Need Help - Samsung Galaxy Tab S2 SM-T817V Knox - Upgrading, Modifying and Unlocking

I have this tablet which is being restricted to use due to Knox. It appears to be for some vendor. It takes over the device even though it's not connected to the internet and doesn't allow me to do anything with it. I have read all the threads I can find and tried every possible option through Odin to install new firmware.
I understand this model is a giant pain due to Verizon and I may not be able to root this for customization. But is there not a way to get a factory clean firmware on here that doesn't have this Knox vendor customization? If not, is this good for anything or just throw it in the trash?

popguru said:
I have this tablet which is being restricted to use due to Knox. It appears to be for some vendor. It takes over the device even though it's not connected to the internet and doesn't allow me to do anything with it. I have read all the threads I can find and tried every possible option through Odin to install new firmware.
I understand this model is a giant pain due to Verizon and I may not be able to root this for customization. But is there not a way to get a factory clean firmware on here that doesn't have this Knox vendor customization? If not, is this good for anything or just throw it in the trash?
Click to expand...
Click to collapse
Same issue but I added another user and it works fine because knox isn't running device admin. Owner doesn't work and either does usb debugging. I'm thinking of calling know for remote support.

I beat frp on this same tablet before
popguru said:
I have this tablet which is being restricted to use due to Knox. It appears to be for some vendor. It takes over the device even though it's not connected to the internet and doesn't allow me to do anything with it. I have read all the threads I can find and tried every possible option through Odin to install new firmware.
I understand this model is a giant pain due to Verizon and I may not be able to root this for customization. But is there not a way to get a factory clean firmware on here that doesn't have this Knox vendor customization? If not, is this good for anything or just throw it in the trash?
Click to expand...
Click to collapse
Can u create a geust user account ? If so activate this accou t log into that account download the apk and run the very popular one click root app that i wont say but kinda rhymes with bingo shoot any ways run the apk (it wont root your device) and instal it the run the root app itll get to 99% and then quit but the entire device will be like outta the box new as far as the os goes you wont have frp lock or anything
Sorry for the run on sentence and idk how old this thread is but anyway and shout ouf to whoesever red car is with lisence plate xda guy in canada just not the country

Grimlinkush said:
Can u create a geust user account ? If so activate this accou t log into that account download the apk and run the very popular one click root app that i wont say but kinda rhymes with bingo shoot any ways run the apk (it wont root your device) and instal it the run the root app itll get to 99% and then quit but the entire device will be like outta the box new as far as the os goes you wont have frp lock or anything
Sorry for the run on sentence and idk how old this thread is but anyway and shout ouf to whoesever red car is with lisence plate xda guy in canada just not the country
Click to expand...
Click to collapse
Thank you for the response. This is still very much an active question for me.
I'm able to create the user account, install and start the install for the mentioned apk. However, it stops at 90%, and I get this error "Root Failed" Error Code 0x166508. It recommends I use the PC version, but USB Debugging is disabled in main account and I can't even access Developer tools for this new account.
Additionally, I'm unable to use the Home button. I get the following message "Security policy prevents use of Home key"
Seems like no matter what is suggested, there is something new that is blocking this from being used.

Related

[Q] Troublesome installation of Xposed and GravityBox on Fairphone

Dear internet community,
i would like to adress my problems concerning the installation of Xposed and GravityBox on my Fairphone. You must know that this is my very first smartphone and i dont really know how to use them yet. But i know that i would like to be able to change my Locksreen wallpaper, whích is the only intention for me to try to install Xposed in the first place.
So lets get to the nuts and bolts:
Firstly i tried to "unroot" my phone (of which i dont have any clue what that might mean), but the program i used (universal unroot) gave me this message upon trying: "please allow root access now. If you cant allow root access your device is most likely not rooted". At this point i dont know if i am able to allow root acess to that program, which ist rediculous in itself since this program should allow me to do that in the first place. I checked in the settings but couldnt find anything that looked like root access.
The next step was to install Xposed (version 2.6.1 and then 2.7 both with the same result). After the installation and the reboot, Xposed states unter the "Framework" category that: "the latest version of Xposed is currently not active (my app manager tells me it is). Did you install the framework and reboot?". Again i did the reboot and i installed it. If try to go further into the Framework menu and press the "install/update"-button it tells me: "failed to get root access. make sure your device is rooted properly and you have not blocked shell commands".
My question now is: do you have a solution for my problem? I would be very thankfull and appreciative if you would offer me a solution, since my intentional desire of changing the Lockscreen Wallpaper is such a small thing that it is quite hillaours as to how much effort has to be put in to change this small detail. Please dear community, help me out!
With kind regards
Alex
Hi Alex,
AdmirAlex said:
Firstly i tried to "unroot" my phone (of which i dont have any clue what that might mean), but the program i used (universal unroot) gave me this message upon trying: "please allow root access now. If you cant allow root access your device is most likely not rooted". At this point i dont know if i am able to allow root acess to that program, which ist rediculous in itself since this program should allow me to do that in the first place. I checked in the settings but couldnt find anything that looked like root access.
Click to expand...
Click to collapse
First of all: I see no point in "unrooting" my device. Since you said, you don't have any clue what that might mean, maybe this helps.
The term "root" is comparable to the "admin rights" on your computer. Some people do not need those rights. But If you don't need it just don't use it. If you "unroot" your device, what you do is, you throw away those admin rights. I don't see why you want to do this. The only reason which comes to my mind, is if you want your manufacture to repair your phone using your warranty. They basically don't like it if your phone is rooted, and say it violates the warranty conditions. But then again: fairphone comes pre-rooted, so having root does not void the warranty of your fairphone.
Usually if a program wants to have those root(/admin) rights, a screen pops up where you have to confirm that the app might use those rights.
If you want to know for what root rights can be good for, just google "rooting android" or something like that to read up on that topic.
AdmirAlex said:
The next step was to install Xposed (version 2.6.1 and then 2.7 both with the same result). After the installation and the reboot, Xposed states unter the "Framework" category that: "the latest version of Xposed is currently not active (my app manager tells me it is). Did you install the framework and reboot?". Again i did the reboot and i installed it. If try to go further into the Framework menu and press the "install/update"-button it tells me: "failed to get root access. make sure your device is rooted properly and you have not blocked shell commands".
Click to expand...
Click to collapse
Seems like you are actually unrooted. To use xposed and all its cool modules you need to have root rights. Unrooting your phone to use xposed is just contra productive. Maybe install SuperSU to re-gain root rights. But maybe you need to re-flash your OS.
AdmirAlex said:
My question now is: do you have a solution for my problem? I would be very thankfull and appreciative if you would offer me a solution, since my intentional desire of changing the Lockscreen Wallpaper is such a small thing that it is quite hillaours as to how much effort has to be put in to change this small detail. Please dear community, help me out!
Click to expand...
Click to collapse
Wait, what? Did I understand correctly, that you unrooted your phone to use an app that requires root so that you can change your lockscreen background?
Dude, you can do this in the settings without any root/unroot/xposed stuff.
As you said it is just a small detail, and such a standard feature, so it would be CRAZY if you need to go through such a hassle.
Just go into settings and somewhere in the display or lockscreen settings you can choose a background (you might need to disable the mood background for this). I do not have my fairphone anymore, so I cannot tell you where exactly that option is. Maybe someone else can point to the the exact location of that setting.
Hyst said:
...Maybe someone else can point to the the exact location of that setting.
Click to expand...
Click to collapse
I can't find any option for a different lockscreen image on my FP - only normal background image (wich is then also used for lockscreen, if I have mood background disabled). So I would also suggest GravityBox, which seems to be a too complex topic for your first smartphone ever...
dirtycutmaster said:
I can't find any option for a different lockscreen image on my FP - only normal background image (wich is then also used for lockscreen, if I have mood background disabled). So I would also suggest GravityBox, which seems to be a too complex topic for your first smartphone ever...
Click to expand...
Click to collapse
I know that this option is there. I had a custom lockscreen background (without using some xposed module like gravitybox). I will check with a friend who has a Fairphone, and tell you where the setting is.
I am sorry. Apparently I was mistaken. Changing the lockscreen background to a different wallpaper than the homescreen background seems not to be possible. You can just choose between mood background or not. I thought I had two different backgrounds while I had my Fairphone, but seems like I was wrong. sorry
Why is this not implemented? What I know for sure is that is a feature in CM and and Samsungs stock android version. I do not know about AOSP android.
Thanks for your feedback, Hyst!
I second your question about the missing implementation, but that's quite in a row with some other phone's stock features I am missing on the FP - e.g. a more solid gps, special character search in contacts and some other things other phones can do. Then I remember, Fairphone is still quite new on the market and neither has the experience nor the financial background to act like e.g. Samsung would do. And taken that into account, I'm sure they will grow with the requirements...
Hyst said:
Hi Alex,
First of all: I see no point in "unrooting" my device. Since you said, you don't have any clue what that might mean, maybe this helps.
The term "root" is comparable to the "admin rights" on your computer. Some people do not need those rights. But If you don't need it just don't use it. If you "unroot" your device, what you do is, you throw away those admin rights. I don't see why you want to do this. The only reason which comes to my mind, is if you want your manufacture to repair your phone using your warranty. They basically don't like it if your phone is rooted, and say it violates the warranty conditions. But then again: fairphone comes pre-rooted, so having root does not void the warranty of your fairphone.
Click to expand...
Click to collapse
Yeah i know now why the Phone needs to be rooted in order to work in a way i would like it to.
Seems like you are actually unrooted. To use xposed and all its cool modules you need to have root rights. Unrooting your phone to use xposed is just contra productive. Maybe install SuperSU to re-gain root rights. But maybe you need to re-flash your OS.
Click to expand...
Click to collapse
So atm the only viable solution that i could find is to reflash the Android of my phone. I tried to but the installation progress aborts itself so i am not able to reflash atm. The Fairphone support team got a mail from me, so lets wait and see.
Wait, what? Did I understand correctly, that you unrooted your phone to use an app that requires root so that you can change your lockscreen background?
Dude, you can do this in the settings without any root/unroot/xposed stuff.
As you said it is just a small detail, and such a standard feature, so it would be CRAZY if you need to go through such a hassle.
Click to expand...
Click to collapse
Now in a later post of yours you said that it is not possible. But i qould like to go into why i unrooted my phone. I was watching a Video from this site and misunderstood what has been said. I unrooted my phone, thinking that this would be necessary to make Xposed work. By that time i didnt really know how all of this works. I know its a rookie mistake and a "stupid" one, but i learned something and i am okay with it.
The next task now is to reflash my phone. Maybe you guys have an idea as to why it wont work: I followed the instructions on the Fairphone website and it still aborts during installation.
Edit: I am not allowed to linkt external websites, so i cant give you the video and fairphone installation guide links.
Greetings
Alex
Hope I didn't get it completely wrong but just wanna throw in another idea: why don't you reset your phone to factory settings? Reflashing it sounds like a lot of work for a beginner like you.. (Didn't do it either)
Since the phone is/was rooted from release on, resetting it should do the charme, imo. If you don't have a lot of files to lose I'd try that.
PS: really funny how complicated it got for you since your main intention was to change the lockscreen wallpaper )
PPS: follow this http://forum.xda-developers.com/wiki/Fairphone_Fairphone/Guides#How_to_partition_your_Fairphone from the 4th point on
arghwhymustiregister said:
Hope I didn't get it completely wrong but just wanna throw in another idea: why don't you reset your phone to factory settings? Reflashing it sounds like a lot of work for a beginner like you.. (Didn't do it either)
Since the phone is/was rooted from release on, resetting it should do the charme, imo. If you don't have a lot of files to lose I'd try that.
Click to expand...
Click to collapse
Yeah, i tred that a couple of times, but it wouldnt remove the unroot
PPS: follow this http://forum.xda-developers.com/wiki/Fairphone_Fairphone/Guides#How_to_partition_your_Fairphone from the 4th point on
Click to expand...
Click to collapse
Thanks for the link, i will try that in the meantime
PS: That, unfortunately, didnt do the trick
Edit2:
Since the Fairphone support hasn't replied yet, i tried another solution, but i need to ask you guys for help. I was following the instructions in the Fairphone wiki under the "How to restore Fairphone if you totally bricked it" topic. All the necessary files and programes are downloaded. Now when i choose the scatter file of the fairphone binarys the program gives me this message: "Error initialising scatter file failed. Please check the name of scatter file which you load is legal". if i press the download button the program gives me this message: "Download list is empty, please select a scatter file before executing"
I really dont get this. The fairphone binarys are supposed to work with this program, yet they are not. Can anyone help? Is there something really pbvious i have overlooked?
Greetz
Alex
Bump --> Please help me to figure out the SP Flash tool. To see the details check the post above
Thank you sooo much
AdmirAlex said:
Please help me to figure out the SP Flash tool.
Click to expand...
Click to collapse
I don't think you need to go through that mouch trouble as you're still able to use your phone (if I understood that correctly).
How about re-installing the Fairphone software from recovery? There's a nice guide on how to do that at:
fairphone.zendesk.com/hc/en-us/articles/202478028-Manually-install-Fairphone-OS-software-update-version-Cherry-1-6
Afterwards the superuser binaries should be back and you will have root access again.
haffenloher said:
I don't think you need to go through that mouch trouble as you're still able to use your phone (if I understood that correctly).
How about re-installing the Fairphone software from recovery? There's a nice guide on how to do that at:
fairphone.zendesk.com/hc/en-us/articles/202478028-Manually-install-Fairphone-OS-software-update-version-Cherry-1-6
Afterwards the superuser binaries should be back and you will have root access again.
Click to expand...
Click to collapse
Thanks for the hint, but that exact process does not work, since the update aborts itself giving an error message but not specifiying on which error exactly cause it to abort... I am frustrated at this point.
Greetings
Alex
AdmirAlex said:
Thanks for the hint, but that exact process does not work, since the update aborts itself giving an error message but not specifiying on which error exactly cause it to abort... I am frustrated at this point.
Click to expand...
Click to collapse
Which Fairphone model do you have? If it's the old one (from last year's batch), did you already use the repartitioning tool to "unify" your internal storage? Which update did you try to apply (exact filename)?
haffenloher said:
Which Fairphone model do you have? If it's the old one (from last year's batch), did you already use the repartitioning tool to "unify" your internal storage? Which update did you try to apply (exact filename)?
Click to expand...
Click to collapse
Its the second Batch phone, so the FP1U. I tried it with almost any OS given on the homepage. Those are the ones i tried:
OTA_AOSP-4.2.2_2014-08-05.zip
Fairphone_FP1_OS_v1_6_OTA_2014-07-31.zip
Fairphone_Cherry_1.6_FUSE_Image_2014-07-31.zip
Fairphone_FP1_OS_1G13G_v1_6_OTA_2014-07-31.zip
The Fairphone updater tells me that my phone is running the "Chenpi" version 1.5 which i cannot find on the hompage (thats strange isnt't it?)
What else could be done here?
Greetings and thank you very much for your ideas so far!
Alex
AdmirAlex said:
Fairphone_FP1_OS_v1_6_OTA_2014-07-31.zip
Click to expand...
Click to collapse
Applying that one from recovery clearly should have worked. I've even used it myself with my (already repartitioned) first batch phone.
If you want to be sure the .zip file you downloaded is not corrupted, compute its MD5 checksum. If you're under Windows, use a tool like heise.de/download/md5summer.html
Under Linux, just use md5sum <filename>
The checksum should match the one found on Fairphone's software update page: 664ca09368a4c922a12dc2526afe092b
AdmirAlex said:
The Fairphone updater tells me that my phone is running the "Chenpi" version 1.5 which i cannot find on the hompage (thats strange isnt't it?)
Click to expand...
Click to collapse
1.5 is the version your phone was shipped with, I think. As they issued the update to 1.6 just a few days after the new phones started shipping, I guess they thought putting only the new image up on their website was enough.
haffenloher said:
Applying that one from recovery clearly should have worked. I've even used it myself with my (already repartitioned) first batch phone.
Click to expand...
Click to collapse
The awesome support Team worked something out and my phone is finally rerooted! Now, i have installed Xposed, rebooted it, installed Gravitybox, rebooted it and both programs are working fine. After some fiddling around it finally has worked!! For most of you it might seem to be a small thing and really not that important, but for me it is. Honestly the only two things i really use to personalize the phone is the Wallpaper / Lockscreen and the WakeupCall ringtone.
Thank you so much for all of your support and patience!
Greetings
Alex

Can't Get Rid Of Security Notice On Rooted Note 7 VZW

Having a constant "Security Notice" on phone since rooting. Everything else works fine. Is there anyway I can maybe deactivate this function?
freeze in titanium backup...
Y0sHii said:
Having a constant "Security Notice" on phone since rooting. Everything else works fine. Is there anyway I can maybe deactivate this function?
Click to expand...
Click to collapse
to get rid of the security notice you will get(because the system is now rooted) simply install root explorer(or any root browser) and go to /system/app and delete securitylogagent or go into the folder and rename it adding .bkp to the end of the file name and reboot.
per
http://forum.xda-developers.com/showpost.php?p=68675715&postcount=2
I began getting this, too, after rooting my Note7. I solved it the way others suggested, with Titanium Backup by freezing the Security Log Agent. That worked for me.
SkyPhone said:
I began getting this, too, after rooting my Note7. I solved it the way others suggested, with Titanium Backup by freezing the Security Log Agent. That worked for me.
Click to expand...
Click to collapse
do you still have knox? i use samsung pay and security folder
You used the sprint method root at the N930V PHE or PH1? Not really related to thread, but just out of curiosity.
Same problem....
I'm having this same problem with my rooted note 7.
I've searched everywhere for securityagent on my note 7 and it's not there. The only way I can remove this threat found/restart device, is to remove device maintenance.
But then I lose the app done function and the advanced setting power saving mode.
I have disabled all knox and security realated apps.
But still still get the threat while device maintenance is there.
Does anyone know what the equivalent to securitylogagent is on a note 7 ????
Any help would be much appreciated, I am a noob, until 3 days ago I knew nothing, but I managed to unlock frp and root my note 7, but its been stressfull. I need help now...thanks.
Kellya86 said:
I'm having this same problem with my rooted note 7.
I've searched everywhere for securityagent on my note 7 and it's not there. The only way I can remove this threat found/restart device, is to remove device maintenance.
But then I lose the app done function and the advanced setting power saving mode.
I have disabled all knox and security realated apps.
But still still get the threat while device maintenance is there.
Does anyone know what the equivalent to securitylogagent is on a note 7 ????
Any help would be much appreciated, I am a noob, until 3 days ago I knew nothing, but I managed to unlock frp and root my note 7, but its been stressfull. I need help now...thanks.
Click to expand...
Click to collapse
You should have a package named SecurityLogAgent. Disabling this will stop the security notifications due to rooting. If you're referring to the Samsung messages regarding the recall, then you need to disable the Samsung Push service or just the notifications.
8
I'm not referring to them notifications, I have disabled Samsung push.
There is no package with the name 'securitylogagent' on my note 7.
I have researched this alot before joining and posting here. Its simply not there, no matter what I use to look for it. Just not there..
I would really like device maintenance back.. that's how iv got it disabled at the moment.
I am referring to the 'that found/restart device" warning that flags up in device maintenance.
Kellya86 said:
I'm not referring to them notifications, I have disabled Samsung push.
There is no package with the name 'securitylogagent' on my note 7.
I have researched this alot before joining and posting here. Its simply not there, no matter what I use to look for it. Just not there..
I would really like device maintenance back.. that's how iv got it disabled at the moment.
I am referring to the 'that found/restart device" warning that flags up in device maintenance.
Click to expand...
Click to collapse
Strange, there should be a folder at system/app/SecurityLogAgent
What firmware version are you on? What have you used to look for it?
I'm on 6.0.1, that I rooted on Sunday after I accidentally updated package disabler. I am a complete noob and have managed to just about get to this point without help.
I have looked for it using titanium backup, root browser and device control. It doesn't show on any...
So I have disabled a load of other things including device maintenance, com.samsung.andoid.sm.devicesecurity, and security manager service...
I was hoping one of these was the equivalent of securitylogagent.
Does this information below help?
Kellya86 said:
I'm on 6.0.1, that I rooted on Sunday after I accidentally updated package disabler. I am a complete noob and have managed to just about get to this point without help.
I have looked for it using titanium backup, root browser and device control. It doesn't show on any...
So I have disabled a load of other things including device maintenance, com.samsung.andoid.sm.devicesecurity, and security manager service...
I was hoping one of these was the equivalent of securitylogagent.
Does this information below help?
Click to expand...
Click to collapse
So by the build number I see that you are not on a Verizon firmware so the app names may be different. It appears you have UK firmware so you will have to find what the app name is for that firmware.
What I can suggest is that the next time you get the notification, long press on the icon at the left. You should be taken to the notification options for that app and you should also see an app info button on the right. you may be able to track the actual app down using this info or at least disable notifications.
Thanks for your reply.
Oh crap, I'll never find it then...
Is there a way I could post an image of my system so as some experienced members on here may look at it.??
Thanks again.

(SM-N9300) Iris Scanner broken after flashing TWRP and rooting.

Hi everyone,
Let me explain, I used odin to flash the recovery, because of the encryption or whatsoever I wasn't able to transfer via MTP using TWRP in order to get super Su on the phone to root and boot because of the dm-verity thing.
So I wipe data and then I could transfer super Su, get the phone rooted, and boot it up.
Of course Knox was tripped, so i can't access private folder nor S health, but I can live without it. (Ok, if someone know how to make S health work again I take it )
After all of that I tried to setup the Iris scanner again and it scan my eyes, says everything is okay, and goes back to the menu where it is written "add your iris".
No matter how many times I try it seems that it doesn't save my iris properly, or don't save it at all.
Do someone knows something about it ? for those that are rooted do you experience the same issue ?
Thanks in advance
PS : I rooted following this tutorial : http://forum.xda-developers.com/note-7/development/recovery-official-twrp-galaxy-note-7-t3458413
Hello.
I did root my sm-n9300 following the tutorial.
Only SHealth didn't work.
To put it working again is easy:
Go to playstore, and downgrade the SHealth. Never allow to upgrade it again.
About the iris scanner, I had my iris saved before rooting, and didn't have to scanner it again.
The private folder works fine.
You didn't follow exactly the tutorial.
After flashing the recovery, you can tranfer su via MTP, using the sdcard, and then flash it.
Maybe if you flash the official firmware via Kies, and do the process of rooting again, you will have the iris and private folder working.
Hoppe this will help.
Hi, thanks for the answer!
In fact I wasn't able to transfer SU via mtp, for some reason twrp wasn't able to mount anything, so I had to format data, in order to "break" the encryption.
Maybe I'll try to flash the firmware with Kies and do it all over again.
But I don't get how secure folder can be working for you if knox is tripped...
Hello.
Indeed you are right.
The private folder don't work.
i thought it did, because everytime I was seeing photos, I got an information to put them in that folder, if I wished
But never did. Now I tried, and got a message saying the Knox couldn't create it.
My mistake
Sorry. But the iris do work, indeed
I really don't have any clue about how to fix the iris scanner
Trying to use a secure feature where one side of security has been compromised, i.e the ability of any app to have root privileges. I think there is a reason for the Iris scanner to not be working... Admittedly I used to enable root I every phone as I do normally tinker at system level, but, more and more apps are doing what normally root was needed for these days, the need to root is really low now. With my corporate policy basically blocking any knox tripped device, I have kind of learnt to get by without root and luckily that is now paying off with some convenience features that you can only really use in a secure environ safely like Android pay, fingerprint and iris unlock etc. Now my phone is effectively a wallet, I really want those secure features maintained so something more sinister is somewhat blocked from making its way into there.
Sent from my SM-N930F using Tapatalk
I see your point, the fact is when trying to set up the iris scanner there is no message about compromised security like when trying to open the secure folder.
In fact it works, it just seems to not be able to save it properly.
My phone is also a wallet in China since wechat pay and alipay can be use even on rooted phone, and it also can be use everywhere. ( no need of special terminal or whatever special technology, just a bar code scanner)
Thanks for your answer, I think k I'll try a factory reset tomorrow and let you know
I remember when setting up either finger print scanner or iris, the phone brought up a message about knox environment being activated, so I think you will be out of luck.
Be careful with rooted phone in China, I connected my rooted phone to my Chinese wife's laptop, and it installed an app with root privileges unattended!! I was not impressed with that I can tell you.
Sent from my SM-N930F using Tapatalk
it is bcoz u have disabled encryption in twrp .... if u want to use iris dnt clear encryption in twrp ....
sun2sunny said:
it is bcoz u have disabled encryption in twrp .... if u want to use iris dnt clear encryption in twrp ....
Click to expand...
Click to collapse
OK!
But how can I enable the encryption then?
I can't mount anything in twrp tough....
That is what I m searching next a days
Sent from my SM-N9300 using XDA Free mobile app
sun2sunny said:
That is what I m searching next a days
Click to expand...
Click to collapse
I guess the only way is to use a custom kernel, it will disabled knox and s health last version and iris scanner will work again
SylverSun said:
I guess the only way is to use a custom kernel, it will disabled knox and s health last version and iris scanner will work again
Click to expand...
Click to collapse
Where can we find it another question
sun2sunny said:
Where can we find it another question
Click to expand...
Click to collapse
Yes, maybe on some Chinese forum
Searched already

Help - Rooted - Island Not working

Hello,
Need some help. I was able to get TWRP on my new Tab S4 and root it with Magisk without issue. I was trying to install and get Island working so I could sandbox a few apps for privacy and I can't get it to work. A Knox notice keeps coming up "The work profile cannot be created because the OS was changed". Then I give Island root access, it appears to work, then a lovely Knox screen (The Knox work profile Icon) comes up saying an unauthorized application was installed and blocked, please contact your admin. So I spent the next 4 hours combing forums and Island's install doco to find a solution. I have tried everything, I used debloat to turn all the Knox stuff off but the needed work space. I even left work space running but just disabled the Knox models in it. I installed Island manually with ADB, and gave it God rights. That made things worse.... Now this nasty screen came up at boot and forced me to recover the OS because it couldn't be bypassed, if just prompted to factory reset the device. I have exhausted all my known options and am now requesting air support.
Thanks in advance,
One Very Frustrated Android Amature
DevinN said:
Hello,
Need some help. I was able to get TWRP on my new Tab S4 and root it with Magisk without issue. I was trying to install and get Island working so I could sandbox a few apps for privacy and I can't get it to work. A Knox notice keeps coming up "The work profile cannot be created because the OS was changed". Then I give Island root access, it appears to work, then a lovely Knox screen (The Knox work profile Icon) comes up saying an unauthorized application was installed and blocked, please contact your admin. So I spent the next 4 hours combing forums and Island's install doco to find a solution. I have tried everything, I used debloat to turn all the Knox stuff off but the needed work space. I even left work space running but just disabled the Knox models in it. I installed Island manually with ADB, and gave it God rights. That made things worse.... Now this nasty screen came up at boot and forced me to recover the OS because it couldn't be bypassed, if just prompted to factory reset the device. I have exhausted all my known options and am now requesting air support.
Thanks in advance,
One Very Frustrated Android Amature
Click to expand...
Click to collapse
Afaik once knox 0x1 is triggered there is no way to use Island since work profile cant be added. In fact i tried a lot of stuff to get it working on stock software with just recovery and root being installed, tried unrooting going back to original stock.. nothing worked.
OS has been changed probably refers to the knox counter.
Unfortunately Samsung locks Knox if you unlock your device. Afaik this is irreversible.
That is the reason I am still on stock.
Edit: Island should still work though. Haven't tried it though.
spookyspookster said:
Unfortunately Samsung locks Knox if you unlock your device. Afaik this is irreversible.
That is the reason I am still on stock.
Edit: Island should still work though. Haven't tried it though.
Click to expand...
Click to collapse
Is that an OS limitation? I have other rooted Samsung tablets, (older) running like 5.1 and 6.1 and they WORK. Island is able to create its OWN sandbox with root access on those. I feel like this is a security applet / process blocking this only, not a technical limitation. I was able to create the work profile with ADB outside of root access, I was able to assign Island with both Device Owner and Admin over the work profile and it was technically working. Some Knox security process that I didn't disable (most likely because it's a com.system that isn't listed in debloat) that is blocking it from displaying (I believe it is working) with a security overlay that I can't close. I need help finding that, and killing it with fire. I think it is beyond me technically. I am a network admin, not programer, though I speak some programming basic concepts via my network background. Just enough to get me in trouble and get to to here to ask for help.
dr460nf1r3 said:
Afaik once knox 0x1 is triggered there is no way to use Island since work profile cant be added. In fact i tried a lot of stuff to get it working on stock software with just recovery and root being installed, tried unrooting going back to original stock.. nothing worked.
OS has been changed probably refers to the knox counter.
Click to expand...
Click to collapse
Ok, after much OCD digging, I found the permissions and the Knox security file that was popping that up. I deleted the permissions with adb, killed those 2 processes within the workgroup files using root deleter app and now it works. Note, the whole drive is decrypted by default, I applied the decrypt patch when I rooted. So island was able to successfully provision a work profile and is admin over it.
DevinN said:
Ok, after much OCD digging, I found the permissions and the Knox security file that was popping that up. I deleted the permissions with adb, killed those 2 processes within the workgroup files using root deleter app and now it works. Note, the whole drive is decrypted by default, I applied the decrypt patch when I rooted. So island was able to successfully provision a work profile and is admin over it.
Click to expand...
Click to collapse
Hi,
Would you be able to provide a step by step guide ?
Thanks
DevinN said:
Ok, after much OCD digging, I found the permissions and the Knox security file that was popping that up. I deleted the permissions with adb, killed those 2 processes within the workgroup files using root deleter app and now it works. Note, the whole drive is decrypted by default, I applied the decrypt patch when I rooted. So island was able to successfully provision a work profile and is admin over it.
Click to expand...
Click to collapse
A guide please?!:good:
DevinN said:
Ok, after much OCD digging, I found the permissions and the Knox security file that was popping that up. I deleted the permissions with adb, killed those 2 processes within the workgroup files using root deleter app and now it works. Note, the whole drive is decrypted by default, I applied the decrypt patch when I rooted. So island was able to successfully provision a work profile and is admin over it.
Click to expand...
Click to collapse
Please provide your method, i think we are a lot in that situation : rooted and no work profile allowed by knox and tima. I even tried custom kernels announcing knox stuff disable and it's not workin either.
Thks.
Nvm
DevinN said:
Ok, after much OCD digging, I found the permissions and the Knox security file that was popping that up. I deleted the permissions with adb, killed those 2 processes within the workgroup files using root deleter app and now it works. Note, the whole drive is decrypted by default, I applied the decrypt patch when I rooted. So island was able to successfully provision a work profile and is admin over it.
Click to expand...
Click to collapse
Hi how you do this I need to do the same. Thanks
Seriously, he shared the news but didn't share how he did it??
Please provide details
Anybody has a solution on this topic or is this thread dead?
@DevinN, can you provide more info please? What files and apps did you delete?
Edit:
I found that package "com.samsung.android.knox.containeragent" causes the black block-screen, so i disabled it. (adb shell pm disable ...).
Island still refuses fo be installed automatically (security policy prevents creation of work profile because a custom os has been installed) or using root (cannot start the work profile user)
Code:
TZ_init: : TZ_init Process: Device tampered, tamper fuse is set!
TZ_init: : trustlet initialization failed
trogper said:
@hardkeyboard, can you provide more info please? What files and apps did you delete?
Edit:
I found that package "com.samsung.android.knox.containeragent" causes the black block-screen, so i disabled it. (adb shell pm disable ...).
Island still refuses fo be installed automatically (security policy prevents creation of work profile because a custom os has been installed) or using root (cannot start the work profile user)
Click to expand...
Click to collapse
I replied to DevinN, I wish I know when I write post, but now I don't need because use Nicelock with multistar with dr. Ketan rom with secure folder working
I suppose there is no update here or any idea what permissions and knox security file we are talking here ?

Simple root that won't trip Knox?

Hi, there!
I heard there is a method for the S8+ where you can root your phone without tripping Knox. It isn't the best root method and it has its limitations, but it would do just fine for my needs.
Is there such method for the S9+?
Thanks!
Anyone?
CapBlackShot said:
Anyone?
Click to expand...
Click to collapse
No
*Detection* said:
No
Click to expand...
Click to collapse
And no developers are planning to create one, that we know of? I only need root to make Cerberus a system app. In case the smartphone is stolen and gets hard reset, the app will still be there, hidden. But without root it seems impossible.
CapBlackShot said:
And no developers are planning to create one, that we know of? I only need root to make Cerberus a system app. In case the smartphone is stolen and gets hard reset, the app will still be there, hidden. But without root it seems impossible.
Click to expand...
Click to collapse
KNOX is an e-fuse, once tripped that's it forever, no reversing, nothing devs can do
FRP lock is your hard reset security, unless they know your Google login they cannot access the device anyway
And if they have the knowledge to flash certain firmwares and bypass the lock, your system root app wouldn't be of any use either anyway, so....
*Detection* said:
KNOX is an e-fuse, once tripped that's it forever, no reversing, nothing devs can do
FRP lock is your hard reset security, unless they know your Google login they cannot access the device anyway
And if they have the knowledge to flash certain firmwares and bypass the lock, your system root app wouldn't be of any use either anyway, so....
Click to expand...
Click to collapse
That's very interesting. Can't believe I never heard of this before.
Will the device actually get wiped and then ask for my Google account or will it ask for my Google account before getting wiped? If the first option I mentioned is true, then Cerberus will be gone and I still won't be able to locate my cellphone in case it gets stolen, I'm assuming.
CapBlackShot said:
That's very interesting. Can't believe I never heard of this before.
Will the device actually get wiped and then ask for my Google account or will it ask for my Google account before getting wiped? If the first option I mentioned is true, then Cerberus will be gone and I still won't be able to locate my cellphone in case it gets stolen, I'm assuming.
Click to expand...
Click to collapse
It will get wiped first, it asks for the Google account because it was wiped from recovery and not from inside of Android, meaning anyone could have done it
It will not allow anyone past the Google account request, similar to when iPhones are locked to iCloud, you can wipe it as many times as you like but it will always request the Google account
For example, I steal your phone with Cerberus installed, I cannot access your phone so the most likely thing I`ll try is factory reset from recovery, this will wipe the phone and request your Google account login to access it again, which I do not have
Next thing I would try (If I knew about it) was flash stock firmware over the top, which will wipe again this time removing your Cerberus app, but again it will not prevent the Google login request
Final thing I would try would be FRP bypass to get past your Google account login, and if they manage that they have access to your phone, but it is wiped and Cerberus is gone
End of the day, no mod/app will survive the phone being flashed as the system partition is replaced with stock again, and the wipe will reset the data partition where user apps and data are
Best thing to do is enable the Google security settings for find my phone, lock and erase, and enable it to send GPS of last location when the battery is getting low, that way you can track it online until it is turned off/wiped

Categories

Resources