Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,728,510 Members 55,029 Now Online
XDA Developers Android and Mobile Development Forum

@Kingo: Time to come clean

Tip us?
 
E:V:A
Old
#1  
E:V:A's Avatar
Recognized Developer - OP
Thanks Meter 1696
Posts: 1,297
Join Date: Dec 2011
Location: -∇ϕ
Default @Kingo: Time to come clean

I call for the root-kit developers of Kingo to come out of the woodworks and come clean. I'm tired of reading about all the various security issues people bring up with using their rootkits.

Quote:
Originally Posted by RevolutionBolt View Post
DOWNLOAD this software here!! 100% no virus detected.
Then, what is this? (Perhaps you think Trojans are ok?)




False positive or not, this should be worrisome to everybody, since it was on the most recent binary posted. If you do the same thing for their older binaries, you will find loads more issues. In addition I have still not seen anyone bother to do a thorough analysis of their windows execs or house-calls.

---

To Kingo Developers:

Given the highly dubious background to Kingo and the little information you provide to developers regarding your rooting app, I think it's time for you to stand up and come clean. Remember that even linking to your website was banned from XDA until recently. Nobody is asking you to give up the vulnerability you use to gain root or your other rooting secret.

But most of us would really like to know:
  1. Why is your windows executable so damn large? (~24MB!)
    (What exactly is in it that require it to be so, when most others level out ~5MB.)
  2. What exact files are installed on the windows machine used?
  3. What exact files are installed on the phone being rooted?
  4. Why don't you just provide a flashable kernel or binary like everyone else does?
  5. Who are you and why should anyone trust you?
    (Especially when you seem to be afraid to come forward.)
  6. What exact information is being sent to your servers?
  7. Does rooting require an internet connection? (If so why?)
  8. What is your business model, how do you make a living?
    (Someone must be paying your website hosting costs etc.)
Until there is some more transparency in this, I will not recommend anyone to use your rooting method, even if I think it look very good.
MSM8960 Info, Architecture and Bootloader(s)
El Grande Partition Table Reference
How to talk to the Modem with AT commands

[REF][ServiceMode] How to make your Samsung perform dog tricks
[REF|R&D|RF] RF/Radio properties of Samsung ServiceMode

Want to know when your phone is getting tracked or tapped?

Help us develop the IMSI Catcher / Spy Detector!
(To be part of the EFF & The Guardian Project toolsets.)
_______________________________
If you like what I do, just click THANKS!
Everything I do is free, altruism is the way!
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
I do not answer support related PM's.

The Following 3 Users Say Thank You to E:V:A For This Useful Post: [ Click to Expand ]
 
jcase
Old
(Last edited by jcase; 30th April 2014 at 06:02 PM.)
#2  
jcase's Avatar
Forum Moderator / Senior Recognized Developer - Taco Vendor
Thanks Meter 6727
Posts: 3,544
Join Date: Feb 2010
Location: Sequim WA

 
DONATE TO ME
A) This forum isn't an appropriate place to call someone out. To call for an audit or ask a question sure, but not to call them out to come clean

B) It contains exploits, of course it is going to trigger AV software, all exploits should. The packer used also likely causes AV detections. Su binary alone is enough to cause it on some devices

B) I've performed a fairly extensive investigation of Kingo. It is suspicious, it has the ability to fetch binaries remotely, and execute them locally. They were collecting serial/imei from devices, but they claim to have stopped this practice after I confronted them.


Quote:
1 Why is your windows executable so damn large? (~24MB!)
(What exactly is in it that require it to be so, when most others level out ~5MB.)
2 What exact files are installed on the windows machine used?
3 What exact files are installed on the phone being rooted?
4 Why don't you just provide a flashable kernel or binary like everyone else does?
5 Who are you and why should anyone trust you?
(Especially when you seem to be afraid to come forward.)
6 What exact information is being sent to your servers?
7 Does rooting require an internet connection? (If so why?)
8 What is your business model, how do you make a living?
(Someone must be paying your website hosting costs etc.)
1- 24mb is relatively small now a days, simple games on mobile devices are much larger.

2- dunno

3- Varies per device and firmware

4- They are targeting the less technical user, this approach makes sense in that case (not that I like this approach)

5- Who are you and why should anyone trust you? or me for that matter?

6- Detailed information about the device, previously included IEMI, promised to stop havent verified

7- Remote fetching of drivers, and exploits.

8- Good question



Quote:
Originally Posted by E:V:A View Post
Until there is some more transparency in this, I will not recommend anyone to use your rooting method, even if I think it look very good.
I recommend against rooting of devices period, especially for those concerned about security. If one feels they must have root, using an exploit from a well known and trusted source is best. No one should be using these exploit packs.
I'm taking a break of an undetermined length. Please don't contact me about exploits

Something important? jcase@cunninglogic.com
Like Android security topics? Join our G+ community -> https://plus.google.com/communities/...07618051049043
My Bitcoin address : 1Newifz6yETTmbziCsZZstmHHPH6ejNr75
 
E:V:A
Old
#3  
E:V:A's Avatar
Recognized Developer - OP
Thanks Meter 1696
Posts: 1,297
Join Date: Dec 2011
Location: -∇ϕ
Quote:
Originally Posted by jcase View Post
A) This forum isn't an appropriate place to call someone out. To call for an audit or ask a question sure, but not to call them out to come clean
Actually, why not? I guess it's just a matter of semantics and when the same people are making obvious false claims and avoid all the relevant questions, I really do think its time to use different words, but with the same meaning.

Quote:
I recommend against rooting of devices period, especially for those concerned about security. If one feels they must have root, using an exploit from a well known and trusted source is best. No one should be using these exploit packs.
I guess that is the whole point. Many people are rooted for that exact reason, they no longer trust their service providers, their manufacturers, all for very good reasons. A cooked ROM by a recognized developer just seem way more safe than anything provided by Samsung, HTC, Verizon etc etc.
MSM8960 Info, Architecture and Bootloader(s)
El Grande Partition Table Reference
How to talk to the Modem with AT commands

[REF][ServiceMode] How to make your Samsung perform dog tricks
[REF|R&D|RF] RF/Radio properties of Samsung ServiceMode

Want to know when your phone is getting tracked or tapped?

Help us develop the IMSI Catcher / Spy Detector!
(To be part of the EFF & The Guardian Project toolsets.)
_______________________________
If you like what I do, just click THANKS!
Everything I do is free, altruism is the way!
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
I do not answer support related PM's.

 
jcase
Old
#4  
jcase's Avatar
Forum Moderator / Senior Recognized Developer - Taco Vendor
Thanks Meter 6727
Posts: 3,544
Join Date: Feb 2010
Location: Sequim WA

 
DONATE TO ME
Quote:
Originally Posted by E:V:A View Post
Actually, why not? I guess it's just a matter of semantics and when the same people are making obvious false claims and avoid all the relevant questions, I really do think its time to use different words, but with the same meaning.
Because it isn't the intended purpose of this forum, organizing an audit would serve the purpose far better.


Quote:
Originally Posted by E:V:A View Post
I guess that is the whole point. Many people are rooted for that exact reason, they no longer trust their service providers, their manufacturers, all for very good reasons. A cooked ROM by a recognized developer just seem way more safe than anything provided by Samsung, HTC, Verizon etc etc.
Historically, "cooked" roms are far less secure than the firmware from the ODMs. Even ones that seem to focus on security have a history of using "public" private keys, or superuser control APKs with known vulnerabilities. They also do not get the security bulletins that AMSS members or OHA partners get, which leaves them months behind on critical patches.
I'm taking a break of an undetermined length. Please don't contact me about exploits

Something important? jcase@cunninglogic.com
Like Android security topics? Join our G+ community -> https://plus.google.com/communities/...07618051049043
My Bitcoin address : 1Newifz6yETTmbziCsZZstmHHPH6ejNr75
 
E:V:A
Old
#5  
E:V:A's Avatar
Recognized Developer - OP
Thanks Meter 1696
Posts: 1,297
Join Date: Dec 2011
Location: -∇ϕ
@jcase: I think we're pretty much on the same page, but our vague and subjective definition of "secure" is probably what's bothering us. When I talk about security, I'm more concerned with being spied upon by external entities. This would indeed happen with the help and leakage of information due to nontransparent proprietary Apps and binaries. As for your sense of security, it's more about being hacked. Yes, then perhaps unrooted STOCK ROMs are more secure. But since the end user never have access to these security bulletins, which "security researchers" do have, they/we will never know about any vulnerabilities until it's too late. Determined hackers will always have an advantage as long as stock SW remains secret and unified across devices.

As for this thread. Ok, I agree, let's call for an "audit" instead...
MSM8960 Info, Architecture and Bootloader(s)
El Grande Partition Table Reference
How to talk to the Modem with AT commands

[REF][ServiceMode] How to make your Samsung perform dog tricks
[REF|R&D|RF] RF/Radio properties of Samsung ServiceMode

Want to know when your phone is getting tracked or tapped?

Help us develop the IMSI Catcher / Spy Detector!
(To be part of the EFF & The Guardian Project toolsets.)
_______________________________
If you like what I do, just click THANKS!
Everything I do is free, altruism is the way!
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
I do not answer support related PM's.

 
shadowcore
Old
(Last edited by shadowcore; 3rd May 2014 at 10:33 PM.)
#6  
shadowcore's Avatar
Senior Member
Thanks Meter 42
Posts: 391
Join Date: Apr 2013
Seriously, 3 no name anti-virus programs detect a virus and you think thats valid? Anti virus programs are so inefficient at finding anything, they should not even be used in most cases to argue with anything.

As for rooting, nobody should use a rooting method posted by somebody, at least no tools offered by by somebody online. There are official methods for that.
People who are new to android at best should not root their phones.
Also, what has been said about cooked roms is true. Sadly, its either live with an outdated rom or use a risky custom rom.
That is why you dont use an old smartphone to do business.
 
jcase
Old
#7  
jcase's Avatar
Forum Moderator / Senior Recognized Developer - Taco Vendor
Thanks Meter 6727
Posts: 3,544
Join Date: Feb 2010
Location: Sequim WA

 
DONATE TO ME
Quote:
Originally Posted by shadowcore View Post
Seriously, 3 no name anti-virus programs detect a virus and you think thats valid? Anti virus programs are so inefficient at finding anything, they should not even be used in most cases to argue with anything.

As for rooting, nobody should use a rooting method posted by somebody, at least no tools offered by by somebody online. There are official methods for that.
People who are new to android at best should not root their phones.
Also, what has been said about cooked roms is true. Sadly, its either live with an outdated rom or use a risky custom rom.
That is why you dont use an old smartphone to do business.
Too bad it is absolutely valid, for a number of reasons.
I'm taking a break of an undetermined length. Please don't contact me about exploits

Something important? jcase@cunninglogic.com
Like Android security topics? Join our G+ community -> https://plus.google.com/communities/...07618051049043
My Bitcoin address : 1Newifz6yETTmbziCsZZstmHHPH6ejNr75

Tags
imei, insecure, kingo, malware, spyware
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


XDA PORTAL POSTS

Easily Combine Text and Manage Your Android Clipboard with StuffMerge

Android clipboard management has always been impractical without the … more

Pale Moon Browser Ported to Android

Having a wide choice of third party applications is one of the most beautiful things that Android has to … more

Partial Android Wear Source Uploaded to AOSP

2014 is certainly shaping up to be theyear of the wearables. And thanks to its innovative … more