[Q] What's the deal with Knox on the Note 4? - Verizon Galaxy Note 4 Q&A, Help & Troubleshooting

My wife just got a Verizon Note 4 to replace her slowly dying Note 2. She doesn't use it in a business environment, so she neither needs nor wants Knox anywhere it (obviously she can't get rid of the bootloader lock, but she doesn't want the Knox service or the app). She can force stop the service, but it comes back.
Since she got the phone, she's been getting notifications telling her to take security updates. She's concerned, of course, that they'll turn on Knox, make it more intrusive, or something, so she won't take them. But they come up pretty frequently, and are annoying as heck.
We found instructions for uninstalling Knox Personal on a Jellybean device (http://www.samsung.com/us/support/howtoguide/N0000005/13093/159642), but it involves actually running the Knox app, going into Help -> About, and choosing Uninstall. Naturally, she's loathe to do that - it feels wrong and unsafe to run the very app you want to get rid of in order to uninstall it. Plus these instructions are specifically for JellyBean and the Note 3, not KitKat and the Note 4.
So ... does anyone know what the reality is?

Be interested in this too. I keep getting that stupid request to turn on some secure blah blah. Wth is up with that?
Sent from my SM-N910V

I believe you could disable the security notification by go into settings-> security->security policy update and uncheck auto update.

No, unfortunately it's already set to not update.
Sent from my SM-N910V

Related

Samsung Push service and Ad service?

Everytime I run Samsung Apps it asks me to install Samsung Push Service and Samsung Ad Service.
Does anybody know what these are?
Seems like annoying bloatware to me so I click cancel but it's starting to get annoying as it pops up every time!
Is there a way to stop this coming up everytime?
Thank you
You can't stop it... Worse, in the latest Samsung Apps update, it'll be automatically installed without your concern and will constantly pushing ads to your phone, make the phone hot and battery drain fast... I removed the Samsung Apps (and its companion SamsungUNA) after that...
How irritating!
I'm pretty sure I have the latest version installed as when I ran it it said I needed to update and I did. But it doesn't auto install these for me....?
It just pops up every time I open it asking me to install them.
Maybe someone could mod it so we only get Samsung Apps an not the crap that comes with it.........please....... lol
It would be a shame to have to uninstall it because you can actually get some top premium priced games for free, which is the only reason I use it.

[Q] Samsung Security Policy Updates

I got a popup asking to autoupdate the Samsung security policies. Does anybody know what the Samsung Security Policy updates update? I obviously declined the automatic updates, but was wondering if anybody knows if there are consequences either way.
I'm pretty sure this is Knox related. I've declined it myself only to be asked about a dozen more times since. Seems like it finally gave up though. If anyone else has input, I'd be interesting hearing what they know.
Sent from my SM-N910V using Xparent Green Tapatalk 2
My thought is to decline but i would be interested in hearing what a developer thinks.
I want to bump this question. I just had a notice to allow security policy updates. The terms and conditions that must be accepted state that the "updates may add new security policies and delete any existing policies, if necessary. The service may detect and delete any downloaded software which contains malware." Since I have a Developer Edition, am rooted and have many apps that have been granted Super User permissions, I'm wondering if these security updates could delete or alter those permissions or otherwise affect root.
I updated it on my rooted dev edition and I've had no ill effects (so far) I know it required a lot of permissions but it's a security update from the manufacturer for god sake. The last thing I wanted was some security policy to go without being updated. Maybe that's my IT mindset. I was less hesitant to install because I already have root, unlocked bootloader, and a backup, so worse case scenario I could have just restored my nand.
commissionerg said:
I updated it on my rooted dev edition and I've had no ill effects (so far) I know it required a lot of permissions but it's a security update from the manufacturer for god sake. The last thing I wanted was some security policy to go without being updated. Maybe that's my IT mindset. I was less hesitant to install because I already have root, unlocked bootloader, and a backup, so worse case scenario I could have just restored my nand.
Click to expand...
Click to collapse
Agree with this on all points, but, like @GirLuvsDroid said, it sure would be nice to know exactly what these updates are doing.
I have also been declining them, but since you took the plunge for us (and I thank you!) and to your point, that we have backups, I will take it next time.
I have a rooted dev version, and I used Titanium (I bought the premium), and I froze the Knox services, as well as the security policy updates. It stopped the popup and my phone still works fine.

Re: Moving apps

Re: Moving apps
I am about to help my husband root his 8.4 Tab Pro. But before I even do this for him, I need to know if I'm wasting my time.
What he wants is to be able to move his apps to his micro sd card. He says he doesn't have any room on his tablet.
So is that possible to do, once rooted?
Thanks
ms.journie said:
I am about to help my husband root his 8.4 Tab Pro. But before I even do this for him, I need to know if I'm wasting my time.
What he wants is to be able to move his apps to his micro sd card. He says he doesn't have any room on his tablet.
So is that possible to do, once rooted?
Thanks
Click to expand...
Click to collapse
Apps will have to be re-downloaded from the Play Store Store assuming he had gotten them there. In the possible case of Amazon Apps, you'll need to get it from them.
But, it sounds to me like you'd want to look for Titanium Backup, which should help you setup that task
I have no clue as to which version ot the Tab Pro you might have T320 (WiFi), or the T325 (LTE).
Either way, if your husband will somehow require the Knox (Security functions), of that Device.... STOP NOW!
Rooting to replace the Recovery, or OS WILL PERMANENTLY TRIP THE KNOX FLAG. Thus rendering Knox Security useless.
Assuming there is anything worth backing up it might well be inside there. And the ONLY TIME you have to back it up is before you trip the flag.
Once tripped there is no going back ever, and as I stated Knox will be dead to the Device, along with any hosted data that was part of it
Otherwise I wouldn't be to pressed about his Apps...
Ichijoe said:
Apps will have to be re-downloaded from the Play Store Store assuming he had gotten them there. In the possible case of Amazon Apps, you'll need to get it from them.
But, it sounds to me like you'd want to look for Titanium Backup, which should help you setup that task
I have no clue as to which version ot the Tab Pro you might have T320 (WiFi), or the T325 (LTE).
Either way, if your husband will somehow require the Knox (Security functions), of that Device.... STOP NOW!
Rooting to replace the Recovery, or OS WILL PERMANENTLY TRIP THE KNOX FLAG. Thus rendering Knox Security useless.
Assuming there is anything worth backing up it might well be inside there. And the ONLY TIME you have to back it up is before you trip the flag.
Once tripped there is no going back ever, and as I stated Knox will be dead to the Device, along with any hosted data that was part of it
Otherwise I wouldn't be to pressed about his Apps...
Click to expand...
Click to collapse
Thank you for this info!
I just asked him if he uses his knox security, and he says he doesn't because he has bit defender and malwarebytes. So since he doesn't use that program I guess I can go ahead and proceed.
ms.journie said:
Thank you for this info!
I just asked him if he uses his knox security, and he says he doesn't because he has bit defender and malwarebytes. So since he doesn't use that program I guess I can go ahead and proceed.
Click to expand...
Click to collapse
I'd like to think I'm up on most thing security wise. But, I'm not aware of those Apps. being on Android. Specifically MicroSoft's Bitdefender.
To describe what knox is (besides a means to void ones warranty), its a very secure business ordinated front end, that only come into its own when the Employer
also has a knox backend server running, to control it.
So long as thats NOT the case... Flash it!
If on the other hand it might be, I'd advise against it, as you can never go back from a Knox 0x1 state.
It will also (On newer Device that support it), brick up things like Google Pay.
Thankfully the Tab Pro does not have that feature to lose.

Question How to Disable OS Updates?

Totally satisfied with 11.2.9.9 and wish to disable updates for good-ish. I did this on my Pixel 3XL and needed to jump through some hoops to stop the insistent nag pop up but got it done with help from XDA good guys. Like the Pixel, the notification does not allow to be silenced or disabled so need to dig deeper. I don't want to delete or uninstall the updater service but am open to freezing it if that won't cause any other issues. I'm rooted of course. Help would be appreciated, Thanks
I'm not sure turning down the already sporadic security patches released for Android phones is a good idea to start with, refusing them while rooted is an even worse plan.
With prevalent betaware updates makes sense for some to stay stable for once AFWall+
miravision said:
With prevalent betaware updates makes sense for some to stay stable for once AFWall+
Click to expand...
Click to collapse
That would be reasonable if the betas weren't explicitly opt-in. Blocking consumer release updates is an entirely different kettle of fish.
miravision said:
With prevalent betaware updates makes sense for some to stay stable for once AFWall+
Click to expand...
Click to collapse
Nailed it Mr Vision -
My phone is 90% de-googled so my biggest security risk has been neutralized.
I usually freeze the update service app in between updates to avoid the nagging while I'm waiting on a full zip to be released, or if it's just an inconvenient time for me to mess with it. It has never caused any issues other than the obvious: if you try to select System Update from Settings while frozen it will force close. Just unfreeze the update service when you're ready to update.
That said, I'm in agreement with other folks who say not taking security updates on a rooted device "ever" is generally a bad idea. New kernel exploits are discovered all the time, and plenty of core system packages have the potential for vulnerabilities.
terlynn4 said:
I usually freeze the update service app in between updates to avoid the nagging while I'm waiting on a full zip to be released, or if it's just an inconvenient time for me to mess with it. It has never caused any issues other than the obvious: if you try to select System Update from Settings while frozen it will force close. Just unfreeze the update service when you're ready to update.
That said, I'm in agreement with other folks who say not taking security updates on a rooted device "ever" is generally a bad idea. New kernel exploits are discovered all the time, and plenty of core system packages have the potential for vulnerabilities.
Click to expand...
Click to collapse
Thanks.
I would keep my phone updated but the ColorOS 12 update pretty much ruined the perfect experience. I'll update in a few months. Hopefully, they'll fix all the issues by then.
terlynn4 said:
"I usually freeze the update service app in between updates to avoid the nagging while I'm waiting on a full zip to be released, "
Click to expand...
Click to collapse
Yes thanks for the reminder this is possible. I went ahead and froze com.oneplus.opbackup. My setup is safely locked in until I decide it needs to be changed!
Maybe some folks from this thread will see my thread lol and rethink the early adopter or as I like to call it, guinea pig strategy.
12 "Stable" Issues Thread
Besides the general low quality of this piece of software, here are some specific pains: 1. SafetyNet test fails (no root) - WTF? Can't use any of my work applications because of that. 2. Status bar notification icons don't appear (except for...
forum.xda-developers.com
Just use a package disabler, a ADB edit or if your rooted you have even more apps to block OTA updates.
Security in real life isn't an issue with Android 9 or higher unless you do something stupid. This stock N10+ has been running on Android 9 for over 2 years with no updates.
The current OS load is over 1.5 yo, still fast, stable with minimum maintenance. I take a few precautions especially with app installations and downloads. Android 9 and higher are reasonably secure even if Google claims otherwise.
So enjoy your current platform for as long as you want. Don't let updates break your phone... they sure as hell can and do.
Redundantly backup all critical data to at least 2 hdds that are physically and electronically isolated from each other and the PC. Time stagger backups to them incrementally as an added precaution. Have a plan in place for password resets and bank accounts (which are insured from fraud anyway).
In the case of malware if you can't completely isolate and delete it within an hour or two, go full nuke and reload. It takes far less time to reload then it does to attempt to optimize and adapt to a new OS version.
Fools leave in fear, pragmatists live within reality.
Don't ever update to Android 12 then. Remember, you have been warned. No matter what, stay on Oxygen 11
@blackhawk - Yeah I really like App Manager does all you say plus a whole lot more.
@giaur
Both you guys, EXACTLY! Ran Android 9 for 3 years on my rooted Pixel 3XL, no updates past 9/19 no issues no regrets.
11.2.10.10 is safe. But I dont update to A12 soon.
You can disable the updates very easy.
1st: Settings -> System -> System Updates -> Top right the gear -> Disable Auto download over Wifi
2nd: Settings -> System -> Dev. Options -> Disable "Automatic system updates"
RheinPirat said:
11.2.10.10 is safe. But I dont update to A12 soon.
You can disable the updates very easy.
1st: Settings -> System -> System Updates -> Top right the gear -> Disable Auto download over Wifi
2nd: Settings -> System -> Dev. Options -> Disable "Automatic system updates"
Click to expand...
Click to collapse
See the thing is this doesn't stop the random often reoccurring pop-up nag that prompts to download the update. The fear there is the potential for an accidental tap. I don't want the giant update file hanging out on my phone ready to spring into gear at the slightest wrong move on my part. Maybe the tap would be interpreted by the phone as an overide to the 'disable' option selected in Dev Options. Don't know, don't want to find out.
Then use a fire wall and allow apps you want. I never got a update notification since I have the phone. I always updated it by myself.
chetqwerty said:
See the thing is this doesn't stop the random often reoccurring pop-up nag that prompts to download the update. The fear there is the potential for an accidental tap. I don't want the giant update file hanging out on my phone ready to spring into gear at the slightest wrong move on my part. Maybe the tap would be interpreted by the phone as an overide to the 'disable' option selected in Dev Options. Don't know, don't want to find out.
Click to expand...
Click to collapse
Use service disabler from playstore to disable system updater(requires root)
chetqwerty said:
Yes thanks for the reminder this is possible. I went ahead and froze com.oneplus.opbackup. My setup is safely locked in until I decide it needs to be changed!
Click to expand...
Click to collapse
Yes goofy to quote myself but wanted to post an update that sadly this only worked for about a month then the nags returned even though the com.oneplus.opbackup service was frozen. Getting the system update nags every other day after they stopped for a month. Gotta figure this out, I'm sure that sinister google has their hand in this someway!

Can't create work Profile on my Galaxy Note Plus

Hello everyone.
I'm totally new here. This is my first post on XDA.
Recently I bought a 2nd hand phone, Samsung Note 10 Plus with a very good condition. Everything seems to me perfect when I purchased it. All features are working great.
Recently I tried to add an educational google account that was provided from one of educational institution.
When I tried to add this account on this particular phone, it's showing an error that -
"Can't create work profile!!
The security policy prevents the creation of a work profile because a custom OS has been installed on this device."
(I'm posting the screenshot also)
I don't know why it's showing this error message, because I'm not using any custom OS, according to my knowledge. I got official OTA update after purchasing it.
So as far as I know, it's running on stock OS.
The model number of my Note 10 Plus is "SCV45". It's a Japanese variant named "au".
What is reason of this error behind it? I didn't install any custom OS nor root my phone. I don't know the previous history as it's a 2nd hand phone. What should I do now to fix this issue. Please help me as I'm new to this thread.
Settings>About Phone>Status>Phone Status
Phone status should be "Official" otherwise it's been rooted and the Knox efuse tripped.
Can you set up/use Secure Folder?
Thanks for your earliest reply.
Here, phone status is showing "Official".
But after using some days, I get t know about "Knox Security" & I found heart breaking fact that my phone's "Knox Security" is void & I have to live with it as there is no workaround for that issue. (Found on XDA)
But the fact is, currently I didn't found any root access & from the about section, it's showing Official OS.
Then why it's giving error msg that I am using custom OS?
I got to know from xda that if knox security is tripped then I can't use some of Samsung app like Samsung Pass, Secure Folder, Samsung Heath....
But why I can't use a work profile when I am running on stock OS & which is not ever rooted (according to my knowledge).
So what I can do now to fix this issue?
Please help.
So much for that efuse trip method indicator... there are other ways to tell. Lol, always thought that one worked. You're questions have me curious as well.
My guess it was Knox efuse, but as for work profile not sure if it was or is tied together with Knox.
I avoid the Knox features as they're rules are convoluted... and I have no need for them.
You might want to reflash the firmware to be on the safe side. There are many here that can give you a better appraisal about this than me though.
I run stock N10+'s.
Lastly you could consider returning the device if it has been rooted in the past and the seller didn't state so.
blackhawk said:
So much for that efuse trip method indicator... there are other ways to tell. Lol, always thought that one worked. You're questions have me curious as well.
My guess it was Knox efuse, but as for work profile not sure if it was or is tied together with Knox.
I avoid the Knox features as they're rules are convoluted... and I have no need for them.
You might want to reflash the firmware to be on the safe side. There are many here that can give you a better appraisal about this than me though.
I run stock N10+'s.
Lastly you could consider returning the device if it has been rooted in the past and the seller didn't state so.
Click to expand...
Click to collapse
I didn't think so it is tied with knox security. Because I have used that work profile on another mobile other than a Samsung phone. So there is no link up between my work profile and the knox security.
Now I want to reflash the stock firmware by Odin3. But the problem I faced is, when I visited SamMobile for downloading the exact firmware, I didn't see any model number with "SCV45".
All the model numbers are like - SM-N975F, SM-N975U, SM-N975U1, SM-N975N... & so on.
So, should I flash any of them? I can't choose the proper version.
My mobile is snapdragon variant.
If I flash any of the version, what will happen?? I need to know about that.
And lastly, about returning the device.
I have purchased it as 2nd hand, and the first unit that I got, has the hardware problem. So I already returned that one. So they already gave me a replacement.
So I know, there must be some issues & I have to accept that as I am getting at very cheap price. But the last one I received, is totally in fresh condition. Even the screen paper that comes with intact phone, is still there. I have checked all the the hardware and sensors. All are working perfectly. And battery backup is also good. I am getting almost 7.5hr SOT. I have checked the battery cycle. Battery discharge cycle count is 164 (I don't know whether it is modified or not). I checked the other phones that have battery discharge cycle count is almost 500 to 700.
That's why I pick this last one. All seems perfect. Only have the issues with knox security, but I get to know about that later. And knox security is also not important for me. But at least I need to use my work profile.
That is the Japanese variant.
If you're stateside a Samsung Experience center at a Best Buy can run advanced diagnostics on it and reflash it if needed.
I would stay on Android 10. Either 9 or 10 run well. 11 not so much so and 12 is a mess, both have fully active cpu cycle sucking scoped storage.
blackhawk said:
That is the Japanese variant.
If you're stateside a Samsung Experience center at a Best Buy can run advanced diagnostics on it and reflash it if needed.
I would stay on Android 10. Either 9 or 10 run well. 11 not so much so and 12 is a mess, both have fully active cpu cycle sucking scoped storage.
Click to expand...
Click to collapse
When I purchased the Mobile, It has Android 10. I've upgarde to andoird 11 just. Everything is working fine except that issue.
Can I flash SM-N975U or SM-N975U1 firmware? there will be any problem??

Categories

Resources