root on your device. It must be open for independent security analysis. Obscurity (closed source) is not security". The same goes for unofficial ways to gain root access in my view.

* There is a GPLv3-licensed implementation of CVE-2013-2595 for several devices running a Qualcomm SoC, and it's been there for almost a year, so no matter how closed Framaroot stays (which I hope it won't), OEMs have been an opportunity to "fix" this "issue", but I'm not sure how many chose to fix it. In any case, the Nokia X -- which is what I care the most about, given that it's my Android device of choice for the time being -- is vulnerable to it and as such, I'd like a FOSS rooting tool built around this exploit. Framaroot is capable of rooting the Nokia X, but Framaroot is not FOSS (yet) and I unfortunately lack the relevant Android NDK experience, so I'm not able to build a "clone" on my own, and I haven't found anyone willing to build such a tool.

Security through obscurity isn't security, no matter how hard you try to tell yourself that it is.
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes