What's new

India's viral TikTok rival Desi Version ‘Mitron installed by 5M indians.... is made in Pakistan

Shahzaz ud din

Shahzaz ud din

SENIOR MEMBER
Joined
Jun 12, 2017
Messages
7,877
Reaction score
14
Country
Pakistan
Location
Canada
India's viral TikTok rival Desi Version ‘Mitron installed by 5M indians.... is made in Pakistan

SUSHOVAN SIRCARKARAN SAINIUPDATED: 29 MAY 2020, 07:56 PM IST
TECH AND AUTO8 min read
SHARE, SAVE, COMMENT

  • E
    thequint%2F2020-05%2F1d986c94-702e-4e4b-bc1f-ab3a1574f1ef%2FUntitled_design__1_.png

  • Mitron App, which has recently been in the news for being downloaded over 5 million times and positioned as India’s answer to Tik Tok, may not have been developed by an Indian from IIT Roorkee.

    A detailed analysis and decompiling of the app’s source code by The Quint, has revealed that Mitron, which has ridden high on an anti-China and anti-TikTok sentiment, has, in fact, been rebranded from an app called TicTic, developed by a Pakistan-based company QBoxus.

    Launched on 11 April, the credit for developing the app was given to Shivank Agarwal, a student at IIT Roorkee. Mitron is a short video-making application that allows users to upload short videos of up to 15 seconds.

    It has now emerged that Agarwal has not developed the app himself, as previously claimed in various media reports, but has purchased TicTic’s code and simply rebranded it.A perusal of the decompiled source codes of the two apps has revealed that several strings with TicTic have been left as it is.

    For example, “com.dinosoftlabs.tictic>>Main_Menu>>MainMenuFragment” as seen in the Mitron’s code still contains ‘tictic’.Moreover, “com.dinosoftlabs.tictic” is the Android package name and Google Play Store ID for the app published by Qboxus.

    QBoxus has put the source code of its micro-video sharing app on sale on Code Canyon, a site where one can purchase pre-built sites, scripts, plugins applications and even themes.

    The source code is on sale for $34 or approximately Rs 2,570. Mitron, however, may not even be the sole purchaser. The Tic Tic application source code has been sold 274 times, according to the Code Canyon website.Mitron’s Identical Source Code
    An initial glance at both applications does indicate that certain features might be similar, but that could perhaps be written-off as both of them attempting to emulate the Tik Tok user experience.

    What cannot be written-off as an attempt to emulate the Tik Tok user experience, however, is what decompiling the source code of both applications reveals.

    Both applications share almost exactly the same libraries, as well as several functions named in a completely identical manner.Below, one can see TicTic app’s code, followed by a screenshot of Mitron App’s code.

    thequint%2F2020-05%2Ffffe738b-8530-4abd-a691-474cf3a4c268%2FWhatsApp_Image_2020_05_29_at_12_52_23_PM.jpeg

    TicTic’s library
    (Image: Karan Saini)
    thequint%2F2020-05%2Fc6915f53-fd1d-4e9f-b76a-c1b5b7d66294%2FWhatsApp_Image_2020_05_29_at_12_52_35_PM.jpeg

    Mitron’s library
    (image: Karan Saini)
    More NewsThe Pakistani company has raised two specific issues:
    1. The real author of the app to be acknowledged and credited instead of attributing Shivank Agarwal as the creator of the app.
    2. The absence of any original modifications to the purchased code. “The worst thing is that the developer even didn't bother to fix bugs and issues in the app and directly uploaded it on Play Store, which is really a shame,” he added.
    The Quint has reached out to Mitron App for comments on the claims made by QBoxus along with details the publication has found. The story will be updated once Mitron responds.

    Identical Login Screen
    The login screen for both apps shares an identical schema as well. Both can be seen using “action_login.xml”

    thequint%2F2020-05%2F86e1239c-c921-488b-a015-ecb85f9aa911%2FLogin_Schema_1.png

    action_login.xml for TicTic
    (image: Karan Saini)
    thequint%2F2020-05%2F144666f2-ae71-4e75-ae01-92db225544a7%2FLogin_Schema_2.png

    action_login.xml for Mitron
    (image: Karan Saini)
    TicTic Strings Left Behind in Mitron’s Code
    Further, a ‘change_log’ file present in the decompiled Mitron source code contains the string “com.dinosoftlabs.tictic” – which is the package name of the TicTic application developed and released by QBoxus.

    thequint%2F2020-05%2F358cb52e-a157-42e4-8765-b1682d8ae9ba%2Fthumbnail_image.png

    TicTic’s change_log file
    (image: Karan Saini)
    However, there are some minor differences to be noted in the User Interface (UI).

    The splash screen which welcomes the user to the app differs visually across both. Further, Mitron does not currently allow users to log in via Facebook, whereas TicTic does.Apart from this, the application programming interface (API) for both applications are completely identical, which alone allows one to fully ascertain the claim that Mitron is indeed only a re-skinned iteration of TicTic.

    TicTic’s Security Flaw Also In Mitron
    Regardless, while re-skinned applications are not an entirely new phenomenon, they come with their own drawbacks.

    For instance, a vulnerability that exists in the original codebase is likely to propagate to all other instances of the application and remain unfixed in each and every one of them.

    This is also the case for TicTic and Mitron, as both applications share a common security flaw in the way through which the ‘follow account’ action is handled.The flaw can allow a malicious actor to force other users to follow any given account, simply by tampering with a few parameters on the ‘follow user’ request.


    Mitron Has A Different Backend Though
    Although it would be correct to state that both applications share the same code base, it should be clarified that this does not mean the same backend is shared among both applications.

    The Mitron app’s server and API are located on shopkiller.in, whereas the TicTic application communicates with bringthings.com. This means that both user data as well as uploaded videos for Mitron are stored on a separate server (an Amazon Web Services S3 instance to be specific) in contrast to TicTic.

    This particular application was able to blur the lines between an individually developed platform versus a generic rip-off.This is made evident by the number of people who have so far downloaded and installed the application (a number which is resting at 5 million at the time of publication).

    In the context of Mitron, it’s meteoric rise in popularity can probably be attributed to it being touted as an “Indian version” of Tik Tok.

    (Karan Saini is a security researcher and technologist from New Delhi, India. He works as a product support engineer with Bengaluru-based HasGeek.)

    We'll get through this! Meanwhile, here's all you need to know about the Coronavirus outbreak to keep yourself safe, informed, and updated.

    The Quint is now available on Telegram & WhatsApp too, Click here to join.

    Published: 29 May 2020, 07:48 PM IST

    Follow our Tech and Auto section for more stories.
    One in aQuintillion
    Follow Us On:

    ‘Great Platform’: IT Minister Hails Repackaged & Unsafe Mitron App
    https://thequint.com/tech-and-auto/...-setu-more?utm_source=wru&utm_medium=alsoread

    https://thequint.com/tech-and-auto/...y-concerns?utm_source=wru&utm_medium=alsoread


    https://thequint.com/sports/sports-...-expecting?utm_source=wru&utm_medium=alsoread


 
Last edited:
.
quint and wire are anti india propaganda outlet working for enemies of india .
 
. .
rishav said:
Cheap pakistani labour . Nice . They sold the source code to the Indian company for Rs. 2500 (34$) .
That is like one day salary of an intermediate level Software Developer working in some MNC in India .
Click to expand...
Yes bro u guys are so powerful, 2020 superpower side effects...

rishav said:
Cheap pakistani labour . Nice . They sold the source code to the Indian company for Rs. 2500 (34$) .
That is like one day salary of an intermediate level Software Developer working in some MNC in India .
Click to expand...
On a serious note, scummy people like these in forum just come to post to rile up the other side by childish comments like this. Bringing down the quality of overall forum.
 
. . .
rishav said:
Cheap pakistani labour . Nice . They sold the source code to the Indian company for Rs. 2500 (34$) .
That is like one day salary of an intermediate level Software Developer working in some MNC in India .
Click to expand...
Why it is just $34. The source code is sold cheap in order to encourage people to build around it and develop new stuff...soft of custom ROMs for android. But the Indian guy copied and pasted, and the only thing he changed was the logo....which is fine, except for when touted it as made in India
 
.
rishav said:
Cheap pakistani labour . Nice . They sold the source code to the Indian company for Rs. 2500 (34$) .
That is like one day salary of an intermediate level Software Developer working in some MNC in India .
Click to expand...
If you had read the article, it says that the application was put on sale by pakistani company on code canyon and already 200+ users have purchased the source code of this application. It was not specifically sold to an indian IIT guy.
 
.
Shahzaz ud din said:
Why it is just $34. The source code is sold cheap in order to encourage people to build around it and develop new stuff...soft of custom ROMs for android. But the Indian guy copied and pasted, and the only thing he changed was the logo....which is fine, except for when touted it as made in India
Click to expand...
Yes buying and publishing it as it is absolutely fine . As for touting it as make in India is his marketing choice . He/she wants to take advantage of the current hype up around "make in India"

Voice of patriots said:
If you had read the article, it says that the application was put on sale by pakistani company on code canyon and already 200+ users have purchased the source code of this application. It was not specifically sold to an indian IIT guy.
Click to expand...
Yes still that is cheap for an App's source code (UI) ? Don't you think ? Nothing wrong , that is again their choice . Specially because they are a software dev company . Generally entry level freelancers charge this less .
 
. . .
As long as app is collecting and exporting meaningful data back to Pakistan, we are happy whoever takes the credit

Shahzaz ud din said:
India's viral TikTok rival Desi Version ‘Mitron installed by 5M indians.... is made in Pakistan

SUSHOVAN SIRCARKARAN SAINIUPDATED: 29 MAY 2020, 07:56 PM IST
TECH AND AUTO8 min read
SHARE, SAVE, COMMENT

  • E
    thequint%2F2020-05%2F1d986c94-702e-4e4b-bc1f-ab3a1574f1ef%2FUntitled_design__1_.png

  • Mitron App, which has recently been in the news for being downloaded over 5 million times and positioned as India’s answer to Tik Tok, may not have been developed by an Indian from IIT Roorkee.

    A detailed analysis and decompiling of the app’s source code by The Quint, has revealed that Mitron, which has ridden high on an anti-China and anti-TikTok sentiment, has, in fact, been rebranded from an app called TicTic, developed by a Pakistan-based company QBoxus.

    Launched on 11 April, the credit for developing the app was given to Shivank Agarwal, a student at IIT Roorkee. Mitron is a short video-making application that allows users to upload short videos of up to 15 seconds.

    It has now emerged that Agarwal has not developed the app himself, as previously claimed in various media reports, but has purchased TicTic’s code and simply rebranded it.A perusal of the decompiled source codes of the two apps has revealed that several strings with TicTic have been left as it is.

    For example, “com.dinosoftlabs.tictic>>Main_Menu>>MainMenuFragment” as seen in the Mitron’s code still contains ‘tictic’.Moreover, “com.dinosoftlabs.tictic” is the Android package name and Google Play Store ID for the app published by Qboxus.

    QBoxus has put the source code of its micro-video sharing app on sale on Code Canyon, a site where one can purchase pre-built sites, scripts, plugins applications and even themes.

    The source code is on sale for $34 or approximately Rs 2,570. Mitron, however, may not even be the sole purchaser. The Tic Tic application source code has been sold 274 times, according to the Code Canyon website.Mitron’s Identical Source Code
    An initial glance at both applications does indicate that certain features might be similar, but that could perhaps be written-off as both of them attempting to emulate the Tik Tok user experience.

    What cannot be written-off as an attempt to emulate the Tik Tok user experience, however, is what decompiling the source code of both applications reveals.

    Both applications share almost exactly the same libraries, as well as several functions named in a completely identical manner.Below, one can see TicTic app’s code, followed by a screenshot of Mitron App’s code.

    thequint%2F2020-05%2Ffffe738b-8530-4abd-a691-474cf3a4c268%2FWhatsApp_Image_2020_05_29_at_12_52_23_PM.jpeg

    TicTic’s library
    (Image: Karan Saini)
    thequint%2F2020-05%2Fc6915f53-fd1d-4e9f-b76a-c1b5b7d66294%2FWhatsApp_Image_2020_05_29_at_12_52_35_PM.jpeg

    Mitron’s library
    (image: Karan Saini)
    More NewsThe Pakistani company has raised two specific issues:
    1. The real author of the app to be acknowledged and credited instead of attributing Shivank Agarwal as the creator of the app.
    2. The absence of any original modifications to the purchased code. “The worst thing is that the developer even didn't bother to fix bugs and issues in the app and directly uploaded it on Play Store, which is really a shame,” he added.
    The Quint has reached out to Mitron App for comments on the claims made by QBoxus along with details the publication has found. The story will be updated once Mitron responds.

    Identical Login Screen
    The login screen for both apps shares an identical schema as well. Both can be seen using “action_login.xml”

    thequint%2F2020-05%2F86e1239c-c921-488b-a015-ecb85f9aa911%2FLogin_Schema_1.png

    action_login.xml for TicTic
    (image: Karan Saini)
    thequint%2F2020-05%2F144666f2-ae71-4e75-ae01-92db225544a7%2FLogin_Schema_2.png

    action_login.xml for Mitron
    (image: Karan Saini)
    TicTic Strings Left Behind in Mitron’s Code
    Further, a ‘change_log’ file present in the decompiled Mitron source code contains the string “com.dinosoftlabs.tictic” – which is the package name of the TicTic application developed and released by QBoxus.

    thequint%2F2020-05%2F358cb52e-a157-42e4-8765-b1682d8ae9ba%2Fthumbnail_image.png

    TicTic’s change_log file
    (image: Karan Saini)
    However, there are some minor differences to be noted in the User Interface (UI).

    The splash screen which welcomes the user to the app differs visually across both. Further, Mitron does not currently allow users to log in via Facebook, whereas TicTic does.Apart from this, the application programming interface (API) for both applications are completely identical, which alone allows one to fully ascertain the claim that Mitron is indeed only a re-skinned iteration of TicTic.

    TicTic’s Security Flaw Also In Mitron
    Regardless, while re-skinned applications are not an entirely new phenomenon, they come with their own drawbacks.

    For instance, a vulnerability that exists in the original codebase is likely to propagate to all other instances of the application and remain unfixed in each and every one of them.

    This is also the case for TicTic and Mitron, as both applications share a common security flaw in the way through which the ‘follow account’ action is handled.The flaw can allow a malicious actor to force other users to follow any given account, simply by tampering with a few parameters on the ‘follow user’ request.


    Mitron Has A Different Backend Though
    Although it would be correct to state that both applications share the same code base, it should be clarified that this does not mean the same backend is shared among both applications.

    The Mitron app’s server and API are located on shopkiller.in, whereas the TicTic application communicates with bringthings.com. This means that both user data as well as uploaded videos for Mitron are stored on a separate server (an Amazon Web Services S3 instance to be specific) in contrast to TicTic.

    This particular application was able to blur the lines between an individually developed platform versus a generic rip-off.This is made evident by the number of people who have so far downloaded and installed the application (a number which is resting at 5 million at the time of publication).

    In the context of Mitron, it’s meteoric rise in popularity can probably be attributed to it being touted as an “Indian version” of Tik Tok.

    (Karan Saini is a security researcher and technologist from New Delhi, India. He works as a product support engineer with Bengaluru-based HasGeek.)

    We'll get through this! Meanwhile, here's all you need to know about the Coronavirus outbreak to keep yourself safe, informed, and updated.

    The Quint is now available on Telegram & WhatsApp too, Click here to join.

    Published: 29 May 2020, 07:48 PM IST

    Follow our Tech and Auto section for more stories.
    One in aQuintillion
    Follow Us On:

    ‘Great Platform’: IT Minister Hails Repackaged & Unsafe Mitron App







Click to expand...
 
. . .
Indians have the source code, got it so cheap.. what the heck... no need to cry if u got only few rupees, smart people makes hay when sun shines. Do develop more, we can market it
 
.

Similar threads

ghazi52
LHC orders removal of Nadra chairman citing ‘unauthorised appointment’
Replies
0
Views
545
ghazi52
ghazi52
艹艹艹
Thailand’s Bold New Visa-Free Policy Is Surging Indian Tourist Arrivals
Replies
0
Views
466
艹艹艹
艹艹艹
D
KNDS sucessfully tests new Ascalon 140mm gun future main weapon of MGCS.
Replies
1
Views
1K
LegionnairE
LegionnairE
ghazi52
Suo motu — a distorted instrument rendered unrecognisable in Pakistan
Replies
0
Views
410
ghazi52
ghazi52
ghazi52
Keeping parliamentarians in luxury costs Pakistan Rs27.67 billion per annum
Replies
1
Views
570
ghazi52
ghazi52

Latest posts

Pakistan Defence Latest Posts

Pakistan Affairs Latest Posts

Military Forum Latest Posts

Country Latest Posts

Back
Top Bottom