The reason why I ask this specifically is because I know rooting my S4 disabled HDMI output so I couldnt record gameplay on my S4 with a MHL cable so I was wondering if there is a page or thread here that lists all known effects of tripping KNOX counter on S6. Warranty is gone on this phone and cellular isnt working so gotta bring it into Samsung to fix but I have to backup the app data which I can't seem to do without rooting. I've created a full backup with Android Studio (used command prompt with adb backup command) and created a full backup with Samsung Smart Switch and neither backed up app data. So now I have to resort to rooting the phone and using Titanium backup to backup the app data. Its only for 2 social media apps which dont have a way of backing up messages and chat history. Also, either way the warranty is dead but will Samsung straight up deny all help if they see KNOX is tripped? Thanks
edit: re-read post and sounds little confusing. I updated the phone via OTA and some reason it factory reset it right after so lost the app data for those 2 apps. Thats how I know
For me, the most noticeable effect is permanently losing Samsung Pay.
I've had to service my S6 for a camera issue whilst KNOX was tripped (and still within the warranty period); sent it into Samsung and there wasn't any problem with them refusing to fix it.
Obviously your mileage may vary, but I think you should be fine so long as you flash back the stock ROM beforehand.
Related
Hi Guys,
I've got my SM-920F and I have the very same dilemma like when I got my S5 - to root or not to root
And back then I made a decision to not root it, because I was very satisfied with it's stock rom, didn't want to trip knox and wanted to use OTA (convinience).
It was all fine until my phone has been stolen.
So now I am wondering how to protect myself from not getting my phone back in case of theft.
A scenario I have in my mind goes like this:
Someone steals my phone. Screen is locked (fingerprint/pattern, doesn't matter).
What the thief does at first is a factory reset. Then it will use a phone or sell it to someone else.
The outcome is that the phone will be most likely connected to the internet. (unless it will be torn into pieces )
Now, if I had placed a tracking app on a partition, which will not be cleared by HR, it will send me phone location.
Questions:
1. If I get root not tripping knox, place my app, and then loose the root, app should be just fine, right?
1.1 If I will not trip knox getting root on stock, is there any possibility to trip the counter, when making changes in the system?
2. Update. No root == OTA working. Can OTA delete/disable my app? (out of scope: compability of the app with OS)
3. Do you know any suitable app for that?
Hi
I've had a good look around the forums, but would appreciate a pointer if anyone can help...
I have a new EE Samsung S6 (SM-G920F, Android 6.0.1) which I needed to be unlocked for O2. Rather than contact EE, I spent £20 in a shop advertising unlocking, and it appeared to work. However, I now get the 'Unauthorised actions have been detected. Restart your device...' warning, even immediately after a factory reset (and the Knox counter on the Odin screen says '1'). The other issue is WiFi passwords aren't remembered, meaning I have to log in to my home Wifi every time (I've read about this here)
I've read the 'unauthorised actions' warning is Knox related, and there are apps that can suppress the warning, but the reason seemed to be a bad batch of phones in 2015, and the issue was apparently fixed in 5.1.1 which doesn't seem to be the case here...
Was I foolish to get it unlocked by a shop?
Is there anyway to reverse whatever they've done?
Now that the Knox counter has been tripped (and I've supposedly invalidated the warranty), should I go about rooting the phone with stock 6.0.1 in the hope that I can install an app to suppress the warning, and try editing the files that might be causing the Wifi password issue?
Presumably I can't go back to EE to ask for advice now?
Many thanks for any suggestions!
I have searched xda and stackexchange to get this answer but have not been able to get a comprehensive list of what all will go if I trip Knox. Some answers were very old so I wanna see what all will I lose now with the latest Knox in my S8+? Some of the things I already know but don't care about losing:
1. Samsung Warranty
2. Secure Folder
3. Samsung Pay
4. Banking Apps
My actual concern is about device security as a whole e.g. if my device gets stolen, then except the data in my Secure Folder being secure, is there any other advantage of Knox too? Like the thief wouldn't be able to boot up or use my phone or anything of the sorts? Or the internal storage would be encrypted and there'll be Secure Boot only with Knox? I plan to flash TWRP too so what all am I going to lose? It would be amazing if we get a complete list of Knox features.
If you disable FRP lock to use root stuff, any thief can simply install a new ROM to your device and get full access as an owner without any protection. If FRP lock is enabled (not rooted), the person who steals your phone has to know your Google account login to use the device, otherwise the phone will be a brick stuck in the setup process. When you get the phone back from the thief, you can login with your Google account and have access to the phone again.
If you want to root, go for it, but I don't really see the point right now. LineageOS is not a daily driver yet (amazing that it exists though!), Note 8 ROMs bring only a few new things like different Infinity wallpapers, and things that required root before (f.e ad blocking) can be now done without root.
My banking app works with root but the finger print option is not available because of root. only thing i do miss is secure folder as that does not work.
So I was going to reset my old s7 and wanted to backup the phone before I erased everything. I kept coming across wondershare Dr fone. Seemed fairly simple and since there were no scam alerts to be found just Quickly browsing I thought i'll give it a whirl. Should have not ran it apparently.
So I connected via usb to Windows and started the program - > Phone instantly gone to download mode and apparently the software is trying to root or set some firmware to gather data - > Software doesnt work and phone stuck in endless bootloop - > recovery mode gives no command but starts after hanging a few seconds 10 or so - > Do a factory reset from recovery and Log back into previous Google Account required so I Do it and do a normal reset - > Reset goes in normal but when setting up clean phone it gives me a Security alerts "unauthorized activity noticed" and deviCe Security guides me to restart phone to reset changes.
Really spooky not knowing what the software did! Can you guys please help me figure out? Didnt find anything on web that indicates Dr fone stealing data or hacking, just ripping Off payments.
- How do I know I'm on stock ROM and nothing suspicious was left on the phone?
- Should I flash stock ROM just in case?
- Can my personal data, passwords etc be compromised if I dont use the phone?
- Could the Windows app itself have gathered personal info somehow. Can I check it out from Log or such?
I was hoping to sell the S7 but dont want anyone to get in trouble with the phone. What do you think I should do. I believe this thread Could help others unlucky Dr fone victims As Well.
Tell me if you need photos. Thanks in advance!
Ollie321 said:
- How do I know I'm on stock ROM and nothing suspicious was left on the phone?
- Should I flash stock ROM just in case?
- Can my personal data, passwords etc be compromised if I dont use the phone?
- Could the Windows app itself have gathered personal info somehow. Can I check it out from Log or such?
Tell me if you need photos. Thanks in advance!
Click to expand...
Click to collapse
So I found out Samsungs have an efuse that triggers when attempting to root and obviously dr fone might have triggered it. That would obviously also trigger the security alert. Any idea how it actually works? Does anyone know if this can be fixed somehow? The firmware doesn't seem like a custom but how do I know?
Also the windows app seems to have gathered the logs from the attempt and I have them in AppData. Could anyone help me solve if anything suspicious happened if I provide them?
Status update
Reflashing stock ROM fixed the security alert so it wasn't the knox efuse. Odin mode showed:
Binary Samsung Official
System Custom
Knox warranty void 0x0000
After flashing twice it changed back to normal:
Binary Samsung Official
System Official
Knox 0x0000
How is that even possible. No changes made but still changes made? I believe it started to do something and then crashed before knox went off. I have currently absolutely no reason to believe anything suspicious was going on in windows. Ran pretty much everything to scan in safe mode and all logs seemed completely normal, but this "Unauthorized access" in the custom system after factory reset seems a little shady. Checked all the preinstalled apps and they're the same after flashing stock except custom os had "Game optimization" and the official doesn't. I made the conclusion that something really did find it's way there even though that service might have been legit. That or system changes were made and interrupted and security alert because of that.
Reset passwords and using 2 step authentication so I doubt anything really important was compromised for very long. If you are reading this keep an eye out for this type of crapware!
Hi Guys,
I've installed a bunch of apps to check for root including Safetynet and I'm actually in fact unrooted just bootloader unlocked and using latest version of LightROM.
Unfortunately no matter using magisk core or uninstalling everything, hiding from system and hiding the banking app it still detects Root and that's SUPER aggravating.
Is there a way to know exactly what checks is failing when an app is attempting to detect Root as I said I haven't even rooted yet..
The apps are SBM mobile and Juice byMCB.
Thanks for your help!
Airbag888 said:
Hi Guys,
I've installed a bunch of apps to check for root including Safetynet and I'm actually in fact unrooted just bootloader unlocked and using latest version of LightROM.
Unfortunately no matter using magisk core or uninstalling everything, hiding from system and hiding the banking app it still detects Root and that's SUPER aggravating.
Is there a way to know exactly what checks is failing when an app is attempting to detect Root as I said I haven't even rooted yet..
The apps are SBM mobile and Juice byMCB.
Thanks for your help!
Click to expand...
Click to collapse
It says detecting root but it's actually detecting Knox has been tripped via modification.
It's well known that some banking apps and others will never work on a phone that has or had a custom Rom installed at some point.
cooltt said:
It says detecting root but it's actually detecting Knox has been tripped via modification.
It's well known that some banking apps and others will never work on a phone that has or had a custom Rom installed at some point.
Click to expand...
Click to collapse
Thanks for your answer.. So I checked with a knox checker app and it can't tell knox was triggered saying it's 0x0 (I know the efuse was tripped but magisk apparently can hide it at least from non system apps) and all the root checkers and safetynet checkers I ran could not see anything.
I wish I knew what exactly tripped this app, not sure if an app developer can open it up and see the logic in effect at startup?
What are my options now?
Since I tried removing root/magisk - did not help
1. Flash stock? knox would show up as 0x1
2. throw away the phone as it will from now on never run this banking app? that seems super extreme and when I asked before unlocking BL everyone was adamant banking apps were not a problem anymore.. sigh
Airbag888 said:
Thanks for your answer.. So I checked with a knox checker app and it can't tell knox was triggered saying it's 0x0 (I know the efuse was tripped but magisk apparently can hide it at least from non system apps) and all the root checkers and safetynet checkers I ran could not see anything.
I wish I knew what exactly tripped this app, not sure if an app developer can open it up and see the logic in effect at startup?
What are my options now?
Since I tried removing root/magisk - did not help
1. Flash stock? knox would show up as 0x1
2. throw away the phone as it will from now on never run this banking app? that seems super extreme and when I asked before unlocking BL everyone was adamant banking apps were not a problem anymore.. sigh
Click to expand...
Click to collapse
Yeah those Knox checking apps are a load of rubbish to be honest. You can check if Knox has been tripped by booting into recovery and checking the Knox counter ,top left, bottom text.
When a phone is modified in any way which almost always requires root, an entry is made in the EFS partition which cannot be altered or you will lose IMEI and other critical data. As I mentioned some banking apps don't care about mods since when the app is used the connection is encrypted end to end but obviously some banking apps just won't take the risk and don't run full stop. This is why some people are saying what their saying about resetting/hiding Knox. Also as you know Knox is a physical efuse so how can software reset or hide it.
People just getting confused due to some apps working and some not but it's due to what I've just explained.
In future all banking apps are moving to completely non function if a phone has been modified so if this is important to you on a new phone ,don't ever root it.
cooltt said:
Yeah those Knox checking apps are a load of rubbish to be honest. You can check if Knox has been tripped by booting into recovery and checking the Knox counter ,top left, bottom text.
When a phone is modified in any way which almost always requires root, an entry is made in the EFS partition which cannot be altered or you will lose IMEI and other critical data. As I mentioned some banking apps don't care about mods since when the app is used the connection is encrypted end to end but obviously some banking apps just won't take the risk and don't run full stop. This is why some people are saying what their saying about resetting/hiding Knox. Also as you know Knox is a physical efuse so how can software reset or hide it.
People just getting confused due to some apps working and some not but it's due to what I've just explained.
In future all banking apps are moving to completely non function if a phone has been modified so if this is important to you on a new phone ,don't ever root it.
Click to expand...
Click to collapse
If that's really the direction things are going it's pretty sad. Android turning into crapple.
Anyway I was wondering how an app (Bank) could have access to the real knox status while another not (the app I used detected 0x1 without magisk and 0x0 with magisk)
I don't want a world where I can't bootloader unlock my phone.. Already I regretted not bootloader unlocking it because it's 2019 and android can't backup all my app data yet. So if I factory reset, bam all my redownloaded stuff has no saved data (or most of it) and that annoys the hell out of me. There should be a way to basically nandroid a backup to your computer or sd card and restore that whenever you feel.
I was super bummed a month ago, my stock unrooted s7e was extremely slow and unusable, after rooting, and installing LightROM all went back to being fluid. I was about to spend good money for a new phone now I can't use my banking app at all and I'm *****ing cause I use it on a daily basis.
Airbag888 said:
If that's really the direction things are going it's pretty sad. Android turning into crapple.
Anyway I was wondering how an app (Bank) could have access to the real knox status while another not (the app I used detected 0x1 without magisk and 0x0 with magisk)
I don't want a world where I can't bootloader unlock my phone.. Already I regretted not bootloader unlocking it because it's 2019 and android can't backup all my app data yet. So if I factory reset, bam all my redownloaded stuff has no saved data (or most of it) and that annoys the hell out of me. There should be a way to basically nandroid a backup to your computer or sd card and restore that whenever you feel.
I was super bummed a month ago, my stock unrooted s7e was extremely slow and unusable, after rooting, and installing LightROM all went back to being fluid. I was about to spend good money for a new phone now I can't use my banking app at all and I'm *****ing cause I use it on a daily basis.
Click to expand...
Click to collapse
How can some apps see knox and not others? Read only access to the EFS partition.
Samsung (along with all phone Manufactures) develop their firmware together with all the big app developers who intend to use the platform. The banking sector has been hit hard with all kinds of IT related fraud especially with mobile banking. Banks simply cannot rely on customers to secure mobile devices so the choice is, block their app from functioning on a device that has been compromised in any way shape or form whatsoever or carry on taking the hit for banking fraud. If i was a bank i know which option i would choose, especially as governments are ensuring banks refund customers for their own stupidity.
With regards to open source and Android community mods, while it's been great there is a serious downside to it. More and more companies & developers are protecting their work and intellectual property. Mods will become harder and harder as much tougher security is built into apps and firmware. It's enervatible. Nobody makes money from phones which don't track your usage habits or can't show ads etc. We are all the product!
Lets not even talk about built in obsolescence.
cooltt said:
Yeah those Knox checking apps are a load of rubbish to be honest. You can check if Knox has been tripped by booting into recovery and checking the Knox counter ,top left, bottom text.
When a phone is modified in any way which almost always requires root, an entry is made in the EFS partition which cannot be altered or you will lose IMEI and other critical data. As I mentioned some banking apps don't care about mods since when the app is used the connection is encrypted end to end but obviously some banking apps just won't take the risk and don't run full stop. This is why some people are saying what their saying about resetting/hiding Knox. Also as you know Knox is a physical efuse so how can software reset or hide it.
People just getting confused due to some apps working and some not but it's due to what I've just explained.
In future all banking apps are moving to completely non function if a phone has been modified so if this is important to you on a new phone ,don't ever root it.
Click to expand...
Click to collapse
I must admit I find it sad that no one found a workaround It used to be that the community could outsmart the manufacturers now it seems maybe they all got employed instead
I guess we had a good run