From reading around on the forum and asking on IRC I have tried to figure out exactly how KNOX works. This is my conclusion, but I am far from sure this is correct.
If someone can give me more information, I would be happy
On a GT-I9506 with the stock 4.2.2 bootloader, using ODIN to flash custom software does not do anything special since the 4.2.2 bootloader does not contain the KNOX functionality to burn the e-fuse.
On a GT-I9506 that has been upgraded and has the 4.3 bootloader, using ODIN to flash new unsigned software will burn the e-fuse.
This post has been edited/updated with information from the thread below.
tlund said:
From reading around on the forum and asking on IRC I have tried to figure out exactly how KNOX works. This is my conclusion, but I am far from sure this is correct.
If someone can give me more information, I would be happy
On a GT-I9506 with the stock 4.2.2 bootloader, using ODIN to flash new software does not do anything special since the 4.2.2 bootloader does not contain the KNOX functionality to burn the e-fuse.
On a GT-I9506 that has been upgraded and has the 4.3 bootloader, using ODIN to flash new software will burn the e-fuse.
Click to expand...
Click to collapse
Semi-correct, with 4.2.2 bootloader you doesn't have knox, but with 4.3 bootloader you have knox, but you can flash a new official rom with Odin without affect the knox status. It only will change to 0x1 if you flash something unnoficial with Odin, like a custom recovery, kernel, root, etc... but know you can root in 4.3 wirh towelroot.
Enviado desde mi GT-I9506 mediante Tapatalk
Alestilohomer said:
Semi-correct, with 4.2.2 bootloader you doesn't have knox, but with 4.3 bootloader you have knox, but you can flash a new official rom with Odin without affect the knox status. It only will change to 0x1 if you flash something unnoficial with Odin
Click to expand...
Click to collapse
Ah, yes. This is my understanding as well, I was unclear in my post. I will edit it to reflect this!
Alestilohomer said:
but know you can root in 4.3 wirh towelroot.
Click to expand...
Click to collapse
Yeah. It would be interesting to find out if you can downgrade the 4.3 bootloader to 4.2.2 after getting root with towelroot, without burning the KNOX e-fuse
Related
This KNOX thing is creating too much confusion. Somebody please clear it. Some say that KNOX won't allow us to root ar flash custom kernels n roms. Some are say that KNOX bootloader can be replaced. I am using GT-I9500 (4.3 official, MJ8 build number, not rooted), which i wish to root. What should i exactly do to get rid of knox?
Please help. Thanks
Sent from my GT-I9500 using XDA Premium 4 mobile app
I too am confused with this whole Knox stuff. But from my experience, you can Root and install custom software but it will void your warranty. I'm not sure if it's any different on the 9500 as I've got a 9505 but there is currently NO way to get rid of Knox, once you've got it, you're stuck with it.
Pulse654321 said:
I too am confused with this whole Knox stuff. But from my experience, you can Root and install custom software but it will void your warranty. I'm not sure if it's any different on the 9500 as I've got a 9505 but there is currently NO way to get rid of Knox, once you've got it, you're stuck with it.
Click to expand...
Click to collapse
Maby not ... http://forum.xda-developers.com/showthread.php?t=2504258 and this http://forum.xda-developers.com/showthread.php?t=2510867
you can root after upgrading to knox
you can also install a custom recovery
knox counter (which is not really a counter if my understanding is correct) will increase to 1, meaning you will loose the waranty
so I was running the last S4 official firmware, I root'ed it using CF auto root, then installed philz touch recoveryn than i flashed the goole edition rom from jamal
and of course I lost the waranty, hope I wont need it
philuxe said:
you can root after upgrading to knox
you can also install a custom recovery
knox counter (which is not really a counter if my understanding is correct) will increase to 1, meaning you will loose the waranty
so I was running the last S4 official firmware, I root'ed it using CF auto root, then installed philz touch recoveryn than i flashed the goole edition rom from jamal
and of course I lost the waranty, hope I wont need it
Click to expand...
Click to collapse
So now that i want to root my GT-I9500 (Indian, running 4.3 stock, MJ8 firmware), will CF autoroot work?
Sent from my GT-I9500 using XDA Premium 4 mobile app
I have Galaxy S4, and how do I check if my Knox status is 0x0, i went into bootloader, i don't see anything there though..
LimitsX said:
I have Galaxy S4, and how do I check if my Knox status is 0x0, i went into bootloader, i don't see anything there though..
Click to expand...
Click to collapse
Hi mate if you dont see any knox warranty void 0x0 0x1 in download mode. Means ur still on old bootloader and thats a good sign. Turn off your phone manually and press power+volume down in order to reach download mode to check it out.
Sent from my Phone.
I apologize for bumping this, but I am on stock 4.2.2 rooted right now and I don't have this knox warranty in download mode. It only says my system is modified and TringleAway can solve that. Does this mean if I update to 4.3/4.4.2 then this flag appears? Because from what I've read there is no way to downgrade to older bootloader/reset the flag to 0.
Hello,
flag in the new bootloader change only if you flash a kernel or a recovery stock.
For the root, it's possible to keep 0 x 0
But if you upgrade to 4.3/4.4 the new bootloader appears
Sorry for my bad english
So as long I stay on 4.2.2 they won't know a thing? I am not in hurry to flash a custom ROM, but I'd rather not deal with this KNOX crap.
Blackbird256 said:
So as long I stay on 4.2.2 they won't know a thing? I am not in hurry to flash a custom ROM, but I'd rather not deal with this KNOX crap.
Click to expand...
Click to collapse
As long your not flashing a stock 4.3 and 4.4.2 your fine. If you are still in 4.2.2 feel free to flash custom recovery. Root.custom rom. And if you got any problem feel free to flash a 4.2.2 stock rom. Make sure to backup first. Have a nice day.
Sent from Hell ?
Repulsa said:
As long your not flashing a stock 4.3 and 4.4.2 your fine. If you are still in 4.2.2 feel free to flash custom recovery. Root.custom rom. And if you got any problem feel free to flash a 4.2.2 stock rom. Make sure to backup first. Have a nice day.
Sent from Hell ?
Click to expand...
Click to collapse
Thats what I wanted to know. Thanks. Makes me curious if stock 4.3/4.4.2 would work with old bootloader or if Samsung requires it seeing as custom ROMs seem to work with either of them.
Hey do u wanna trade with me your s4 xD. I'm already with knox 0x0 and 4.4.2
Enviado do meu GT-I9505 através de Tapatalk
I heard about Knox after I updated to 4.3. I probably won't buy Samsung phones any more.
Hi XDA people,
Just found this workaround for rooting latest 4.4.2 stock firmware without tripping Knox.
This method downgrades the firmware(System & Kernel) on your device to N7100XXUEMK4 except for the bootloader.
Dont even try to downgrade the bootloader as this isn't possible.
What you need:
1.Odin v3.09
2.Stock official N7100XXUFND3 firmware on your device.
3. A device with Knox Warranty Void: 0
Procedure:
1.Download N7100XXUEMK4 Stock Rom from HERE
2. Open the downloaded file.You will find 4 .tar.md5 files and an Odinv3.09 zip file inside.
3. Extract the Odin file and setup Odin on your PC.
4. Next extract the file named AP_N7100XXUEMK4_2099172_REV04_user_low_ship.tar.md5
5. Load this file into AP tab on Odin. Connect your phone in Odin mode and flash this file.
( Note : You have to flash only the AP file from Odin. Do not flash the other files namely CP, CSC, BL)
6. Now once the phone has rebooted go back to download mode and check if Knox has tripped or not.
7. Next use Saferoot from HERE to root your device.
(You would find the guide on how to root using saferoot easily over HERE
8. Now if saferoot was able to root your device then you must be rooted without tripping Knox. :good:
9. Now you can easily flash your official firmware through mobile odin. Select Everroot option on Mobile odin while flashing the new firmware. In this way you wont lose root access.
Known Issues:
If after rooting you want to flash custom recovery via mobile odin, or via DR.Ketan's utilities app please note that it will trip knox.
Knox remains cool until your recovery is stock. The moment a custom recovery is detected knox goes 1.
Credits:
@k1mu for saferoot
Cant you just do this?
Use Mj5 bootloader and any rom 4.x
Flash Kitkat 4.4.2 via mobilOdin and root.
Make sure status is ok (use triangle away if not)
Flash latest 4.4.2 bootloader via Odin (pcOdin)
robalm said:
Cant you just do this?
Use Mj5 bootloader and any rom 4.x
Flash Kitkat 4.4.2 via mobilOdin and root.
Make sure status is ok (use triangle away if not)
Flash latest 4.4.2 bootloader via Odin (pcOdin)
Click to expand...
Click to collapse
Surely it can be done that way.
This is for those who already upgraded to the newer builds.
Edit: FYI Triangle Away cannot reset Knox.
Sent from my Galaxy S5 GT-N7100
smeet.somaiya said:
Surely it can be done that way.
This is for those who already upgraded to the newer builds.
Edit: FYI Triangle Away cannot reset Knox.
Sent from my Galaxy S5 GT-N7100
Click to expand...
Click to collapse
Ok.
What i mean was use Triangle away before you flash the 4.4.2 bootloader to get official status and binary count 0, the knox in MJ5 always stand 0.
robalm said:
Ok.
What i mean was use Triangle away before you flash the 4.4.2 bootloader to get official status and binary count 0, the knox in MJ5 always stand 0.
Click to expand...
Click to collapse
Okay. :thumbup:
Sent from my Galaxy S5 GT-N7100
can u do this with 7105 also?
romdroid. said:
can u do this with 7105 also?
Click to expand...
Click to collapse
No idea about N7105
Do you know any N7105 stock firmware which is root able by saferoot/kingoroot without tripping knox?
Sent from my Galaxy S5 GT-N7100
smeet.somaiya said:
Okay. :thumbup:
Sent from my Galaxy S5 GT-N7100
Click to expand...
Click to collapse
robalm said:
Ok.
What i mean was use Triangle away before you flash the 4.4.2 bootloader to get official status and binary count 0, the knox in MJ5 always stand 0.
Click to expand...
Click to collapse
But wouldn't flashing 4.4.2 BL trigger Knox? I got bit confused with @robalm method
@smeet.somaiya didn't some guy over at general forum under galaxy note 2 india told us that he downgraded from official 4.4.2 to stock 4.3 and his bootloader was downgraded as well?
singhpratik87 said:
But wouldn't flashing 4.4.2 BL trigger Knox? I got bit confused with @robalm method
@smeet.somaiya didn't some guy over at general forum under galaxy note 2 india told us that he downgraded from official 4.4.2 to stock 4.3 and his bootloader was downgraded as well?
Click to expand...
Click to collapse
I don't think flashing ND3 BL will trigger knox.
Most of the users already flashed ND3 BL from MJ5 while they were on DN3. It doesn't trigger that way.
And yes about that guy, he never mentioned any detail that he downgraded from ND3 to which firmware of 4.3.
Sent from my Galaxy S5 GT-N7100
smeet.somaiya said:
I don't think flashing ND3 BL will trigger knox.
Most of the users already flashed ND3 BL from MJ5 while they were on DN3. It doesn't trigger that way.
And yes about that guy, he never mentioned any detail that he downgraded from ND3 to which firmware of 4.3.
Sent from my Galaxy S5 GT-N7100
Click to expand...
Click to collapse
I don't think you kept up with haybill and paarkhi's comments in DN3.They were on mj5 and upgraded to ND3 BL and they got Knoxed
---------- Post added at 12:25 AM ---------- Previous post was at 12:21 AM ----------
smeet.somaiya said:
I don't think flashing ND3 BL will trigger knox.
Most of the users already flashed ND3 BL from MJ5 while they were on DN3. It doesn't trigger that way.
And yes about that guy, he never mentioned any detail that he downgraded from ND3 to which firmware of 4.3.
Sent from my Galaxy S5 GT-N7100
Click to expand...
Click to collapse
infact you were the one who brought it to mine and haybill's attention that upgrading BL to ND3 triggers Knox ,i'll just ask haybill to send me a screenshot from phone info
singhpratik87 said:
I don't think you kept up with haybill and paarkhi's comments in DN3.They were on mj5 and upgraded to ND3 BL and they got Knoxed
Click to expand...
Click to collapse
I did read them. They got knoxed means they got a BL with Knox warranty Void 0. And @paarkhi confirmed it to me
And I really don't think it would trigger knox that way because the bootloader doesn't check the integrity of the firmware on your device when you're flashing the bootloader itself.
Also it doesn't trigger Knox while it boots up the system and finds unauthorized firmware.
Because we don't have Kernel lock and secure boot like on Qualcomm based N3.
Sent from my Galaxy S5 GT-N7100
smeet.somaiya said:
I did read them. They got knoxed means they got a BL with Knox warranty Void 0. And @paarkhi confirmed it to me
And I really don't think it would trigger knox that way because the bootloader doesn't check the integrity of the firmware on your device when you're flashing the bootloader itself.
Also it doesn't trigger Knox while it boots up the system and finds unauthorized firmware.
Because we don't have Kernel lock and secure boot like on Qualcomm based N3.
Sent from my Galaxy S5 GT-N7100
Click to expand...
Click to collapse
Okay this is all too much for my brain to absorb at this time of the night ,i don't think i actually understand the difference between Knox warranty void and being Knoxed ,i guess since we install de-knoxed ROMs we can't get Knoxed ,just that our warranty goes out the window and we cannot downgrade beyond a certain OS right? If what i stated is wrong then i'll go to bed and dream of knox
singhpratik87 said:
Okay this is all too much for my brain to absorb at this time of the night ,i don't think i actually understand the difference between Knox warranty void and being Knoxed ,i guess since we install de-knoxed ROMs we can't get Knoxed ,just that our warranty goes out the window and we cannot downgrade beyond a certain OS right? If what i stated is wrong then i'll go to bed and dream of knox
Click to expand...
Click to collapse
Lol. It's paritally right.
Don't worry buddy I'll help you learn Knox
Being Knoxed is getting that extra line in the download mode.
But this doesn't throw away your warranty. Warranty is lost only when this extra line in download mode ends with 1 instead of 0
Sent from my Galaxy S5 GT-N7100
singhpratik87 said:
But wouldn't flashing 4.4.2 BL trigger Knox? I got bit confused with @robalm method
@smeet.somaiya didn't some guy over at general forum under galaxy note 2 india told us that he downgraded from official 4.4.2 to stock 4.3 and his bootloader was downgraded as well?
Click to expand...
Click to collapse
I cant say for sure if flashing only the new 4.4.2 bootloader via odin will trigger knox, i have not tested it myself.
My post was more of a question from me.
robalm said:
I cant say for sure if flashing only the new 4.4.2 bootloader via odin will trigger knox, i have not tested it myself.
My post was more of a question from me.
Click to expand...
Click to collapse
In my opinion that shouldn't trip Knox.
Let us know if you test it.
Sent from my Galaxy S5 GT-N7100
smeet.somaiya said:
In my opinion that shouldn't trip Knox.
Let us know if you test it.
Sent from my Galaxy S5 GT-N7100
Click to expand...
Click to collapse
Have you got any feedback yet?
I do not have the balls to try it, my warranty is still valid and i may need to have it on service in future.
robalm said:
Have you got any feedback yet?
I do not have the balls to try it, my warranty is still valid and i may need to have it on service in future.
Click to expand...
Click to collapse
No feedback yet. But one thing i can say for sure that even if this method fails it won't hard rick your phone because we ain't downgrading the BL here.
And I found a similar method on S4 active forums. It seems it works very well.
Sent from my GT-N7100 using XDA Premium 4 mobile app
smeet.somaiya said:
No feedback yet. But one thing i can say for sure that even if this method fails it won't hard rick your phone because we ain't downgrading the BL here.
And I found a similar method on S4 active forums. It seems it works very well.
Sent from my GT-N7100 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Ok.
But KNOX will trigger by flashing anything that is not samsung official? (same as the binary counter)
robalm said:
Ok.
But KNOX will trigger by flashing anything that is not samsung official? (same as the binary counter)
Click to expand...
Click to collapse
Yes it would trigger by flashing unofficial firmware.
But here we ain't doing that too.
We're just flashing a older kernel+system partition (the whole PDA from MK4) that was vulnerable to root without tripping knox.
Sent from my GT-N7100 using XDA Premium 4 mobile app
I have DDUFND1. Even kingo doesnt recognize it. How can i get a one click root solution :crying:
CAn someone share with me last Stock Rom without knox bootloader?
The Stock Rom rooted with old bootloader would be great.
I still refuse to upgrade to bootloader with knox
You can grab any 4.2.2 formware from sammobile. Those shouldn't have knox in the bootloader.
memoryeffect said:
You can grab any 4.2.2 formware from sammobile. Those shouldn't have knox in the bootloader.
Click to expand...
Click to collapse
That isn't correct.
Android 4.2.2 MH1 is the first firmware with all the Knox stuff, including the bootloader. 4.2.2 MGA is the latest firmware without Knox
Sent from my Galaxy S4 using Tapatalk
DarkerTimes said:
That isn't correct.
Android 4.2.2 MH1 is the first firmware with all the Knox stuff, including the bootloader. 4.2.2 MGA is the latest firmware without Knox
Sent from my Galaxy S4 using Tapatalk
Click to expand...
Click to collapse
Could you reference a source?
Lasik25 said:
Could you reference a source?
Click to expand...
Click to collapse
Okay, sry it seems that I was a little bit wrong, the MGG build is the first 4.2.2 version with the new knox bootloader, but it is still correct that MGA is the last build with the Knox free one.
On my german sources they told that MH1 build is the first Knox version but however. Take a look at this
http://forum.xda-developers.com/showthread.php?t=2470635
http://androidforums.com/samsung-galaxy-s4/788644-knox-security-locked-bootloader-new-firmwares.html
Sent from my Galaxy S4 using Tapatalk
tyj82 said:
CAn someone share with me last Stock Rom without knox bootloader?
The Stock Rom rooted with old bootloader would be great.
I still refuse to upgrade to bootloader with knox
Click to expand...
Click to collapse
Knox has been introduced in Oct 2013 along with 4.3 bootloader (as far as i can remenber! one year old.....)
So your request is to come back to a 4.2.2 rom version, why? just to avoid Knox? OK I understand
But In my view you have better to flash a recent 4.4 CUSTOM rom that will preserve your legacy bootloader and will offer all the upto date features. They are many available in the dev section.
Custom Roms do not modify the boot section , so no risk to become knox pointed.
Thanks to Darker Times for his links.
Hey guys,
I updated to the Official Lolipop which was released on Poland. Now I want to root this one without tripping knox.
Can someone Help me out ?
Thanks before
AP : N9005XXUGBOB6
CP : N9005XXUGBOA1
CSC : N9005XEOGBOA4
xda_Noob. said:
Hey guys,
I updated to the Official Lolipop which was released on Poland. Now I want to root this one without tripping knox.
Can someone Help me out ?
Thanks before
AP : N9005XXUGBOB6
CP : N9005XXUGBOA1
CSC : N9005XEOGBOA4
Click to expand...
Click to collapse
Till now there is no such method to have root without tripping Knox in Lollipop,
You can update from kitkat to lollipop using Mobile ODIN and have root with Knox 0x0...
amk19 said:
Till now there is no such method to have root without tripping Knox in Lollipop,
You can update from kitkat to lollipop using Mobile ODIN and have root with Knox 0x0...
Click to expand...
Click to collapse
I updated the bootloader. If I downgrade will it also work with the new bootloader ?
xda_Noob. said:
I updated the bootloader. If I downgrade will it also work with the new bootloader ?
Click to expand...
Click to collapse
Oh, I updated my Note using MOP and still running Kitkat Bootloader.
and I guess, Once bootloader is updated to Lollipop, then downgrade to Kitkat isn't possible.
If you try to downgrade you may get stuck in bootloop or null IMEI.
amk19 said:
Oh, I updated my Note using MOP and still running Kitkat Bootloader.
and I guess, Once bootloader is updated to Lollipop, then downgrade to Kitkat isn't possible.
If you try to downgrade you may get stuck in bootloop or null IMEI.
Click to expand...
Click to collapse
Well,
Apart from Bootloader, it is possible to downgrade from lollipop to kitkat without issues. (I can confirm because i have done this before).
My question was if I updated to lollipop and downgrade to kit kat again will the new bootloader trip knox to 0x1 when trying to root ?
amk19 said:
Oh, I updated my Note using MOP and still running Kitkat Bootloader.
and I guess, Once bootloader is updated to Lollipop, then downgrade to Kitkat isn't possible.
If you try to downgrade you may get stuck in bootloop or null IMEI.
Click to expand...
Click to collapse
How to check my bootloader? I have updated to 5.0.
Sent from my SM-N9005 using Tapatalk
xda_Noob. said:
Well,
Apart from Bootloader, it is possible to downgrade from lollipop to kitkat without issues. (I can confirm because i have done this before).
My question was if I updated to lollipop and downgrade to kit kat again will the new bootloader trip knox to 0x1 when trying to root ?
Click to expand...
Click to collapse
No it won't trip Knox unless you flash something which is not officially signed from Samsung. Or unless you play with kernel and recovery.
@tahim. Download Samsung Phone Info app from playstore which shows all details of Note 3.
Thanks to @vndnguyen for this app.
Xda link here.
I don't mind trip my knox. So, can I use a chainfire file to root?
gilliardmelo said:
I don't mind trip my knox. So, can I use a chainfire file to root?
Click to expand...
Click to collapse
Yeah. You can go ahead with that method is Knox trip doesn't matter for you.