Related
Because it's not very clear even after reading many xda Thread, and users have many problems withknox I deciced to gather informations about Knox.
1 :What is Knox?: http://omegadroid.co/wanted-knox-void-warranty-0x1/
All you wanted to know about KNOX Void Warranty 0×1
By tamirda • October 9, 2013
Screenshot_2013-02-25_11_35_AM
Recently, Samsung announced that her all new devices will get an Android 4.3 update that includes KNOX Security system. According to Samsung, these devices will get the update:
Samsung Galaxy S3
Samsyng Galaxy Note II
Samsung Galaxy S4
Samsung Galaxy Note 3 (already has KNOX Security system)
Most of the users don’t root their devices and use it normally and for them KNOX Security system is a great option.
But what happanes if we want to root our device?
Now the problem begins.
Normal(unrooted and so..) devices are flaged as KNOX Void Warranty 0×0 right from the factory.
When we flash items which weren’t signed by Samsung, it flags your device as KNOX Void Warranty 0×1.
According to Chainfire, KNOX status is indeed an eFuse. This means that even JTAG can not reset the KNOX status back to 0×0.
Some facts about KNOX status:
It isn’t possible to downgrade to KNOX-disabled firmwares/bootloaders (An attempt sets 0×1) (even though some people state, downgrade is possible when omitting the bootloader file in a firmware package). By downgrading from KNOX-enabled to KNOX-disabled firmware, your devices will be locked to installation of newer firmwares.
Let’s focus on that fact. As we mentioned above, Devices like S4, S3 and Note II which came without KNOX will get the KNOX system.For example, S4 I9505 got about a month ago 4.2.2 update that includes KNOX-enabled system(MH1). If you try to downgrade to KNOX-disabled system(MGA for example) your device will be flaged as KNOX Void Warranty 0×1 and will get a special lock – you won’t be able to update to any KNOX-enabled firmware even by ODIN. Samsung’s 4.3 update is KNOX-enabled, so if you tried to downgrade to KNOX-disabled firmware(for example MH8->MGA), you won’t be able to install 4.3 update.
This problem is only for devices which didn’t come with KNOX-enabled system from the factory(S4, S3 and Note 2)
Jeffery Butler confirmed this information:
FYI…Samsung told me that Knox warranty becomes 0×1(void) when the device with secured bootloader attempts to have non-secured bootloader. MH1 is the very first binary with secured bootloader. If MH1 is attempted to be downgraded to lower version(i.e. MGD) which has non-secured bootloader, then Knox warranty becomes void forever, and this means that the device can be used only for non-Knox device(no container can be created).
If you try to downgrade to KNOX-disabled firmware, you can’t install any new firmaware(that includes KNOX-enabled system) and use your device only with the old firmwares.
Even if you flash a KNOX-enabled firmware via odin (e.g. the latest fw) knox will be set to 0×1.
Flashing unsigned or modified images via odin will set knox to 0×1.
According to these two, flashing root/kernel/recovery/latest firmware by samsung/etc. will set KNOX status to 0×1.
Samsung stated, resetting the flag is impossible.
Chainfire confirmed that it is impossible to reset the flag.
KNOX is mandatory and can not be completely removed.
In custom roms we can remove KNOX apps, but the status remains 0×1.
Warranty Void is not a counter, it is a flag (0,1). We have never seen 0×2 or so.
Mirroring all partitions from a clean 0×0-Device to a 0×1-Device via JTAG produces an unfunctional device (reversible by restoring the 0×1 partitions on the phone).
Using JTAG or other repair tools to reset the flag is impossible.
KNOX bootloader verifies signatures of kernels and recoveries. No custom ones possible without voiding the knox warranty.
Again, if we flash kernel/recovery/etc. we will void the warranty.
This si how 0×1 looks like:
2rn7beq.jpg
This is how 0×0 looks like:
attachment.php
I guess you are asking yourself now, what the hell 0×1 means?
If your device is flageed as 0×1. you should forget about your warranty.
Chainfire and other people confirmed that your can’t use your warranty:
Worse than that, I’ve also been hearing that service center instructions are indeed that devices with this status tripped will not receive any warranty repairs. (Of course, the action they take may still depend on the service center). Their excuse is that the hardware is damaged by the owner. Seems Samsung is catching up in scumbaggery to HTC, who years ago attributed my HTC Diamond’s screen damage (digitizer detached) to the installation of HSPL
To anyone in the know it is obvious that this doesn’t really fly, and the eFuse blowing (is this the hardware damage?) is intentionally done by the bootloader when unsigned software is loaded.
If you want to read the whole Chainfire’s statement, click here.
What is eFUSE? it’s a technology that allows reprogramming a read-only memory chip in real-time, even though such chips come with hard-coded code that cannot be generally changed after manufacturing.
When flashing unofficial software on the device, the status of the system and KNOX is switched to CUSTOM while increasing a binary flash counter, which helps Samsung find out whether the device has been tampered with. However, while Chainfire’s TriangleAway app has let users switch the status back to official and reset the flash counter until now, the KNOX status is based on eFUSE – basically, once you flash custom kernels or root the Note 3, the KNOX code gets rewritten, and this constitutes hardware damage.
Well, all I can say is think twice before you play with your Samsung device. If you don’t care about warranty, and you like custom roms and cool stuff just be aware of this information and continue with what you are doing.
Rajaasim1980 said:
KNOX is a new security system in official update of Android 4.3
on Samsung devices which prevents access to multiple applications when rooting your device and prevents the flash counter being reset to 0
Click to expand...
Click to collapse
theq86 said:
As you may already know, the latest Samsung firmwares came with a new secured bootloader. You can recognize it in download mode easily. It states: Knox warranty void: 0x0 or 0x1.
As for now, there is no way to reset that flag from 0x1 to 0x0.
Then I read in a comment of Chainfires post concerning that flag, that as long as you do not try to downgrade to a non secured bootloader, this flag will not change. He claims to have that information directly from Samsung.
https://plus.google.com/u/0/+Chainfire/posts
Has anyone already experience with rooting an "untouched" S4 which has the secured bootloader and can confirm or decline that?
- - - - - - - - - -
Conclusions and Facts about KNOX-enabled firmwares (based on statements from chainfires post and it's comments above, ans based on this thread)
Not possible to downgrade to KNOX-disabled firmwares/bootloaders (An attempt sets 0x1) (even though some people state, downgrade is possible when omitting the bootloader file in a firmware package: see http://forum.xda-developers.com/showthread.php?t=2444671, not confirmed)
Even if you flash a KNOX-enabled firmware via odin (e.g. the latest fw) knox will be set to 0x1
Flashing unsigned or modified images via odin will set knox to 0x1
Samsung stated, resetting the flag is impossible
KNOX is mandatory and can not be completely removed
Warranty Void is no counter, it is a flag (0,1) it was never seen 0x2 or so
Mirroring all partitions from a clean 0x0-Device to a 0x1-Device via JTAG produces an unfunctional device (reversible by restoring the 0x1 partitions on the phone)
KNOX bootloader verifies signatures of kernels and recoveries. No custom ones possible without voiding the knox warranty
Assumptions on how KNOX flag in bootloader works:
Some experts think, an eFuse is involved. (http://en.wikipedia.org/wiki/EFUSE). An eFuse is mostly only incremential. Even unwriteable by low level tools or JTAG. But it is still not proven, that eFuse is used.
Knox technical information:
https://www.samsungknox.com/overview/technical-details
Click to expand...
Click to collapse
2: Can i downgrade the bootloader?
cosmyndemeter said:
from mj5 bootloader downgrade is possible, read this for newest than mj5 downgrade not possible!
do not try! you can brick your phone forever!!!
Click to expand...
Click to collapse
3:Can i install custom roms?
DeepankarS said:
You can do any customization on your phone like a normal phone, but customizing it means that you have triggered the KNOX counter to 1. Thus on a stock rom you can never use KNOX if KNOX reads 1.
FYI the MK4 (bootloader) or MJ9 (babseband version) has blocked installation of any custom roms on our n7100s via odin. You cannot even downgrade to 4.1.2 official via odin, So flashing via recoveries is the only way left.
And also it is recommended that you install custom roms via Philz/TWRP/CWM recoveries to flash custom roms and everything.
Hope the lil knowledge helped.
Click to expand...
Click to collapse
4 Can i root my note 2 with 4.3 knox?
Yes, but there are chances to trigger the KNOX counter to 1
yeminswe said:
4.3 root
http://forum.xda-developers.com/showthread.php?t=2540761
http://forum.xda-developers.com/showthread.php?t=2573576
>D
Click to expand...
Click to collapse
If you see any questions about knox, post here we will answer.
number 1 link is error,not found.
what about knox container ?
sora9009 said:
number 1 link is error,not found.
what about knox container ?
Click to expand...
Click to collapse
Link fixed.
Thanks
What about kernels?
Smack that thanks button if I helped!
Note 2 LTE powered by Illusion ROM and Plasma Kernel.
Sent from dat small country called Singapore.
P.S. replies with quotes will be replied to faster.
Irwenzhao said:
What about kernels?
Smack that thanks button if I helped!
Note 2 LTE powered by Illusion ROM and Plasma Kernel.
Sent from dat small country called Singapore.
P.S. replies with quotes will be replied to faster.
Click to expand...
Click to collapse
KNOX bootloader verifies signatures of kernels and recoveries. No custom ones possible without voiding the knox warranty
Is there any way to get the knox back to 0 from 0x1????
Sent from my GT-I9500 using Tapatalk 4 - Hassan K. Malik
HassanM said:
Is there any way to get the knox back to 0 from 0x1????
Sent from my GT-I9500 using Tapatalk 4 - Hassan K. Malik
Click to expand...
Click to collapse
Not yet,although note 3 has been reported to somehow reverse it but that's just wishing too much.
singhpratik87 said:
Not yet,although note 3 has been reported to somehow reverse it but that's just wishing too much.
Click to expand...
Click to collapse
On the note 3 it's done by special bootloader leaked by sammy. The only chance for the note 2 is if note 2 bootloader is leaked. No other way.
Sent from my GT-N7100
I dont care about warranty , all i care that , if i installed a custom rom and the Knox bit is set to 0X1 and i want to get back to the stock , can i install Knox again or not ? because i like the knox idea
hazemsalah said:
I dont care about warranty , all i care that , if i installed a custom rom and the Knox bit is set to 0X1 and i want to get back to the stock , can i install Knox again or not ? because i like the knox idea
Click to expand...
Click to collapse
Once your counter goes to 1 no more Knox app , it can't be used anymore.
Sent from my GT-N7100
gregsarg post :
We have a fix....just not on xda....yet
Mobiletechvideos.com now offers a bootloader downgrade service for our devices. ..
The Knox flags can be reset quite easily according to them....
So if you want the old Knox free phone back....see below and get your anti-knox groove on....
See the product description tab in the middle of the page. ..g
http://mobiletechvideos.mybigcommerce.com/samsung-galaxy-note-2-bootloader-sboot-downgrade-service/
Hmmm it's kinda fishy , but could be true. So you send them your phone ? I don't get it. And all around is jtag heh
Sent from my GT-N7100
note2nooby said:
Hmmm it's kinda fishy , but could be true. So you send them your phone ? I don't get it. And all around is jtag heh
Sent from my GT-N7100
Click to expand...
Click to collapse
Nope i can't risk to send my phone (400 euro), but it looks like they have the solution.I send them mail to ask if i can pay for the file and instruvtions but no answer till now.They want 75 for the reset and 45 for express shipping end delivery.I told them that i am
agree to pay all the ammount for the file.
And one more thing-if i send them phone i can't be sure that they will reset it instead of just replacing MB and write my old IMEI e.t.c
gencho81 said:
Nope i can't risk to send my phone (400 euro), but it looks like they have the solution.I send them mail to ask if i can pay for the file and instruvtions but no answer till now.They want 75 for the reset and 45 for express shipping end delivery.I told them that i am
agree to pay all the ammount for the file.
And one more thing-if i send them phone i can't be sure that they will reset it instead of just replacing MB and write my old IMEI e.t.c
Click to expand...
Click to collapse
I'm quite sure they are using jtag and service bootloader. That's why they need the phone. It's not the same way like the exynos fix for note 3.
Sent from my GT-N7100
I-9192 official status again
i have installed a few weeks later a rooted rom from another forum, and triggered the knox to 0x01 (so i cant receive official updates from samsung)
but, today i needed to reset my phone to factory default, than i was curious to check the phone status, and for my surprise was "Official" again...
i read in various sites that the knox flag cannot be reverted... is that true?
the files i was used to root:
Odin 3.09
Kernel_root_I9192.tar
SuperSU_1.41.zip
the only bad thing is that i lost my root
anyone have the same result just reseting the phone?
thx and sorry for bad english
Soooo. As far as i know the knox wont get updates from Samsung and Block using knox app? And what features are lost from a triggered knox? I flashed the original firmware again and all its ok so far. Theres any blocked feature that o didnt realize?
Need help
I've a s4mini 19192 and today I flashed samsungs official KitKat update to my phone... I tried to root it like I rooted the 4.2.2 update... But can't do.... Then I decided to downgrade to the old version 4.2.2 but odin says can't.... And fails... Someone can help me?
Is it possible to check when the flag was triggered?
I was sold a GN3, in witch the KNOX flag was already set* and I'm trying to avoid a situation in witch the seller will say that I've set the flag.
* not checked beforehand - my mistake - but still I can return it or get a discount under the law
hello..just got the s4 mini dual sim 9192... 2 days back..i was on 4.2.2 indian firmware....checked download mode and it said knox 0*0...now i flashed the 4.4.2 firmware downloaded from sammobile via odin and when i recheck knox is gone....!!!!
just said binary and system which changed from official to custom once i rooted it with CF-root method(nothing else was working...saferoot/towelroot etc)..and as i seem to have read that flashing stock rom reverts these back to official...is it true?
and does this mean that my knox firmware phone has been converted to a non-knox one after kit kat upgrade?
please anyone let me know..thanks
@Fataz bro i have a few questions
I'm currently on FNE2 stock deodexded custom rom with a FNE2 bootloader, when i go download mode it says "KNOX WARRANTY VOID:1"
1 - Does this means Knox is tripped as 0x1
2- Can i install a stock firmware higher than FNE2 from sammobile via odin
GT-N7100 cihazımdan Tapatalk kullanılarak gönderildi
What does this truely mean. I just rooted via ODIN and my flag was tripped 0x1, does the flag geg tripped regardless if you root or install custom roms ?
Sent from my SM-N900T using xda premium
Seriously, there are tons of threads on this. You didn't do any research before rooting your phone?
Once tripped it can't be reset. If you planned on flashing roms, there it's no way around reporting the Knox flag. Now that you have already tripped it, you can't go back.
Whether or not it will effect you depends on how you use your phone, software out hardware issues you may have and if you try to get warrantee repair. For many it it's not a big deal.
I did do my research Im just asking a question maybe there was an update on how to change the void but obviously kot . Thanks anyway. Dont get all hyped thats what xda is for
Sent from my SM-N900T using xda premium
Hi, I got my note 3 recently and all i have done is just root my note 3 so far. but i have been doing some readings. from what i had found is Knox is a software on your phone, i am guessing and this is just a guess if you use the bloatware remover it might delete the knox program and files from your phone. It might trigger a reset on the counter. I remember reading the list of files it deletes, and it delete all of knox files and folder and a bunch of other stuff but you can edit the script to make it only delete the knox. It might delete the counter or reset it. And you can just reinstall it back and see if the counter is back at 0. remember i am just taking a guess here, does any 1 think this might work?
You cannot reset the Knox flag once it had been tripped.
megaearth77 said:
Hi, I got my note 3 recently and all i have done is just root my note 3 so far. but i have been doing some readings. from what i had found is Knox is a software on your phone, i am guessing and this is just a guess if you use the bloatware remover it might delete the knox program and files from your phone. It might trigger a reset on the counter. I remember reading the list of files it deletes, and it delete all of knox files and folder and a bunch of other stuff but you can edit the script to make it only delete the knox. It might delete the counter or reset it. And you can just reinstall it back and see if the counter is back at 0. remember i am just taking a guess here, does any 1 think this might work?
Click to expand...
Click to collapse
Try that and you might blow the efuse they have with removing Knox.
TWEAKED 1.0 NOTE 3
wow didn't know that
megaearth77 said:
wow didn't know that
Click to expand...
Click to collapse
It what chain fire was afraid of and reason why triangle away won't work
TWEAKED 1.0 NOTE 3
krelvinaz said:
Seriously, there are tons of threads on this. You didn't do any research before rooting your phone?
Once tripped it can't be reset. If you planned on flashing roms, there it's no way around reporting the Knox flag. Now that you have already tripped it, you can't go back.
Whether or not it will effect you depends on how you use your phone, software out hardware issues you may have and if you try to get warrantee repair. For many it it's not a big deal.
Click to expand...
Click to collapse
So rude all that extra was not really needed on do your research. You were probably once new to something too
Sent from my SM-N900T using Tapatalk
BACARDILIMON said:
Try that and you might blow the efuse they have with removing Knox.
TWEAKED 1.0 NOTE 3
Click to expand...
Click to collapse
By just deleting Knox? Pretty sure lots of us have removed it by now and not blown any fuse. I deleted it right out of the box and my phone works just fine...
Sent from my SM-N900T using XDA Premium 4 mobile app
Kalm_Traveler said:
By just deleting Knox? Pretty sure lots of us have removed it by now and not blown any fuse. I deleted it right out of the box and my phone works just fine...
Sent from my SM-N900T using XDA Premium 4 mobile app
Click to expand...
Click to collapse
You didn't delete Knox fully or it would not have the counter. Trust me chain fire tried with no success. He has been one of the pioneers in getting things done and could not.
TWEAKED 1.0 NOTE 3
Can someone explain to me what Knox does and why it get's "tripped"?
BACARDILIMON said:
You didn't delete Knox fully or it would not have the counter. Trust me chain fire tried with no success. He has been one of the pioneers in getting things done and could not.
TWEAKED 1.0 NOTE 3
Click to expand...
Click to collapse
I was referring to what I quoted you saying about blowing an e-fuse by removing Knox. I'm not talking about the check component in the bootloader or wherever it's stored - just the software components that are very easily removable, and do not seem to have caused any adverse effects (aside from the arguably undesired Knox 0x1 flag).
---------- Post added at 08:43 PM ---------- Previous post was at 08:37 PM ----------
dinggus said:
Can someone explain to me what Knox does and why it get's "tripped"?
Click to expand...
Click to collapse
It's a component Samsung decided to build into their new phones and Android builds that is allegedly supposed to be helpful for device security, especially when used with a corporate mobile device system.
Currently, if you flash a phone that has Knox installed with non-factory ROM, Recovery software, etc an at-bootup counter is "permanently" tripped indicating that the device has been tampered with.
I put that word in quotes because we all know with enough time and resources someone will surely figure out a way to reset that counter, if not remove it altogether.
SHORT VERSION: it's a piece of garbage that Samsung and Tmo can use to not uphold your warranty (since it technically voids the entire warranty if you flash custom stuff).
Kalm_Traveler said:
It's a component Samsung decided to build into their new phones and Android builds that is allegedly supposed to be helpful for device security, especially when used with a corporate mobile device system.
Currently, if you flash a phone that has Knox installed with non-factory ROM, Recovery software, etc an at-bootup counter is "permanently" tripped indicating that the device has been tampered with.
I put that word in quotes because we all know with enough time and resources someone will surely figure out a way to reset that counter, if not remove it altogether.
SHORT VERSION: it's a piece of garbage that Samsung and Tmo can use to not uphold your warranty (since it technically voids the entire warranty if you flash custom stuff).
Click to expand...
Click to collapse
Guess I'll stay away from Samsung devices then. If I could get a Note 3 that has the camera features and S-Pen, I'd be happy.
Interesting, i got a few question i want to ask. I root my t mobile note 3 recently using the new method that don't trip the knox counter. And i install several apps that require root access. I know if you install custom rom it will trigger the knox, but i won't on my and its still stock at 4.3. My Question is what about apps that require root access? I got ES file explorer, es task manager, game guardian, cachemate for root users free, cpu tuner, and titanium backup, does those trigger the knox? And is efuse short for eletronic fuse? if it is, can't you just replace it to undo the knox?
Apps don't trigger the Knox flag, flashing a kernel roms etc do. Efuse is in the snapdragon processor.
Kalm_Traveler said:
I was referring to what I quoted you saying about blowing an e-fuse by removing Knox. I'm not talking about the check component in the bootloader or wherever it's stored - just the software components that are very easily removable, and do not seem to have caused any adverse effects (aside from the arguably undesired Knox 0x1 flag).
---------- Post added at 08:43 PM ---------- Previous post was at 08:37 PM ----------
It's a component Samsung decided to build into their new phones and Android builds that is allegedly supposed to be helpful for device security, especially when used with a corporate mobile device system.
Currently, if you flash a phone that has Knox installed with non-factory ROM, Recovery software, etc an at-bootup counter is "permanently" tripped indicating that the device has been tampered with.
I put that word in quotes because we all know with enough time and resources someone will surely figure out a way to reset that counter, if not remove it altogether.
SHORT VERSION: it's a piece of garbage that Samsung and Tmo can use to not uphold your warranty (since it technically voids the entire warranty if you flash custom stuff).
Click to expand...
Click to collapse
It voids Samsung warranty not TMOBILE. So ur good for 1 year
TWEAKED 1.0 NOTE 3
Yes, Knox is Samsung thing, T-mo has nothing to do with it and some people already suggested, T-mo doesn't even check Knox flag for replacements etc, at least so far. I asked here before if it's e-fuse and got different answers, so I ask again : are we sure it's e-fuse or we just speculating? The reason is, there was a guy in international forum claiming Samsung reset his Knox flag, which would be not possible with e-fuse. BTW I just updated my old GS3 to 4.3 and it added Knox to it, so I got mad and rooted it to just to delete this stupid Knox, so now how do I check that flag on it? It says custom because is rooted, but where is the Knox flag?
You see the Knox setting when you put your phone in download mode.
As for resetting the Knox flag, I've not seen a confined resetting of it or better said, if it can be done, no one outside of Samsung has been able to do it and prove they have.
So I've been searching around and have not found out the answer to these questions... I'm assuming the answer is "Yes" to the first but want to confirm:
If the KNOX flag is tripped, the KNOX software will no longer work. Ever (assuming we never get a 0x0 reset). Correct?
Now for the next question, assuming "No":
If I use the RDLV to root without tripping KNOX, will the KNOX software still work?
I ask because my company does have MDM and supports KNOX and I may want to use it in the future.
I've been "out of the loop" for quite some time and much has happened to Samsung devices since my last one (Samsung i9000). Basically it is the terror stories about this Knox security thing that mostly concern me and brought me here...
I mean I like this tablet, I trully do, but if I'm robbed by android's main advantage (modifying the thing to suit your needs) then I have absolutely no reason to choose this.
I have already read a a couple of stuff but they are all concerned about s4 and note 3. What about this tablet (the WiFi version), is it ... secured too? Also I'm a bit unclear of what this Knox thing achieves, at first it voids your warranty, second does not let you to flash certain ROMs, but I'm unclear from/on which ROMs this is enabled or even if merely rooting your device would enable this. I mean someone may not be interested in aosp ROMs but still love some "optimized stock + custom kernel" will this Knox thing prevent him even from that?
If this is proved an unmodifiable device I'd think twice for it's usefulness, android's only edge is its "modifiability" remove it and you buy sth 2nd or 3rd tier...
Stevethegreat said:
I've been "out of the loop" for quite some time and much has happened to Samsung devices since my last one (Samsung i9000). Basically it is the terror stories about this Knox security thing that mostly concern me and brought me here...
I mean I like this tablet, I trully do, but if I'm robbed by android's main advantage (modifying the thing to suit your needs) then I have absolutely no reason to choose this.
I have already read a a couple of stuff but they are all concerned about s4 and note 3. What about this tablet (the WiFi version), is it ... secured too? Also I'm a bit unclear of what this Knox thing achieves, at first it voids your warranty, second does not let you to flash certain ROMs, but I'm unclear from/on which ROMs this is enabled or even if merely rooting your device would enable this. I mean someone may not be interested in aosp ROMs but still love some "optimized stock + custom kernel" will this Knox thing prevent him even from that?
If this is proved an unmodifiable device I'd think twice for it's usefulness, android's only edge is its "modifiability" remove it and you buy sth 2nd or 3rd tier...
Click to expand...
Click to collapse
You can still root and modify things, however, Samsung has taken the stance that since Knox has been tripped you must've been running Custom firmware/apps that can "potentially" damage the hardware so all warranties (at least from Samsung) are void....
The other issue is Samsung are updating bootloaders when you install firmware updates. If you happen to get a new bootloader then you CAN'T go back to a lower version of firmware, period... Doing so generally results in bootloops or stuck on Samsung logo until you update to the newer firmware again...
The downside to this is the nandroid backup you took just before updating in case of a problem is rendered useless, and in the case of the Note 3, Kies no longer recognises the new bootloaders so emergency firmware restore doesn't work...
Knox also tries to deny any app root access, some messenger programs were denied access as their permissions required root access. SuperSu has been updated now to work with no problems, until Samsung decide to interfere again....
Knox is also a secure container for your data, it was meant for security agencies and such to have a secure passworded partition in the software that doesn't allow anyone but the person with the passcode to access it. This is disabled after rooting as the system has been modified and can no longer be deemed secure....
ultramag69 said:
You can still root and modify things, however, Samsung has taken the stance that since Knox has been tripped you must've been running Custom firmware/apps that can "potentially" damage the hardware so all warranties (at least from Samsung) are void....
The other issue is Samsung are updating bootloaders when you install firmware updates. If you happen to get a new bootloader then you CAN'T go back to a lower version of firmware, period... Doing so generally results in bootloops or stuck on Samsung logo until you update to the newer firmware again...
The downside to this is the nandroid backup you took just before updating in case of a problem is rendered useless, and in the case of the Note 3, Kies no longer recognises the new bootloaders so emergency firmware restore doesn't work...
Knox also tries to deny any app root access, some messenger programs were denied access as their permissions required root access. SuperSu has been updated now to work with no problems, until Samsung decide to interfere again....
Knox is also a secure container for your data, it was meant for security agencies and such to have a secure passworded partition in the software that doesn't allow anyone but the person with the passcode to access it. This is disabled after rooting as the system has been modified and can no longer be deemed secure....
Click to expand...
Click to collapse
So Knox is more about controlling your device than security as it is not optional (you cannot turn it off , right). Also about losing the warranty, well I was hoping to buy it from a reputable store in my country, even if Samsung voids my warranty can't the store itself honor it?
If not, if in fact merely rooting your device voids my warranty whatsoever than I'm most certain that this is not a device for me and I'm not sure for whom it is, I don't think android is a good os when decoupled from rooted apps (no xposed framework, no adblock, no virtual buttons, no gestures, no greenify), the experience is basically killed...
Even jail breaking your iPad doesn't kill the warranty as long as you install non jail broken iOS version on top... Bad Samsung, bad
OK, since I actually want to give this tablet a go I came up with a new idea. What if I trip up the Knox counter but then get back to stock firmware and *then* my tablet gets damaged? Would then my warranty be honored? The Knox counter can only tell you that it was tripped *once* but not what is/was happening at the time you got a defect.
Maybe my battery died, or more than a handful pixels died on me, all having nothing to do with me rooting my device at some point. Can my rooting still be grounds for samsung to dismiss my warranty? Because if so that is quite a scheme that Samsung runs.
Do any people had their warranty honored even though the Knox counter was tripped?
If you have a squaretrade warranty you should be fine with that excuse. However, Samsung will say that they cannot tell if the damaged occurred before or after the rooting occurred, thus denying you your warranty. Once the counter is tripped, from that point on the warranty is gone. My recommendation, get a squaretrade for 100 with a 2 year warranty and you will be fine.
Sent from my SM-P600 using Tapatalk
It' been 5 days i am researching on XDA Awesome site with lot's of problems Solved.
as a Noob i have done a mistake while rooting my phone my Knox is tripped and i know there is no solution right now, but i have seen a way for that my friend is having same note 2 we both brought on Nov 2012 as he is not update freak so he has not update thing and i have seen his download mode and there is no Knox status.
Now i have decided to Downgrade this time i have follow XDA steps and Sucess with Downgrade
but there comes another issue Phone status still showing custom i know that can be fixed with triangle away.
Downgrade mode is still having Knox status.
is this possible to do any changes with Download mode ?
SPBAHUGUNA said:
It' been 5 days i am researching on XDA Awesome site with lot's of problems Solved.
as a Noob i have done a mistake while rooting my phone my Knox is tripped and i know there is no solution right now, but i have seen a way for that my friend is having same note 2 we both brought on Nov 2012 as he is not update freak so he has not update thing and i have seen his download mode and there is no Knox status.
Now i have decided to Downgrade this time i have follow XDA steps and Sucess with Downgrade
but there comes another issue Phone status still showing custom i know that can be fixed with triangle away.
Downgrade mode is still having Knox status.
is this possible to do any changes with Download mode ?
Click to expand...
Click to collapse
No. Not possible to downgrade to shipped ROM.
Triangle away works on old bootloaders. 4.1.1 and 4.1.2.
Samsung implemented KNOX in 4.3 and 4.4 android. Remember, KNOX is a efuse not a counter. Once it trips, it cannot be reset/ reversed - no matter what.
Now downgrade options:
1. Use Mobile Odin to downgrade to desired ROM. It keeps the new bootloader but replaces everthing: kernel, modem, system and CSC.
2. I suggest not to downgrade unless you have a good reason to.
Press thumps up if you found this suggestion helpful.
Sent from my GT-N7100 using Tapatalk
thanks
ceomaverick said:
No. Not possible to downgrade to shipped ROM.
Triangle away works on old bootloaders. 4.1.1 and 4.1.2.
Samsung implemented KNOX in 4.3 and 4.4 android. Remember, KNOX is a efuse not a counter. Once it trips, it cannot be reset/ reversed - no matter what.
Now downgrade options:
1. Use Mobile Odin to downgrade to desired ROM. It keeps the new bootloader but replaces everthing: kernel, modem, system and CSC.
2. I suggest not to downgrade unless you have a good reason to.
Press thumps up if you found this suggestion helpful.
Sent from my GT-N7100 using Tapatalk
Click to expand...
Click to collapse
right now i am on 4.4.2 Stock ROM just because i have taken backup so restored used triangle away perfectly without any issue.
"Samsung implemented KNOX in 4.3 and 4.4 android. Remember, KNOX is a efuse not a counter. Once it trips, it cannot be reset/ reversed - no matter what. "
I agree with you because you have more experience but how come my friends phone do not have anything like knox we both purchased same day same model i keep my phone update he do not update.
there is no sign of KNOX in download mode but mine void =1
is there any way to mess with download mode thing ?
SPBAHUGUNA said:
right now i am on 4.4.2 Stock ROM just because i have taken backup so restored used triangle away perfectly without any issue.
"Samsung implemented KNOX in 4.3 and 4.4 android. Remember, KNOX is a efuse not a counter. Once it trips, it cannot be reset/ reversed - no matter what. "
I agree with you because you have more experience but how come my friends phone do not have anything like knox we both purchased same day same model i keep my phone update he do not update.
there is no sign of KNOX in download mode but mine void =1
is there any way to mess with download mode thing ?
Click to expand...
Click to collapse
Exactly. You updated and he didn't. Soon as you update your phone, Knox arrives with a new bootloader. Either you flashed root file or recovery file or custom ROM, hence you burned the flag and Knox went from 0x0 to 0x1.
He rooted 4.1.2. Hence, his bootloader does not show Knox. Only flash counters are visible. These can be reset using triangleaway.
In your case, using triangleaway will only reset counter (as you must have experienced) and show official status. But Knox stays as it is.
Anyways, you shouldn't be worried. Nothing can be done now.
Sent from my GT-N7100 using Tapatalk
thanks but confused too
ceomaverick said:
Exactly. You updated and he didn't. Soon as you update your phone, Knox arrives with a new bootloader. Either you flashed root file or recovery file or custom ROM, hence you burned the flag and Knox went from 0x0 to 0x1.
He rooted 4.1.2. Hence, his bootloader does not show Knox. Only flash counters are visible. These can be reset using triangleaway.
In your case, using triangleaway will only reset counter (as you must have experienced) and show official status. But Knox stays as it is.
Anyways, you shouldn't be worried. Nothing can be done now.
Sent from my GT-N7100 using Tapatalk
Click to expand...
Click to collapse
Exactly what you said i totally agree with you but there is point which diverted me to reply again is there is a post related to KNOX for note 2 where few people are saying it's Fuse but few have ensured that it is something stored within system Board i.e where you download mode is stored might be EPROM or something which is programmable by experts only.
in that thread i have seen a reply from one person giving his feedback like he was having knox 0x1 and he somehow fixed from service center within 10 minute they have fixed knox issue NO IMEI Change no board replace.
"Finally KNOX can be reset in
Samsung SM-N900 Galaxy Note 3
Samsung SM-N9000Q Galaxy Note 3
Because it stored inside RPMB area and can be WIPED or written with AUTH KEY.
And cannot be reset in
Samsung SM-N9005 Galaxy Note 3 Olympic
Samsung SM-N905 Galaxy Note 3
and all phones with Snapdragon MCU. Anybody who tell that it possible in
service lies becuse KNOX are stored in QFUSE area. FOR EVER."
http://forum.xda-developers.com/showthread.php?t=2486346&page=112
if i get something valuable i will update you sir thanks a lot
SPBAHUGUNA said:
Exactly what you said i totally agree with you but there is point which diverted me to reply again is there is a post related to KNOX for note 2 where few people are saying it's Fuse but few have ensured that it is something stored within system Board i.e where you download mode is stored might be EPROM or something which is programmable by experts only.
in that thread i have seen a reply from one person giving his feedback like he was having knox 0x1 and he somehow fixed from service center within 10 minute they have fixed knox issue NO IMEI Change no board replace.
"Finally KNOX can be reset in
Samsung SM-N900 Galaxy Note 3
Samsung SM-N9000Q Galaxy Note 3
Because it stored inside RPMB area and can be WIPED or written with AUTH KEY.
And cannot be reset in
Samsung SM-N9005 Galaxy Note 3 Olympic
Samsung SM-N905 Galaxy Note 3
and all phones with Snapdragon MCU. Anybody who tell that it possible in
service lies becuse KNOX are stored in QFUSE area. FOR EVER."
http://forum.xda-developers.com/showthread.php?t=2486346&page=112
if i get something valuable i will update you sir thanks a lot
Click to expand...
Click to collapse
I doubt the reliability of the person who went to service center with tripped KNOX and got the flag reversed without board replacement.
Anyway, in this murky world of unknowns, we can conclude two things.
1. KNOX cannot be reset ever. Or,
2. KNOX is not a efuse, but a software flag coded into the secure area of the chipset hardware, which requires tools developed by Samsung to modify the inside stuff.
Assumimg that this is true, the reset only can be initiated by device manufacturer at their factory. I seriously doubt that service centers will have these tools, let alone the authority.
Reason:
The business dimension of Knox is extremely important for Samsung. If they handover these resetting tools to service center, the possibility of leak is almost certain. That would be anything but great financial loss as corporate customers would never accept compromised phones. Any insider technician (out of thousands in hundreds of countries) can create a fake identity and post this tool on the Internet. It would be hard to nab him.
While in the factory, where only a certain number of people will have access to these tools, won't dare to even think of leaking the tool. ( Remember, these guys have to sign confidentiality agreement with the company. If found guilty, the punishment of harsh.)
Technicians at the service center are not supposed to sign a confidentiality agreement. They have a simple terms and conditions contract with the employer (service centre not the parent company) I know that for a fact.
Anyways, the good news is that with towelroot many users have reported to root S5 & Note 3 successfully without tripping KNOX.
Kindly share any valuable information you get with me.
Sent from my GT-N7100 using Tapatalk
Valuable Reply
ceomaverick said:
I doubt the reliability of the person who went to service center with tripped KNOX and got the flag reversed without board replacement.
Anyway, in this murky world of unknowns, we can conclude two things.
1. KNOX cannot be reset ever. Or,
2. KNOX is not a efuse, but a software flag coded into the secure area of the chipset hardware, which requires tools developed by Samsung to modify the inside stuff.
Assumimg that this is true, the reset only can be initiated by device manufacturer at their factory. I seriously doubt that service centers will have these tools, let alone the authority.
Reason:
The business dimension of Knox is extremely important for Samsung. If they handover these resetting tools to service center, the possibility of leak is almost certain. That would be anything but great financial loss as corporate customers would never accept compromised phones. Any insider technician (out of thousands in hundreds of countries) can create a fake identity and post this tool on the Internet. It would be hard to nab him.
While in the factory, where only a certain number of people will have access to these tools, won't dare to even think of leaking the tool. ( Remember, these guys have to sign confidentiality agreement with the company. If found guilty, the punishment of harsh.)
Technicians at the service center are not supposed to sign a confidentiality agreement. They have a simple terms and conditions contract with the employer (service centre not the parent company) I know that for a fact.
Anyways, the good news is that with towelroot many users have reported to root S5 & Note 3 successfully without tripping KNOX.
Kindly share any valuable information you get with me.
Sent from my GT-N7100 using Tapatalk
Click to expand...
Click to collapse
Knox is tripped, can you suggest me best ROM as you too using N7100 . need good battery backup and music that's it right now using DN4 but lots of bug with DN4
SPBAHUGUNA said:
Knox is tripped, can you suggest me best ROM as you too using N7100 . need good battery backup and music that's it right now using DN4 but lots of bug with DN4
Click to expand...
Click to collapse
Stock 4.4.2 is best for battery and great on performance. This should suit ur needs.
All other custom touchwiz ROMS ( Phantom, Omega, DN4, Dr.Ketan's etc) are deodexed. They consume both battery and ROM. Hence, slow and lag at times.
Exception: Thunder Lite V7.0 is amazing on battery.
I have heard of Slimkat being really good on both battery and performance. One of my friend has installed this on his note 2. His battery lasts is seriously long. But individual experiences may vary.
Sent from my GT-N7100 using Tapatalk
---------- Post added at 12:32 AM ---------- Previous post was at 12:31 AM ----------
ceomaverick said:
Stock 4.4.2 is best for battery and great on performance. This should suit ur needs.
All other custom touchwiz ROMS ( Phantom, Omega, DN4, Dr.Ketan's etc) are deodexed. They consume both battery and ROM. Hence, slow and lag at times.
Exception: Thunder Lite V7.0 is amazing on battery.
I have heard of Slimkat being really good on both battery and performance. One of my friend has installed this on his note 2. His battery lasts is seriously long. But individual experiences may vary.
I use Dr.Ketan's V14.
Sent from my GT-N7100 using Tapatalk
Click to expand...
Click to collapse
Sent from my GT-N7100 using Tapatalk
---------- Post added at 12:34 AM ---------- Previous post was at 12:32 AM ----------
Stock 4.4.2 is best for battery and great on performance. This should suit ur needs.
All other custom touchwiz ROMS ( Phantom, Omega, DN4, Dr.Ketan's etc) are deodexed. They consume both battery and ROM. Hence, slow and lag at times.
Exception: Thunder Lite V7.0 is amazing on battery.
I have heard of Slimkat being really good on both battery and performance. One of my friend has installed this on his note 2. His battery lasts is seriously long. But individual experiences may vary.
I use Dr.Ketan's V14.
Sent from my GT-N7100 using Tapatalk
thanks again
ceomaverick said:
Stock 4.4.2 is best for battery and great on performance. This should suit ur needs.
All other custom touchwiz ROMS ( Phantom, Omega, DN4, Dr.Ketan's etc) are deodexed. They consume both battery and ROM. Hence, slow and lag at times.
Exception: Thunder Lite V7.0 is amazing on battery.
I have heard of Slimkat being really good on both battery and performance. One of my friend has installed this on his note 2. His battery lasts is seriously long. But individual experiences may vary.
Sent from my GT-N7100 using Tapatalk
---------- Post added at 12:32 AM ---------- Previous post was at 12:31 AM ----------
Sent from my GT-N7100 using Tapatalk
---------- Post added at 12:34 AM ---------- Previous post was at 12:32 AM ----------
Stock 4.4.2 is best for battery and great on performance. This should suit ur needs.
All other custom touchwiz ROMS ( Phantom, Omega, DN4, Dr.Ketan's etc) are deodexed. They consume both battery and ROM. Hence, slow and lag at times.
Exception: Thunder Lite V7.0 is amazing on battery.
I have heard of Slimkat being really good on both battery and performance. One of my friend has installed this on his note 2. His battery lasts is seriously long. But individual experiences may vary.
I use Dr.Ketan's V14.
Sent from my GT-N7100 using Tapatalk
Click to expand...
Click to collapse
thanks
if i get some valuable info regarding i am here to post that to you.
I just picked up a refurb i317 and have a question obout this Knox rom counter/security thing: Does it matter for a refurb that's out of warranty? Is it just a counter or is it something more nasty?
jocala said:
I just picked up a refurb i317 and have a question obout this Knox rom counter/security thing: Does it matter for a refurb that's out of warranty? Is it just a counter or is it something more nasty?
Click to expand...
Click to collapse
Knox is a Samsung corporate security suite that is built into the stock OS.
Sadly it's also present in the bootloader. ..so if an unsigned flash is performed. .the flag is set to 1....
Knox ( or the knox container) is best described as a secured software partition that is set aside for the use of high security apps and functions at the corporate or government level...and isolates these proprietary functions from the rest of the regular OS....
Once a custom rom is flashed. .This container is violated and the flag is set via the bootloader. ..and the device can never be used as a secured corporate device again. ..
With devices under warranty it will void them...but for flashing and modding a device it means very little to us. .
Root and flash is no problem on the note 2 device. ..but note 3 or higher has a true locked bootloader. ..and won't allow different kernel images to be flashed at all. ..(last I heard)...
We are the first generation of knox infected devices. ..but we are not truly locked. ..However. ..Once the device is running the mk6 or higher bootloader. ..it cannot be reverted back to a non-knox version. ...
You are good to flash any roms in the I317 section to include custom kernels....radio images etc...
Enjoy. ...g
gregsarg said:
Knox is a Samsung corporate security suite that is built into the stock OS.
Sadly it's also present in the bootloader. ..so if an unsigned flash is performed. .the flag is set to 1....
Knox ( or the knox container) is best described as a secured software partition that is set aside for the use of high security apps and functions at the corporate or government level...and isolates these proprietary functions from the rest of the regular OS....
Once a custom rom is flashed. .This container is violated and the flag is set via the bootloader. ..and the device can never be used as a secured corporate device again. ..
With devices under warranty it will void them...but for flashing and modding a device it means very little to us. .
Root and flash is no problem on the note 2 device. ..but note 3 or higher has a true locked bootloader. ..and won't allow different kernel images to be flashed at all. ..(last I heard)...
We are the first generation of knox infected devices. ..but we are not truly locked. ..However. ..Once the device is running the mk6 or higher bootloader. ..it cannot be reverted back to a non-knox version. ...
You are good to flash any roms in the I317 section to include custom kernels....radio images etc...
Enjoy. ...g
Click to expand...
Click to collapse
Thanks for the thoughtful reply. I'm playing with a CM12 nightly now, but will probably scout out a nice stock rom as a daily driver. As a retired gentleman of a certain age, I never go for latest and greatest these days, but I'm impressed with this phone thus far.