Hello,
First, I am NOT trying to keep people from downloading anything, just read what I have seen occur on a couple of sites.
Is there any way to restrict the outside download links on posts until someone logs in? The reason I ask is that I have seen on more than one other non-phone forum links to this forum to get the latest ROM downloads. For example, I was on a car forum and someone was talking about their BT and other "neat" options they had added via WM6 (also other hacks) and had gotten it here. They stated it was very simple/easy and put in a link. When I followed the link it gave me a post to here and a link to a RapidShare site. No logon required, no reading, no warnings, etc.. I went back and followed the original automotive thread and sure enough, someone tried to flash their phone and now it wasn't working. The automotive thread never once mentioned types of phones or anything else until AFTER the link to here had been posted. And then, of course, the suggestion to the person that had bricked their phone was to come back here to find a way to fix it.
If you do a Google search you will see that there are a number of hits returned of non-phone/PDA sites that talk about WM6 and other issues that have links back to here, and other phone/PDA sites.
So I was wondering if there was some way to make it necessary to at least log in before you can click on a link to an outside download site? Or, failing that, if there is a redirect from an outside site that doesn't come through the portal, could thre be a warning screen then a re-direct to the page in question? This might save a lot of heartache for people both here (repeated noob questions) and people that have no clue what they are messing with before they brick their phones.
Thanks,
If you do not know what you are doing and decide to "upgrade to the new shiny <whatever>" , then no matter what stupid warnings, restrictions and disuations are given, then you will go ahead and brick your phone.
Its true that a few minutes of thought could save you a trip down to the local store to buy a new phone, but that is too much to ask from all these hot headed "I want it 5 minutes ago" people.
They also tend to blame Microsoft, the ROM chef, other forums, some higher deity and everoyne else before coming to realise that no matter who/what they blame, they still end up with the bricked phone because they themselves went ahead and did it.
NOBODY FORCES ANYONE to "upgrade" , but for some reason many people just go ahead and do it without any thought nor knowledge about what they are about to do.
Again, restricting usage of <anything> because some people feel users are unable to stop and think is not the answer.
But then again, what do I know....
I am not suggesting that they be restricted from downloading. All I am asking is if there is a way to make them log in/join the forum instead of just linking from an outside site, grabbing a link from here to another outside site and then bricking their phone.
I agree that many, if not most, will not be stopped and will continue on, but maybe a extra step will cause a few to pause and think (or be too much of a hassle), thus cutting down on the number of complaints/repetitious posts for help un-bricking their phone.
erm, if i get what your saying... i think it is... i know what brought me to this site was a file i was looking for was here, but it needed me to register to download!
freakuency said:
erm, if i get what your saying... i think it is... i know what brought me to this site was a file i was looking for was here, but it needed me to register to download!
Click to expand...
Click to collapse
I believe (I am guessing here) those files/links are the ones that are hosted on the XDA server. But a lot of the links to the ROMS that can no longer be hosted on XDA thanks to M$ are direct and do not require a logon. Try coming to the site and not logging in and clicking on some of the ROM links and you will see what I mean.
This is of course just an opinion of a user but:
It would be wrong to restrict links to sites like rapidshare. That would take away the whole point, plus it is not too difficult to copy paste the link.
You can not protect people from their own stupidity and this site should not be held responsible for it.
If you try to mess with your phone based on what you read in an automotive forum or fix your computer based on advice from a cooking forum anything that happens is your fault and no one else's!
(At least they do not try to fix their car based on advice from XDA-dev)
People like that will not be stopped by warnings or blocks and there is no point in trying.
Some people should not be let near electronic devices, but we still live in a free world (most of us anyway) and that includes the freedom to brick a brand new 1000$ phone.
levenum said:
This is of course just an opinion of a user but:
It would be wrong to restrict links to sites like rapidshare. That would take away the whole point, plus it is not too difficult to copy paste the link.
I am not suggesting restricting the link, just linking from outside sites without logging in.
You can not protect people from their own stupidity and this site should not be held responsible for it.
Never even suggested that and don't understand where that came from.
If you try to mess with your phone based on what you read in an automotive forum or fix your computer based on advice from a cooking forum anything that happens is your fault and no one else's!
(At least they do not try to fix their car based on advice from XDA-dev)
People like that will not be stopped by warnings or blocks and there is no point in trying.
Some people should not be let near electronic devices, but we still live in a free world (most of us anyway) and that includes the freedom to brick a brand new 1000$ phone.
Click to expand...
Click to collapse
I have been on this forum since January of this year and watched the Hermes section have issues with requests for information redundancy overload, frayed tempers, and other miscellaenous PBKAC's. Anything simple that doesn't restrict any user from access, but maybe would keep somebody from just clicking and getting what they want might help. I am just a user as well, (with few posts) I only asked since I thought it might be a way to help lessen some of the load. Only that, not that I actually think it would make a major difference, but any little bit can help at times.
Again, I never said to restrict the links, just make someone logon/join XDA first, versus just cruising in from another site or a Google hit. If you don't try, you never know. Maybe XDA will even get some more donations that way or gain a new chef.
But this is the whole point: You see a link but can't click it.
Never mind that joining is free and easy - there is still a barrier even if symbolic.
Look, my last post may have sounded harsh, but I did not mean to attack you.
What I meant by "protecting people from stupidity" is this:
Today even children know that simply downloading stuff from the net puts your computer at risk (forget rapidshare, we have viruses here on our own FTP all the time - scum uploading scumware - and no, it is not a matter of having a virus scanner! A home cooked exe that deletes all files on your c drive is easy to make and also will pass just about any virus scan).
But if someone is about to mess with his brand new expansive toy based on two lines in an unrelated forum and using a download from a questionable source without bothering to look up detailed instructions or check on risks of the procedure - well no point in warning such people.
The thing is - I think forcing such individuals to join will only increase the number of repeated/already answered/"I bricked my phone" messages as they will now think that we (the forum) are responsible for them and they have an account to make the post.
Try to make something idiot proof and nature will make a better idiot...
levenum said:
The thing is - I think forcing such individuals to join will only increase the number of repeated/already answered/"I bricked my phone" messages as they will now think that we (the forum) are responsible for them and they have an account to make the post.
Click to expand...
Click to collapse
You very well may be right. I have directed, in the field, so many different rollouts of new communications gear and seen every last one of them hosed in such incredibly varied manners that almost nothing surprises me now. I have just learned that the more little checks and balances that are added in without actually affecting performance can help the end product.
And I second "The Brit's" statement.
I've been enjoying the custom ROM features for a short while, but when I came across the HTC's desicion to put shipped-roms down, I had to make a statement.
I've contacted HTC about the matter, and the answer I got did not please me, at all. They just ignored the fact that the success(and their money) comes greatly because of the open Android platform, and the eager programmer communities contributing to it. Which is the reason and soul, to promise, for the platform, to get success and long life, in the future.
Their claim stands on the corporate ignorance on that fact I mentioned. As the original binaries are not to be used in any other way, than to give a rescue route, if some customization route takes the wrong turn, and ends in bricking the device. In those occations we could take the step back and restore the original image, into a device, and keep hunting the bug's in custom cooked roms.
So I hope that more people will get in touch directly to HTC, and make them understand that keeping the binaries out in the open, does not steal any money or intellectual property from them, in any way, but is solely to keep supporting the device sales, and the life of the platform as a whole.
Yours truly
sawe
P.S. Sorry for the bad language, I'm not a native english speaker.
I personally think that response is reasonable. They can't guarantee that anything won't go wrong with ROMs other than their own and therefore won't support it.
They don't however try to actively stop it which is why there is such a great community of developers.
Sent from my HTC Desire using XDA App
They don't actively stop modding. They just want to keep their own ROMs safe.
I think they are not reasonable on the matter. Reasonable would be if they give us the possibility to download released ROMs from their web servers.
By taking that possibility away, they deny us to revert back to official version, and by that put a much bigger risk in testing the new mods.
No intellectual property is at risk because official packages are .exe binary files, so no way to missuse them, only ability to flash the device back to factory defaults.
Aren't they taking issue with the fact that the HTC Roms include their copyrighted Intellectual property? THe sense UI and the other apps the HTC develop to go with their devices for example? I don't agree with the HTC tactic here, but just wondering if thats their whole issue?
badgerarc said:
Aren't they taking issue with the fact that the HTC Roms include their copyrighted Intellectual property? THe sense UI and the other apps the HTC develop to go with their devices for example? I don't agree with the HTC tactic here, but just wondering if thats their whole issue?
Click to expand...
Click to collapse
Those binary coded .exe files are only usable to flash the device they are ment. You cannot use the file in any other way.
this thread is aload of crap, htc have the right to take whatever steps they feel are justified to protect there work, if you dont like it dont buy htc simple, but we all know people will buy htc because whatever you think of them they are that best smartphone manufacturer
HTC have more rights than they actually use, agreed this thread is pointless.
Xda could drown under 2 meters of dung and htc wouldn't even notice, or maybe they would just be happy to do away with all the idiots bogging down customer support with questions about froyo and then moaning it's not ready a split second after the android team released it.
not sent from an iToilet
saweboy said:
Those binary coded .exe files are only usable to flash the device they are ment. You cannot use the file in any other way.
Click to expand...
Click to collapse
Sorry, but that just isn't true!
When you run an HTC Android RUU it extracts a file called ROM.ZIP into a temp directory before it starts to flash the phone and you can pull this out and do pretty much whatever you like with it.
Regards,
Dave
foxmeister said:
Sorry, but that just isn't true!
When you run an HTC Android RUU it extracts a file called ROM.ZIP into a temp directory before it starts to flash the phone and you can pull this out and do pretty much whatever you like with it.
Regards,
Dave
Click to expand...
Click to collapse
thats true ive done that using ms process manager when i wanted the stock htc bootanimation.zip
I wonder how much information HTC have syphoned off these and other similar forums without acknowledging it? Essentially we are provided a beta testing service for them at no risk to themselves. They could just look through all the problems folks are reporting with various ROMs and RADIO files and use that info to make them stable.
SimonCraddock said:
I wonder how much information HTC have syphoned off these and other similar forums without acknowledging it? Essentially we are provided a beta testing service for them at no risk to themselves. They could just look through all the problems folks are reporting with various ROMs and RADIO files and use that info to make them stable.
Click to expand...
Click to collapse
I sincerely hope they don't, since 90% of the supposed beta testing here is unscientific at best and plain wrong at worst
not sent from an iToilet
I think HTC would have much more sophisticated testing methods than relying on comments like....
ZOMG!!! THE CAMERA APP FORCE CLOSES, THIS ROM SUX!!!
HTC have every right to protect their intellectual property. In fact they're being very nice with the modding community. If they full exercised their rights then there roms including HTC Sense would be illegal.
Hello all,
I'm posting about unfair practices I observe from OliNex with their HardSPL packages. I'm most-acquainted with the Topaz variety, but I know they have licensing built into their installers for some of the other devices, which licensing suffers from the same problems the Topaz HardSPL does, so I post it in a general forum.
Now, don't get me wrong, I'm grateful to OliNex and to all the other hackers, cooks, etc., for the work they do. I'm enjoying a cooked ROM on my Topaz right now, I've donated to OliNex (of my own will, not because I was compelled to get an unlock), and will probably donate to a ROM cook(s) sometime. Thank you to everyone who has contributed, and continues to contribute, to this community and the phones it supports.
But, I feel OliNex is abusing this community, and this is why I post.
[Edit 10 Oct 2010: Having had a few weeks to cool down, I'll admit it wasn't fair to assume I know OliNex's motives and situation. I won't edit my comments because it seems silly to "censor" myself, and because the facts I presented haven't changed. However, I hope whatever may come later in the thread can continue to be constructive discussion about running or flashing unsigned code, instead of just bashing others for the solutions they've given.]
There are dozens of posts in the Topaz HardSPL thread (and at least a few for other devices) from people complaining about how long their "support" requests are taking -- at least a month. I wouldn't expect grade-A technical support from a volunteer-based community of people who have normal jobs (many of which jobs are probably sometimes discouragingly similar to what they do for free on XDA), but what is more infuriating is that this huge burden on OliNex for "support" is totally unnecessary. Most of these XDA members are only asking for "support" because they've been denied access to HardSPL, being told that “Hard-SPL is for non-commercial purposes only, [OliNex] have detected that you appear to already have unlocked another device." Yeah, I guess they could all be lying and they're greedy leeches unlocking bunches of phones and re-selling them with alternate ROMs that increase their value... but since I got this message unlocking my first and only phone, I'm inclined to believe they’re just everyday XDA members unlocking their first, maybe second or third phone, in the course of normal upgrades and/or phones for their sister/father/significant other. The opening post of the Topaz HardSPL thread informs and assures us, "each user gets 1 license, or perhaps 2-3 on request if needed (which is valid forever and all this works as transparently as possible, so won't be a problem at all)" but, skim several random pages of the thread, and all evidence points to the contrary -- this is anything BUT transparent and non-problematic.
Another annoying thing about this so-called "error message" about commercial use, is that support for it clouds up the threads (at least the Topaz one) here at XDA, diminishing the resources to help people who are having legitimate technical issues like sync problems, unsupported Windows OS, antivirus/firewall conflicts (heck, I don't think HardSPL should even be packed, which causes all the antivirus false-positives, but that's a bit of another issue.)
I think OliNex's HardSPLs are essentially payware. I think they have intentionally made a lot of false-positives of "commercial usage" so that people are compelled to either "donate" or file "support" tickets. (If I'm wrong, I'm sorry, and please post your response to the things I'm writing.) I think OliNex have convenient excuses for why the support tickets take so long, but really it's just to get them money from forced donations. I presume there is no real validation of these "support" tickets, other than the assumption that anyone willing to go through this stupid system and wait at least a month must not be a business user.
And if OliNex's HardSPLs are payware, are they paying part of their usage fees to pof and Esteve Espuña Sargatal for JumpSPL (it's only fair if the authors of HaRET get in too, since JumpSPL is based on that), as well as every other XDA member whose collective, for-free (and sometimes GPL'd) work has made their HardSPL possible? I imagine they freely received the MFG SPL image from someone in the community; he should get a cut, too.
Payware doesn't belong on XDA, as per Forum Rule #11. OliNex have real jobs to make money, and XDA doesn't exist to be a free advertising platform for their additional commercial endeavors. I don't know if there's a resolution to this that's fair to everyone; part of why I'm posting is to see what we can come up with together. As I'm pretty ticked about this, right now the only options coming to my mind are:
OliNex release license-free versions of their HardSPLs,
OliNex submit to the XDA community hacking their HardSPLs to be license-free, or at least licensed by XDA itself,
Improve your licensing scheme to not detect as much "commercial usage" (but you'll always have to err to being too restrictive or too permissive; there is no perfect DRM),
or; OliNex retract HardSPL from XDA altogether (perhaps making their already-existing SIM-unlock purchase the only way to get their HardSPLs)
The last option is less than ideal as it may decrease the availability of HardSPL (there is the occasional person who posts that they actually got a free unlock), but it would almost be preferable to me, because I'm sick of this supposedly-free solution that, for a large portion of the community, actually costs time and/or money, and for no apparent reason other than to make OliNex some money. If we have to pay, you can't advertise it here. If you insist on charging and can ethically reconcile that with the facts presented earlier about how you can't even claim the entirety as your own work, then you ought to also give us something we're accustomed to paying for, such as a SIM unlock. Plenty of the other providers of HardSPLs aren't charging for their solution, so why do OliNex get to? In fact, do ANY of them have licensing but OliNex?
Thanks for reading,
Joey Hewitt
oh man you are going to get bent over for this one...
in all fairness, you do have some valid points, however:
too bad. olinex is one of the reasons we are able to do what we do with our devices. his work was provided free of charge for a LONG time. if anyone else wants/can replicate what he's done, go for it, but i have never seen anyone able to...
he asks for a _small_ donation. yes, it essentially payware, but he cuts a break and provides it for free to longtime members and those who contribute to this forum. the fee is there for a little compensation for all his work from those that would leech everything they can and rarely if ever donate to chefs as well.
i doubt anyone here is getting rich from their work given the amount of time it takes to produce the things we love...
so... take a chill pill and understand that we get almost everything for free. a few bucks to an instrumental hacker is the least we can do. and always throw a bit to the chefs. anyone that's cooked a ROM and supported it, knows how much time it takes and how trollers don't appreciate your hard work.
p.s. yes you will get bi*** slapped for this post, but i do appreciate your detail and general cordial nature. that's more than almost all that rant about a topic. however, posting 16 times and having joined in April doesn't make you much of a contributing member. please think about what you can do to help, this is a community. even something as simple as providing mirrors and sending a PM to the chef can be useful. everyone here has something worthwhile that can do to help out.
ndn715 said:
oh man you are going to get bent over for this one...
Click to expand...
Click to collapse
Thanks for your cordial reply, and yeah, I'm sure it will be one of the nicer ones I get.
ndn715 said:
in all fairness, you do have some valid points, however:
too bad. olinex is one of the reasons we are able to do what we do with our devices. his work was provided free of charge for a LONG time. if anyone else wants/can replicate what he's done, go for it, but i have never seen anyone able to...
he asks for a _small_ donation. yes, it essentially payware, but he cuts a break and provides it for free to longtime members and those who contribute to this forum. the fee is there for a little compensation for all his work from those that would leech everything they can and rarely if ever donate to chefs as well.
Click to expand...
Click to collapse
People seem to be able to replicate it on other hardware. (Now that OliNex have figured out how to do it and have to a small degree documented how, I doubt it would be that hard for someone else to do it, but once someone else's got a solid solution, why bother with the risk of bricking your device, or worse, someone else's, to develop another solution. I would attempt to replicate their work on the Topaz, and could even stand to sacrifice a few of my own devices to that cause, but mostly the fear of bricking someone else's phone stops me.) Maybe those others are only willing to do it for free because they're newer than Olipro and Cmonex. Maybe a human can only provide a certain amount of underappreciated free work before they start charging. Of course your ability to extract money out of "freeloaders" is proportional to the difficulty, uniqueness, etc., of your work.
So, if now Olipro and Cmonex are providing it free only to contributing members (I don't remember seeing that announced, but I know they have such a policy for SIM unlocks), it is payware, which is against the rules. Honestly, I would hate to see the mods immediately remove it (obviously unlikely.) I would rather find a compromise.
ndn715 said:
i doubt anyone here is getting rich from their work given the amount of time it takes to produce the things we love...
so... take a chill pill and understand that we get almost everything for free. a few bucks to an instrumental hacker is the least we can do. and always throw a bit to the chefs. anyone that's cooked a ROM and supported it, knows how much time it takes and how trollers don't appreciate your hard work.
Click to expand...
Click to collapse
I know pof once posted about his income, and said he'd spent more than that income on hardware. I agree that nobody's getting rich, and most are under-appreciated.
I'm not so much opposed to paying 4GBP (it was like 6.5 USD) for an unlock, as I am to the unlock being posted on a free community site, specifically telling me it will be free for my first phone, and then being forced into so-called "donating", just to get something that was supposed to be free. If I could do it again, I guess I'd get my SIM unlocked by them, since I had to pay someone else almost the same amount for that. Then I would get HardSPL as a free bonus (at least that's how I understand it works.)
ndn715 said:
p.s. yes you will get bi*** slapped for this post, but i do appreciate your detail and general cordial nature. that's more than almost all that rant about a topic. however, posting 16 times and having joined in April doesn't make you much of a contributing member. please think about what you can do to help, this is a community. even something as simple as providing mirrors and sending a PM to the chef can be useful. everyone here has something worthwhile that can do to help out.
Click to expand...
Click to collapse
Yeah, I know I'm new. For what it's worth, I have been contributing where I can since I've joined, and actually the straw that broke the camel's back was having to tell someone on the Topaz HardSPL thread for the umpteenth time that the "error" they were getting was probably only solvable by waiting a long time or paying money (in some cases a combination.) I think non-native-English users probably just see that an error message has popped up, and don't read or don't understand the text about a support ticket or donation. Some of our fellow community members don't even have an easy way to pay in their country, even if they are perfectly fine with a small donation.
P.S. If a mod decides this is a personal attack on Olipro/Cmonex or will stir up too much unfriendly feelings or whatever, delete it, and I'll drop it.
joeyhewitt, there's a valid counterpoint for almost every point you have appealed to, so you'll probably see a lot of bashing and hardly any sympathy here, especially when it concerns someone as influential as OliNex.
IMO, this community has commercialized big time in the past few years. It's driven more and more by profit and less and less by pure enthusiasm. It's a shame many great contributors jumped onto that bandwagon, but they have their rationale and it's hard to blame them for taking that path...
If you really want to make a difference, make an SPL patch yourself and distribute it for free without any limitations. You are a lot more likely to succeed in that than in changing the way OliNex distribute and support their work.
IMO, this community has commercialized big time in the past few years. It's driven more and more by profit and less and less by pure enthusiasm.
Click to expand...
Click to collapse
Oh hell, that's what i have thought. Also:
"If you wan't me to update ROM/APP/POO please donate."
-that simply drives me mad. It should be "I am doing this by free will, if you like my work, please donate, but I'm going to continue nevertheless"
stepw said:
joeyhewitt, there's a valid counterpoint for almost every point you have appealed to, so you'll probably see a lot of bashing and hardly any sympathy here, especially when it concerns someone as influential as OliNex.
IMO, this community has commercialized big time in the past few years. It's driven more and more by profit and less and less by pure enthusiasm. It's a shame many great contributors jumped onto that bandwagon, but they have their rationale and it's hard to blame them for taking that path...
Click to expand...
Click to collapse
Yeah, you're probably right about the arguments against me, and I don't mind; my intent wasn't to start an argument. I think we're on the same page now as far as how and why the community is becoming more commercial. It may be a sad reality, but it's reality, and there's only so much we can do to change that.
stepw said:
If you really want to make a difference, make an SPL patch yourself and distribute it for free without any limitations. You are a lot more likely to succeed in that than in changing the way OliNex distribute and support their work.
Click to expand...
Click to collapse
ndn715 said:
if anyone else wants/can replicate what he's done, go for it, but i have never seen anyone able to...
Click to expand...
Click to collapse
Maybe I will. I have some questions, mostly addressed to whomever enforces the rules.
XDA-Developers Forum Rules said:
Using the work of others. If you are developing something that is based on the work of another Member, you MUST first seek their permission, and you must give credit to the member whose work you used. If a dispute occurs about who developed / created a piece of work, first try to settle the matter by private message and NOT in open forum. If this fails then you may contact a moderator with clear evidence that the work was created by you.
Convincing evidence will result in copied work being removed. If there is no clear evidence you created the work then in the spirit of sharing all work will remain posted on the forums.
These rules apply to all software posted on XDA unless that software comes with a license that waives these rules.
Click to expand...
Click to collapse
Mere dependency can't really be the issue, or else all the authors of RUU flashers and ROM images would be in trouble for directing their users to download someone else's work. Packaging those works together could be a problem, though, if one or the other wasn't OK with it.
So, if someone were able to generate licenses for OliNex HardSPL, independent of modifying the HardSPL files themselves or using the HardSPL servers, would they be allowed to post that on XDA? I.e., the solution is two packages: a "licensing" program; and the original HardSPL files, downloaded from the official thread. It could be worked out so that, to be pedantic, HardSPL would be using that work, not that work using HardSPL. (I know that creating a certain file with the correct contents and placing it on a device would allow the "stock" HardSPL to proceed as if it had been licensed, so it would be HardSPL using the new work, not the new work using or being based on HardSPL.) And since HardSPL is (ostensibly) not a commercial product, it wouldn't be warez, right?
Yeah, it's a little underhanded, but really, isn't the whole community pretty much based on reverse-engineering someone else's work and making your own replacements or improvements? Sure, we have rules to try to be nice to other members of the community by disallowing easy 5-minute ripoffs of someone else's stuff where you hexedit your name over theirs, and I'm fine with that, so I'm asking, just where is the line of separation between my work and someone else's? How are the phrases "based on" and "using", from the rule above, defined, in this context?
If the above approach wouldn't be allowed, what about a solution that, with no data taken from the original HardSPL, re-invented a way for HardSPL (or perhaps any unsigned SPL) to be flashed, and had users get the original HardSPL image from the official sources?
Or what about instructing the user how to use the original HardSPL files and hexedit and/or run them in a debugger so that the licensing is skipped? It might even be possible to boil it down into a patch against the original files, which the user himself applies. Obviously not user-friendly, but if it's the only way...
I hate to beat that dead horse again, but do you know what lies in the foundation of Olipro's first HardSPL? Direct and immediate violation of the rule #12 you quoted. Maybe there wasn't such a rule at the time, but it was utterly unethical to refuse proper credit for SPL patching to its original author Des, especially when he demanded an acknowledgement.
Cracking HSPL licensing is as unethical and it's not going to be very productive as there's probably a fairly strong cryptographic foundation. Cracking HSPL binaries to accept forged license sounds more feasible, but then it means violation of the rules you are so adamant about. Either way, you'd learn more about cracking than about making SPL patch, is it really what you are after? Like in politics, the rules sometimes do not apply to the "untouchables", but you are sure to be banned if you go that path, as cracks/warez are not welcome here.
There's nothing wrong with applying the same concepts to another solution though. It's not patented or copyrighted in any way and there's plenty of discussion around it, so it should be possible to figure out what it takes to make it happen. Even if the result is essentially the same as HardSPL, you still deserve respect if you manage to produce it yourself without hijacking others' work.
retsam88 said:
Oh hell, that's what i have thought. Also:
"If you wan't me to update ROM/APP/POO please donate."
-that simply drives me mad. It should be "I am doing this by free will, if you like my work, please donate, but I'm going to continue nevertheless"
Click to expand...
Click to collapse
Can't agree more. IMO, if one wants to make it a profitable business, then he should treat the users as customers (provide updates and support) and legalize (register a business and pay taxes to his governement).
But then demand drives supply, not vice versa. If people weren't willing to donate, even if the donations are kinda forced, they wouldn't have donated. That's why I'm not blaming the developers for this commercialization, consumers and not contributers are responsible for it.
stepw said:
I hate to beat that dead horse again, but do you know what lies in the foundation of Olipro's first HardSPL? Direct and immediate violation of the rule #12 you quoted. Maybe there wasn't such a rule at the time, but it was utterly unethical to refuse proper credit for SPL patching to its original author Des, especially when he demanded an acknowledgement.
Click to expand...
Click to collapse
Heh, yeah, I think I read that little interchange. I think there may be some GPL violations going on, too, but maybe that's just par for the course.
stepw said:
Cracking HSPL licensing is as unethical and it's not going to be very productive as there's probably a fairly strong cryptographic foundation. Cracking HSPL binaries to accept forged license sounds more feasible, but then it means violation of the rules you are so adamant about. Either way, you'd learn more about cracking than about making SPL patch, is it really what you are after? Like in politics, the rules sometimes do not apply to the "untouchables", but you are sure to be banned if you go that path, as cracks/warez are not welcome here.
Click to expand...
Click to collapse
Well, in a way, I wouldn't care, since all I'm "after" is allowing people to flash whatever they want for free. But, despite my best attempts to rationalize , releasing a crack of an influential developer's work would still be warez (if we're going to admit licensed products on XDA as a reality), and would probably go over even worse than cracking a commercial product. And, yeah, learning anything would be fun and useful, but I would rather learn how to patch an SPL.
stepw said:
There's nothing wrong with applying the same concepts to another solution though. It's not patented or copyrighted in any way and there's plenty of discussion around it, so it should be possible to figure out what it takes to make it happen. Even if the result is essentially the same as HardSPL, you still deserve respect if you manage to produce it yourself without hijacking others' work.
Click to expand...
Click to collapse
I think if I made my own installation method for the standard HardSPL image, that would be fair enough, right? I think a few people have even said that's harder (on modern hardware, at least) than creating a HardSPL in the first place. Anyone know why OliNex's soft SPL is based on an MFG SPL (on Topaz, at least)? Is it because all MFGs can flash unsigned images?, or they're easier to hack to flash unsigned stuff? But then, it doesn't make sense that the hard SPL seems to be based on a stock image. Maybe the MFG was easier to relocate into RAM. Anyone know where MFG SPLs can be found, or do you have to be a special member of the community to get those? (Soon enough, you'll have to pay someone for it?) Other options could be flashing from within WinMo, or even a HaRET'd Android/Linux, but that seems a little risky unless there's already really good, safe flash support there. XdaUtils/itsutils has a pnewbootloader.exe, but apparently it's only for the Wallaby and/or specific versions of WinMo. Anybody know about writing flash from the OS? I assume if it were better or easier, we might be bypassing the SPL altogether to flash unsigned ROMs, but maybe there's something to look into.
Part of the problem with things being commercialized is that there's very little documentation (or, it's outdated -- just found a few old posts on SPL patching from stepw ) on this magic stuff people are selling, which is a shame when the whole reason the forum is here is to share ideas, knowledge, techniques, and open tools for hacking our devices.
MFG SPL has many more commands than shipping/production SPL, so it's a natural choice for any kind of vendor protection circumvention.
SPL patch to allow unsigned image flashing is fairly simple, the real challenge is soft-loading SPL or making another bootloader/flasher work reliably.
Soft-loading a flasher is not all that risky, for as long as it doesn't alter critical flash content (SPL, NVRAM). If OS doesn't boot, but SPL does, there's a way to restore an official ROM (provided one is available with correct CID) and start all over.
Adapting SPL by patching is a lot less time consuming than making a flasher from ground up, although the latter is possible too. A Linux based soft-flasher capable of flashing images in native RUU format via USB or from SD could be a real breakthrough... I wasn't following the progress with Android on natively WinMo devices, but if MTD is functional, then NAND interface is there.
Cotulla's MAGLDR sounds like a great new development, it includes a recovery kernel with MTD, USB, SD and basic IO support. If it can be built for Topaz, sofltoad it and flash anything you want (subject to MTD driver patching for OOB compatible with the intended OS).
stepw said:
Soft-loading a flasher is not all that risky, for as long as it doesn't alter critical flash content (SPL, NVRAM). If OS doesn't boot, but SPL does, there's a way to restore an official ROM (provided one is available with correct CID) and start all over.
Click to expand...
Click to collapse
So if I were to develop a soft-loaded patched SPL, I'd want to first try flashing some unsigned non-crucial thing like a splash screen or maybe cooked ROM, and see if that broke anything. Even if it did, as long as the SPL in flash was still bootable and I had a signed stock image, I could always fix things.
As I understand it, most modern devices have got the SPL region protected so that you'll have to relocate the image to be able to execute it in RAM. I've only seen references to this, and about how it's sometimes impossible to remap the MMU to avoid relocation (if the pagesize is not granular enough you may split up a buffer or something), and possibly that you must not relocate certain structures the MMU uses. (source) Feel free to let me do my own research, but anyone have a good tutorial on relocation? (Maybe I'll write one if I figure it out.) Or at least any other tips, about what constraints you have to account for and maybe pitfalls you could encounter, would be nice. I need to learn more about the ARM instruction set, how memory is laid out, and how the MMU works, in any case.
By the way, this looks to be a pretty good thread for an overview of how to hard SPL (possibly the most informational single thread I've found so far.) I've actually been researching this for a month or so (before I started this thread), and had read only the first post (which has a good collection of links) before, but now I see the whole thing is a good summary of the issues involved. The first several pages after that drop some tool names and convey an overview of the process.
stepw said:
Adapting SPL by patching is a lot less time consuming than making a flasher from ground up, although the latter is possible too. A Linux based soft-flasher capable of flashing images in native RUU format via USB or from SD could be a real breakthrough... I wasn't following the progress with Android on natively WinMo devices, but if MTD is functional, then NAND interface is there.
Click to expand...
Click to collapse
stepw said:
Cotulla's MAGLDR sounds like a great new development, it includes a recovery kernel with MTD, USB, SD and basic IO support. If it can be built for Topaz, sofltoad it and flash anything you want (subject to MTD driver patching for OOB compatible with the intended OS).
Click to expand...
Click to collapse
...speaking of flashers (or entire bootloaders) built from the ground up. Cool, I'll have to look into this!
Thanks a lot for the pointers! I'm not sure when I'll have time to actually get serious, so maybe this thread will amount to nothing other than a collection of basic information about running unsigned code, but even so, that should be good for XDA.
There are bits and pieces of information around this forum and on various Internet sites, I just googled a decent (although somewhat obsolete) ARM MMU summary in 2 minutes: http://www.renan.org/ARM/doc/MMSAAN.pdf
Good luck!
PS If you need answers for specific questions, try IRC #xda-devs and #htc-linux, there are plenty of knowledgeable people hanging out there...
I don't know if anyone is following this, but if you are, here's an update on my experiments, and some questions if anyone knows/cares to share the answers.
1) (MAGLDR appears to be closed-source and only supports one device, so I didn't look into it very far.) There is some MTD functionality in XDAndroid 2.2 for the Topaz (and probably other XDAndroid varieties.) After what seemed like an eternity of poking around with the terminal and the soft keyboard, I got telnet set up and was able to modprobe the mtd modules and dump portions of the NAND. There weren't any partitions (or, there was only one partition that appeared to be the full NAND bank), so I wonder if that will be a problem. If I remember correctly, I found a "dd" command that dumped a segment of NAND containing the SPL, however it was hard to consistently seek through NAND, so I either don't understand how the offsets and sizes for "dd" work, or something strange was going on. There was no included nandwrite tool, so I haven't tried flashing anything yet. I may not, because I'm unsure of the safety and merits of an Android-based flasher. It would probably be safest to boot into a dedicated barebones environment for this, and most versatile to have it be independent of a PC and ideally even an SD card -- is there enough terminal support in the kernel to have a limited UI? (Perhaps just to choose which file to flash, or confirm the flash.) It would be cool to flash native unsigned RUU files from a general-purpose Linux tool, but would it really be helpful? For new devices coming out, I imagine the SPL is patched before a Linux port is stable enough to flash unsigned ROMs. For current devices, the SPL is already there and a safer choice. Any thoughts?
2) After more thought than it should have took , I figured out a quick-and-dirty way to do relocation. I just replaced every 32-bit value in the SPL binary that fell between the virtual SPL base address and the end (which I'm not sure how far to extend, but am working with 1MB right now), with the rebased value. (Excluding the base address given in the MMU table.) There were about 2,500 occurrences, and I wonder if some of them weren't actually offsets. I'll have to think about a way to automatically detect this, or manually verify that each rebased value in the disassembly is actually an offset. For now, my goal is just to see a soft-loaded tri-colour screen, so I didn't worry too much about whether I rebased things that shouldn't have been. (I guess the tricky part is I may never see that screen if I relocated something wrong.)
After some time trying to debug this, I discovered that JumpSPL seems to be flaky, which would make development a nightmare. The same binary will do different things (like hang in WinMo, hang with screen blacked-out, reboot into stock SPL) on successive runs. Some of this is likely due to an incompletely relocated binary, and intentional hangs or reboots that I was adding to try to diagnose what was going on (writing to the framebuffer didn't seem to work; maybe I have the wrong address), but even with a known-good binary (OliNex's SSPL), JumpSPL won't consistently launch it. I can only guess that's because it was written on the assumption that Windows wouldn't touch the memory it was loading into (historically 0x00000000 -- but does Windows really not use that? if the memory is MPU'd Windows obviously can't write to it, but what about when JumpSPL was originally written?) I can't be entirely certain yet (I only tried 2 or 3 times so far), but it looks like the JumpSPL variant bundled with the HardSPL installers is more stable. I patched in my soft SPL overtop theirs and was getting more consistent results. Any thoughts on JumpSPL'ing a relocated SPL?
I've also tried just patching the MMU table instead of relocating, with no success; possibly due in part to JumpSPL not always working. Cmonex has mentioned this won't work in some cases, though, so I'm not going to invest a lot of time.
Great progress there, joeyhewitt!
Personally I never used JumpSPL and cmonex'es variant always seemed a bit convoluted to me, but perhaps that's what it takes to run it from under WinMo. After a lot of playing with it, I was able to achieve reliable results with the following (albeit only on Blackstone and running from within SPL, not from WinMo, and I never tried this on any other devices as I don't own any):
Code:
.code 32
NOP
# Disable interrupts (FIQ/IRQ)
MRS R0, CPSR
ORR R0, R0, #0xC0
MSR CPSR_c, R0
# Invalidate i-cache and d-cache
MOV R0, #0
MCR p15, 0, R0,c7,c5
MCR p15, 0, PC,c7,c14
MCR p15, 0, R0,c7,c10, 4
# Load jump address
ADR R0, _jump
# Reset MMU
MOV R1, #0x70
MCR p15, 0, R1,c1,c0
NOP
MOV PC, R0
# This is executed from physical address
_jump:
MOV R0, #0
# Invalidate TLBs
MCR p15, 0, R0,c8,c7
# Jump to loader
LDR R0, _loader
MOV PC, R0
# This should be physical address
_loader: .int 0x00000000
Once MMU is reset and execution continues from physical address, Windows should not interfere with JumpSPL in any way, as it runs in virtual space that's invalidated with MMU reset.
I think a relatively easy way to test how far the process goes is to add code to blink a led via GPIOs and then place it in your softspl. If you can blink from HaRET or XDAndroid, then should be doable from softspl too.
G'luck!
OliNex also do offer free HardSPL´s to contributor XDA members, it´s like an exchange, if you have not contributed to the community you can always contribute with a very very tiny small donation fee
Hello,
Been waiting for one free hardspl licence for my topaz. Posted ticket in OliNex website and also sent pm to cmonex 3 weeks back but yet no responses.
And I don't know what to do next but have very interest in cooking roms for it too.
These ppl made the most important thing which starts 'custom ROM upgrade' and so users can have latest stuffs and gave developers and/or ROM chefs an approach to cook custom roms and enjoy.
Although these ppl worked very very hard since many years, an better support is essential yet. Mostly on the payable things. I see there is no support for topaz hardspl, no matter its free or payable or atleast it was better if you could release free hardspl for topaz like other devices.
Thanks...
Best Regards
OK, I haven't worked on this for awhile, and I don't think it's likely I'll finish anything. In addition Cmonex asked that I not release a patched SPL, which is fair since she was nice enough to share some insights with me, too. Perhaps when I'm in the mood for low-level stuff again, I can finish it for my own fun, or I could release some more general-purpose tools. For now I will post what I have that could be useful to others.
I found that the SPL area in RAM can be unprotected with these HaRET commands:
pfw 0xA8250800 1 0
pfw 0xA8240800 1 0
(source)
(Actually I think only the first one is necessary to enable writing to physical address 0. I don't know what size of memory is affected.) These apparently correspond with the AXIGS and AXIGE (subtract 0x800 to get a base address), which I don't really know about, but you can probably learn more about by reading (XD)Android source or htc-linux logs, etc.
I had hoped this would allow me to soft-boot an unmodified SPL, but it seems besides relocation, there are some hardware-initialization patches that need to be made to allow the SPL to work with the hardware as it is after a complete WinMo bootup (cmonex confirmed this.) I couldn't get anything with GPIOs working for debugging my patched SPL; not sure why. (They worked in HaRET, but not in the SPL. And I think was using the SPL's virtual addresses correctly.)
I was disabling protection using the above in HaRET, executing the attached HitBLKey.exe, and using JumpSPL. HitBLKey.exe is HTC's enterbootloader.exe patched to only set whatever magic flag it does to signal that the bootloader be entered, but not to reboot the phone. (Pretty easy to make if you have a disassembler, the little bit trickier part was un-signing the executable so that it will run even though modified.) (Getting my SPL working at all was higher priority than having it enter the tri-colour screen automatically. I think this method also has advantages when your patched SPL is likely to hang or reboot; you'll always go through the stock tri-colour screen so you'll be more certain about what happened.)
I don't have many specifics about using Android, other than to say I was able to read NAND by inserting the MTD module into the XDAndroid kernel, and passing an "mtd_partition" (I think) parameter describing the partition layout as gathered from either itsutils or with an info command in the SPL. I wasn't able to reliably determine the offset of anything specific (like the SPL), and I never tried writing to flash.
Edit: I'm also attaching a dummy .exe header that helped me in disassembling SPLs in the demo version of IDA Pro. Prepend it to the beginning of a .nb file, name with .exe as the extension, and load into IDA as a Windows Mobile application.
Wondering if it's worthwhile before I invest time in creating a Mac OS X VM + Xcode to port my android apps to iOS.
lapucele said:
Wondering if it's worthwhile before I invest time in creating a Mac OS X VM + Xcode to port my android apps to iOS.
Click to expand...
Click to collapse
just realised this may be the wrong subforum to post the above question. Could this thread be moved?
lapucele said:
just realised this may be the wrong subforum to post the above question. Could this thread be moved?
Click to expand...
Click to collapse
Actually I clicked on here thinking myself that this was for "application porting" as I came from the front page, and then it wasn't till I saw you replied to your own thread with the above that I realised? I think there is a bug in the forums, not you posting in the incorrect location?
Anyway to discuss your topic, I have recently downloaded all the necessary stuff to do as you are considering. One thing to be careful of is the fact that Apple from my understanding will give you their wrath if they find out.
Apple software is ONLY to be run on Apple hardware, If they find out (and they have their ways from what I have heard) you instantly banned for life. I guess nothing stopping you starting again, but remember your app is pulled and you kind of couldn't get away with releasing it under a different name account again later on without them knowing?
There's always the cydia market place which I hear is still fairly profitable...up until recently I wasn't even aware that is was a paid market place, I had always been of the impression that it was a hackers market for people who 1) mod their device tweak it like us android users 2) jailbroken (but stock and no alternative to iTunes) 3) People who pirate apps.
However i have learned that it has quite a following an even some developers release on both iTunes and Cydia.
Anyway just my thoughts. I am in contact with a developer that is into the whole cydia thing so if you have any questions you want answers for give me a holla
James
Jarmezrocks said:
Actually I clicked on here thinking myself that this was for "application porting" as I came from the front page, and then it wasn't till I saw you replied to your own thread with the above that I realised? I think there is a bug in the forums, not you posting in the incorrect location?
Anyway to discuss your topic, I have recently downloaded all the necessary stuff to do as you are considering. One thing to be careful of is the fact that Apple from my understanding will give you their wrath if they find out.
Apple software is ONLY to be run on Apple hardware, If they find out (and they have their ways from what I have heard) you instantly banned for life. I guess nothing stopping you starting again, but remember your app is pulled and you kind of couldn't get away with releasing it under a different name account again later on without them knowing?
There's always the cydia market place which I hear is still fairly profitable...up until recently I wasn't even aware that is was a paid market place, I had always been of the impression that it was a hackers market for people who 1) mod their device tweak it like us android users 2) jailbroken (but stock and no alternative to iTunes) 3) People who pirate apps.
However i have learned that it has quite a following an even some developers release on both iTunes and Cydia.
Anyway just my thoughts. I am in contact with a developer that is into the whole cydia thing so if you have any questions you want answers for give me a holla
James
Click to expand...
Click to collapse
wow thanks for the heads up! i've heard varying stories too. i totally didn't think of the 3rd party app stores.
lapucele said:
wow thanks for the heads up! i've heard varying stories too. i totally didn't think of the 3rd party app stores.
Click to expand...
Click to collapse
Just thought I'd mention as I only heard yesterday, but the newest edition of the app store for Apple is called AppCake for Apple. Apparently Apple is now going about systematically shutting down every 3rd party non-apple owned store including the non so legitimate suppliers of of Apple after market hardware products. That means everyone with anything that connects to an apple product that isn't apple or made by apple is a target. Geeese they don't let up do they? Developers mention that Apple will never be able to shut them down :silly: that they can and will do what they like with their iDevices cause they own them.
Oh and other thing to look out for if you go to Apple/iTunes, is this company Lodsys who are world renowned for being patent trolls who are systematically targeting individual developers for breaches in copy right for, get this......'in app purchasing' they claim that they invented it and are now suing several developers from iTunes (them personally) for using the iTunes supplied SDK for in app purchasing. Apple is doing the right thing and trying to defend these developers but the World IP org and US patents office can't do a god damned thing about it until things hurry up and get pushed through a ballot of senators to have groups like them shut down. Until then they are working their best and fastest with trying to sue as many people as they can! Unfortunately for most its a loosing battle as they don't have the money or resources to fight these bastards so they end up paying up. In an new interview I heard one company claimed it was cheeper to settle for 100K out of court than what it was to commit to defending them selves even though this group targeting them was 100% wrong.
But not meaning to scare you...or anything just keeping you filled in. Me personally I would write them a letter saying 4 words on one line followed by 4 words on a second line "Go f*%# your self" "See you in court" and go seek one of my dad's barrister friends to do it no win no fee. Screw that. I would be flaunting that I have in app purchasing sayin come at me bro
https://www.eff.org/deeplinks/2013/04/app-developers-lodsys-back
https://www.eff.org/deeplinks/2013/05/hey-patent-trolls-pick-someone-your-own-size
https://www.eff.org/deeplinks/2013/...t-patent-trolls-and-not-going-take-it-anymore
Jarmezrocks said:
Actually I clicked on here thinking myself that this was for "application porting" as I came from the front page, and then it wasn't till I saw you replied to your own thread with the above that I realised? I think there is a bug in the forums, not you posting in the incorrect location?
Anyway to discuss your topic, I have recently downloaded all the necessary stuff to do as you are considering. One thing to be careful of is the fact that Apple from my understanding will give you their wrath if they find out.
Apple software is ONLY to be run on Apple hardware, If they find out (and they have their ways from what I have heard) you instantly banned for life. I guess nothing stopping you starting again, but remember your app is pulled and you kind of couldn't get away with releasing it under a different name account again later on without them knowing?
Click to expand...
Click to collapse
No you guys are right. This is for porting apps across platforms, but people seem to confuse it with ROM porting.
Q. I know pretty much zero about iOS, and generally have always been anti apple. Are you trying to say that using something like j2 on lets say a virtual box on windows, is somehow a detectable and bannable offense in apple land? It's late and i might be just be misreading, but would like to know.
Mostly because i picked up a job on an Android app, and have been talking a bit about putting the app out for iphones after I finish up the android version, but don't really know where to begin.
out of ideas said:
No you guys are right. This is for porting apps across platforms, but people seem to confuse it with ROM porting.
Q. I know pretty much zero about iOS, and generally have always been anti apple. Are you trying to say that using something like j2 on lets say a virtual box on windows, is somehow a detectable and bannable offense in apple land? It's late and i might be just be misreading, but would like to know.
Mostly because i picked up a job on an Android app, and have been talking a bit about putting the app out for iphones after I finish up the android version, but don't really know where to begin.
Click to expand...
Click to collapse
My Research and Understanding
Yes that is exactly what I am saying. To run Apple in a VM is in breach of their TOS and Usage policy. It also entitles them to seek prosecution also; so not just a ban from iTunes. Going by Apples past history I wouldn't put it past them? Although now with Tim Cook in charge of things I think Apple is going about things a bit more differently now? For better or worse (people had their opinions of Steve Jobs - personally I disliked him but did appreciate his success and achievements for what they stacked up to be, personal opinions aside it takes a great person to do such) Apple is starting to become a bit more valued in collaborations as this is what Tim Cook always wanted working for Apple that he was never able to have whilst Steve was the master of the helm. Tim Cook was more about getting the job done and sharing. Steve's ongoing vendetta litigations were not Tim Cooks choice and/or advice. He didn't want such things from what I have read? More recently his involvement in legal matters has been observed as retracted and no confronting; he has proceeded to do these actions as part of Steve Jobs dying wishes and nothing more.
As far as I can tell he wants to nothing more than to get things out of the way and over and done with so that he and his company can move on.
My thoughts on this as an observer in the mobile tech industry is that I think Apple has dropped the ball a bit, and it is probably far too little far too late. However with a company with that much money behind it? There's only speculations about what holds in the future of Apple? They are certainly not going away or going to fall in to ruins that's for certain.
What I mean is that, yes there has been a heap of legal stuff seen by Apple and most of it very negative, but my feeling is that this won't be the case here on into the future, so the likelihood of facing a court for breach of Terms of Use are likely to be very small. I am sure that editing a build.prop is considered a breach of Google's TOS for use of a device in their Playstore?
Suggestions
My suggestion is to give it a try I have had some issues setting up my VM but have got all the necessary resources including all the software. I have just become too busy and it is not high on the priority list at the moment. I wanted to try gain an understanding of how Apple detects it's visitors. I mean iTunes is cross platform Windows and Mac (There is no release for Ubuntu or Linux AFAIK? only Wine type hacks) I know when I visit the iTunes webpage I am automatically prompted to download a Windows installer package. So they must have some form of automatic detection? Being that the likes of Virtualbox uses a shared internet connection I would speculate that you would need to choose the correct adapter settings so that your VM is seen to be a running physical machine and not a able to be identified as a shared connection or virtualised connection?
I didn't get this far as my installation has many issues. I still have the VM though for future interest. Feel free to PM me if you give it a try and don't succeed and I am happy to share what things I discovered in my problem solving.
Understanding Limitations for Cross Platform Mobile Development
As for the porting to OS's I believe there are many offerings around now that provide developers with a cross platform arrangement. Essentially only the UI resources need to change and then that plugs into a framework structure for your application to run in. You compile the code individual applications that are specific to the platform but you ARE able to develop your main code independent of the platforms. Languages such as Flex or Rubi on rails are going to be your best bet from my research?
Things You Should Consider
1. Single code repository
2. Individual application frameworks - compilation of application runtime for independent OS type
3. Limitations are stipulated and governed by what is allow at the lowest possible denominator. i.e. You can only build code into your single code repository that can accessed by the functionality of both(or all) platforms. What I mean is that there is no use building a single code repository that uses a function that is limited on one platform and not the other, another example is restrictions dictated to you by the likes of such companies like Apple. They have a strict guidelines and what is potentially available to you may not be in its context. Just because certain functionality is available to you in the Apple platform and you have even seen it in use on Apple devices does not necessarily mean that you can build and release it. In it's context Apple may not like what you are doing with your app and not approve it.
Your single point of code and it entirety has just shrunk in functionality to both devices now. So be careful and Anticipate what you might think the outcome is for your Application facing such scrutinisation and what it could possibly mean for your project as a whole?
On this note I have heard of developers making scripts and add-ons for their said central repository that allows them to restrict things ats compile time. For instance having greyed out selections in menus and a toast like notification to users like "Sorry this functionality is only available to Android users" and things like that.
Hope this helps contribute towards people considering on such ventures. Do your research. Find out what types of apps have been rejected from being published and find the reasons for why?
lapucele said:
Wondering if it's worthwhile before I invest time in creating a Mac OS X VM + Xcode to port my android apps to iOS.
Click to expand...
Click to collapse
I will check it in next week
Hi Folks:
I'm afraid I rooted a couple of my devices via Kingo a couple weeks ago and only now am I learning of the various confirmed/potential consequences. Based on feedback from a couple programmers and developers, coupled with what I've seen in some of the forums, this application employs its exploit as a guise not only to obtain personal information on the device, but also the PC. Furthermore, from what I understand, it installs very questionable, unnecessary material on one's PC that enables KINGO to track a user indefinitely.
In any case, I want to ensure that I can verify the material that was installed on my PC/phone and to greatest extent possible, remove all traces off my PC. That's my first objective. Second, I'd like to address my device in much the same capacity. Unfortunately, I'm quite lay when it comes to technical matters of this nature and thus I reach out to the community for guidance.
Thanks!
rhetorician said:
Hi Folks:
I'm afraid I rooted a couple of my devices via Kingo a couple weeks ago and only now am I learning of the various confirmed/potential consequences. Based on feedback from a couple programmers and developers, coupled with what I've seen in some of the forums, this application employs its exploit as a guise not only to obtain personal information on the device, but also the PC. Furthermore, from what I understand, it installs very questionable, unnecessary material on one's PC that enables KINGO to track a user indefinitely.
In any case, I want to ensure that I can verify the material that was installed on my PC/phone and to greatest extent possible, remove all traces off my PC. That's my first objective. Second, I'd like to address my device in much the same capacity. Unfortunately, I'm quite lay when it comes to technical matters of this nature and thus I reach out to the community for guidance.
Thanks!
Click to expand...
Click to collapse
Your PC will have to be cleaned very well.
Your phone will wipe it go back to stock and root away
TWEAKED 2.0
BACARDILIMON said:
Your PC will have to be cleaned very well.
Your phone will wipe it go back to stock and root away
TWEAKED 2.0
Click to expand...
Click to collapse
Roger that. I feel pretty comfortable rescuing my devices. It's the PC I'm worried about. What, exactly, does "very well" entail? Do you recommend a particular program? So far, Microsoft, McAfee, and Iobit all fail to identify potential vulnerabilities.
rhetorician said:
Roger that. I feel pretty comfortable rescuing my devices. It's the PC I'm worried about. What, exactly, does "very well" entail? Do you recommend a particular program? So far, Microsoft, McAfee, and Iobit all fail to identify potential vulnerabilities.
Click to expand...
Click to collapse
I am a security freak so you can't go by me. My step would be a full wipe on PC. But that is so extreme. I think is u use good virus protection and a reg checker/ cleaner you should be good. But I am not a pro. You might need to check in PC forums
TWEAKED 2.0
I had my PC checked by many friends who are in the security business and they found nothing after using it. Since I have wiped and installed Linux but they found nothing on my system after using it
Temasek CM11 & Yank Powered SM-N900T
I don't know if I'd go so far as to install Linux (unless, of course, that works for you and your needs...then I would recommend the idea highly)...but to guarantee any level of success I would absolutely insist on a complete repartition and reformat of your hard drive (and an ODIN flash of the complete factory restore image....bootloader, recovery and all)
If there is any residual risk of compromise I would expect virus scanners to pick it up (but not McAfee or Norton...they are the most popular therefore the most targeted for compromise)....AVG, Kaspersky, Avira....Just like Opera is the most secure browser or OSX and Linux are the most secure OSs. It's not that it's necessarily the most inherently secure options but they are also representative of the smallest fractions of the market therefore they are less attractive. The effort required to compromise them would be better spent on a more popular attack surface.
If your personal information and device performance means a goddamned thing to you WIPE EVERYTHING AS THOROUGHLY AS POSSIBLE. I am not kidding, I am not overstating the situation in the slightest. Do as I say.
To do anything less is to consider your personal information (top priority) and device performance (secondary priority) less than important.
Seriously now, does anybody have shred of evidence Kingo is a virus, besides hears says? Don't anti virus companies have a place to submit suspicious programs for evaluation? Did anybody with proper tools run trace to see what exactly Kingo is doing? There are tools to see registry entries made by Kingo and what they mean, there are ways to trace program etc I really would like to see some hard evidence or at least link to it.
daneurysm said:
I don't know if I'd go so far as to install Linux (unless, of course, that works for you and your needs...then I would recommend the idea highly)...but to guarantee any level of success I would absolutely insist on a complete repartition and reformat of your hard drive (and an ODIN flash of the complete factory restore image....bootloader, recovery and all)
If there is any residual risk of compromise I would expect virus scanners to pick it up (but not McAfee or Norton...they are the most popular therefore the most targeted for compromise)....AVG, Kaspersky, Avira....Just like Opera is the most secure browser or OSX and Linux are the most secure OSs. It's not that it's necessarily the most inherently secure options but they are also representative of the smallest fractions of the market therefore they are less attractive. The effort required to compromise them would be better spent on a more popular attack surface.
If your personal information and device performance means a goddamned thing to you WIPE EVERYTHING AS THOROUGHLY AS POSSIBLE. I am not kidding, I am not overstating the situation in the slightest. Do as I say.
To do anything less is to consider your personal information (top priority) and device performance (secondary priority) less than important.
Click to expand...
Click to collapse
LOL wasn't recommending Linux but yes I only installed win 8 to use kingo then back to Linux which is all I have used for years
Tweaked & Lean SM-N900T
The only security concern was their collection of your IMEI number. However, they removed this shortly after being contacted about it. As it currently stands, there are no known risks of using this program.
That and using some public chinese website to store all the software fixes for all different devices, at least as far as I know. This is not some kind of program that appeared from nowhere last night, this was published by Kingoapp technology, or something like that and the program works as advertised. They don't want to publish source code and I don't blame them, maybe they don't want other people to copy their work, maybe they don't want Samsung to patch security holes they found, or maybe they use other developers work, I don't care. I think I read somewhere that none of the 27 or so respectable antivirus programs flag Kingo as harmful and by now somebody should have found something if there was anything to find, especially that there was so much suspicion and controversy. There is always a risk when you download software from the web (whole websites could be fake and look official), but I have not seen one single proof Kingo was harmful in any way from anybody yet and I'm sure many people used it already.
This is all a red herring. The IMEI collection was the really only issue and they stopped that fairly quickly.
krelvinaz said:
This is all a red herring. The IMEI collection was the really only issue and they stopped that fairly quickly.
Click to expand...
Click to collapse
So it's safe to use?
I was planing to root my note 3 and kingo seems good was just worried.
xile6 said:
So it's safe to use?
I was planing to root my note 3 and kingo seems good was just worried.
Click to expand...
Click to collapse
I have encountered 0 problems using it. Used on my note and both of my note 3's. No problems PC or device wise. And there is no proof of KingoApp doing anything malicious, just hearsay.