1. How Do I stop these insane toast messages that keep popping up all the time?
    • Open Settings > SuperSU# and select ZooKeeper.  Make sure it's set to Grant (not Ask), and set Notifications to Disabled.  You'll have to set this again if you upgrade the App.
  2. Is this thing secure?  What security issues are there?
    • Android has an odd security model where instead of protecting apps from the user, but rather the apps are protected from each other.  One app can't see the other's data.  This sounds like a great thing, but it causes a huge problem.  Consider a text editor.  It can only edit text files that it creates and stored in its own private area, or it stores them into a public area.  Because every app is a user, the standard Linux user security is bypassed in public directories.  So, there is no way to allow an Android text editor to edit a file without also giving everyone else access to the file.   Who else?  Well.  A rogue program could see that you are running WildLife, assume you use ZooKeeper, and then add a line to your crontab file.   That file now gets run as root, even bypassing "su" because cron is run from init.d on boot, so it already had root from the beginning!  Not likely, but there is the hole!
  3. Are the updates signed?  Can someone flash stuff into my phone?
    • This is another issue.   In order to make this work, we would need to have the signing keys secret and proper public keys added to a "secret" place on the phone.  The OTA app would need to install these keys on almost every boot, so it would also need to be signed and made closed-source to prevent people from injecting new keys.   Its my intent that the source be open, all cards on the table.   If some rogue app opens a ZIP before you flash it (almost impossible with auto-reboot turned on) and sneaks in a file, they could get it flashed onto your system.   Don't let rogue apps onto your system, and feel free to change your Download directory to make this harder.   You've flashed ROMs you've downloaded with signature checking turned off before, and this is no different.  Key Signing is great for corporations, but leads to lower security overall in the face of open-source.
  4. Can I use this program with other ROMs?
    • Sure.  You'll have to package up your own updates.  There is a "Method" file that describes how the update process works.   Then change the Mirror URL to your own server and you are off.   The animal thing should be changed, but you can use whatever images you like, and if the names are of things on Wikipedia, then the hyerlinks will work fine.
  5. Will changes I made stop the updates from working?
    • Most OTA systems use a form of update that utilizes binary deltas.  There isn't anything stopping this program from doing a binary delta style of upgrade, but I personally favor whole-file updates instead.  They aren't that much larger, and its a lot more reliable.  Further, a small script detects if the file exists before overwritting it so it won't magically install files on an update (if it does, please report it to me!).    Deltas mean that any change can stop the update from working, where whole-file means you can safely downgrade.  If you ever had a system that refused to do downgrades, this is why!
  6. Will you release the source?