Earlier this week, there was an Amazon offer I couldn't deny: a refurbished gen5 Fire7 for less than 30€ (special offer that made me a Prime user for a month, and a 20% discount on top of that).
Knowing that there might be a nonzero risk of getting a 5.3.2.1 or higher, I decided that I could still hand it over to someone else as an inexpensive toy.
The black device (serial G0W0 H404 ...) came with 5.3.1.0 on it. Lucky me!
I went for the "long list" sketched in #1703 (Aug 31, thanks Davey), including deregistering the device, wiping cache and data in recovery.
To have better control over WiFi access (I got a much faster Internet connection since I did this last time, and was very worried about the update arriving faster than I could breathe in twice), I set up a pocket router that could be connected to, and easily disconnected from, LAN.
Still it took four attempts for KingRoot to succeed. There were reboots at the first two ones, a "root permission exception" message popping up during the third, and success after only 4 minutes during the fourth attempt - the first three attempts went up to 52%, 66%, and 68% before declaring failure.
This all was done with KingRoot 4.9.2 (the one in RJ's toolkit - I have learned that higher versions may become harder to uninstall) and Wifi disabled after the percentage counter reached 10% (a few seconds). I didn't need WiFi at all for the last two attempts.
While the KR wheel was spinning (for more than half an hour in total) I pondered why nobody seems to have found out yet whether it would be possible to fake the "cloud wisdom" KR is using, to provide a more stable set of possible vulnerabilities, and - perhaps more important - to be able to decouple the device from the 'net (with a local server just providing the "wisdom")...