also: some are concerned about serial number being read. it looks like leftover analytics code which will not work.https://twitter.com/chronic/status/758817253655588864 …
more on Pangu: the humorously heavy obfuscation/encryption is nothing malicious, just used to try to hide their exploit method it appears.
-
-
-
on topic of analytics, there is nothing in jb that I would consider invasive (UC). quite common in Chinese apps.https://twitter.com/chronic/status/758817746960330753 …
-
So, do you think that it's time to jb or waiting the English ver would be better? Thanks for your concern Will!
-
current recommendation is that this is OK for a Dev device, maybe not for one with sensitive info though.
-
that was fast BTW, really appreciate your help, I was waiting your advise.
thanks again!
End of conversation
New conversation -
-
-
this is because the bug is very dangerous, obfuscation helps with that.
-
but anyone looking to do damage can go through process of picking it apart (I started, tho reason being wanting to document).
End of conversation
New conversation -
-
-
I don't think it's even that bad. Functions don't seem to have been flattened. I can follow it statically, but laboriously.
-
“encryoted” part I got without issue but parts like the input to IOKit bits would be indeed laborious to figure out manually.
-
Just statically yeah, it'd be horrible, but maybe okay with http://blog.quarkslab.com/deobfuscation-recovering-an-ollvm-protected-program.html …
End of conversation
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.