Tripping KNOX - Samsung Galaxy S8+ Questions & Answers

Somehow on my S8+ with TWRP and custom ROM, KNOX isn't tripped unlike my S7 Edge. I've always thought that flashing custom recovery will trip KNOX. Any ideas why it isn't tripped? Mayby how to figure it out and reproduce?

Here's a screenshot from S8+

Some custom kernels will allow masking of Knox being tripped.
It is and apps that won't run with it tripped still will won't run. It is purely cosmetic...

did you try any other app to corroborate devcheck app finding?

raul6 said:
did you try any other app to corroborate devcheck app finding?
Click to expand...
Click to collapse
I've just tried phone info Samsung from play store. Also reported as not tripped. Knox warranty void: 0x0
Can you recommend something else?

It could well be, as ultramag69 said earlier, that your custom rom is simply masking the fact that knox is in fact tripped. Try Secure Folder if it works

This is not a question for the Note 9 community.
To test, just try using something Knox related, like:
Secure Boot
Secure Folder
Samsung Pay
Samsung Pass
Could be related to SamFail but not sure.

willhemmens said:
This is not a question for the Note 9 community.
To test, just try using something Knox related, like:
Secure Boot
Secure Folder
Samsung Pay
Samsung Pass
Could be related to SamFail but not sure.
Click to expand...
Click to collapse
Well if it would be reproducible I would root Note 9 so to me it was Note 9 related.
It's the ROM that is masking it as mentioned above :crying:
I was hoping sami f**** up

Related

[Q] Will Samsung KNOX be preloaded to Galaxy Note 10.1 4.4.2?

Will Galaxy Note 10.1 4.4.2 Firmware get KNOX?
I saw KLMS Agent in Leaked 4.4.2 ROM, so I am asking....
alpha5793 said:
Will Galaxy Note 10.1 4.4.2 Firmware get KNOX?
I saw KLMS Agent in Leaked 4.4.2 ROM, so I am asking....
Click to expand...
Click to collapse
I never hear anything about this possibility...
alexs784 said:
I never hear anything about this possibility...
Click to expand...
Click to collapse
I found KNOX Agent apk in German 4.4.2 Official KK Firmware...
The 4.4.2 firmware contains KNOX.
Sent from my SHW-M480W using Tapatalk
alpha5793 said:
I found KNOX Agent apk in German 4.4.2 Official KK Firmware...
The 4.4.2 firmware contains KNOX.
Sent from my SHW-M480W using Tapatalk
Click to expand...
Click to collapse
I think Knox is gonna be present in all new firmwares from Samsung, hopefully though with the older models it is only a software flag, not a (suspected) efuse like for the S4/5 and Note 3/10.1 2014...
Question though, does the KK rom update the bootloader so you can't get back to JB and has anyone successfully rooted a KK rom?
ultramag69 said:
I think Knox is gonna be present in all new firmwares from Samsung, hopefully though with the older models it is only a software flag, not a (suspected) efuse like for the S4/5 and Note 3/10.1 2014...
Question though, does the KK rom update the bootloader so you can't get back to JB and has anyone successfully rooted a KK rom?
Click to expand...
Click to collapse
I don't know well... because I'm using SHW-M480W (Korea Edition) so I didn't updated my Note 10.1....
Sent from my SHW-M480W using Tapatalk
Let's suppose this new firmware does contain KNOX. If the tablet has a flash counter value higher than 0, would the new bootloader detect that and trigger the KNOX flag too on the first boot? In other words, should the flash counter be reset to 0 before upgrading to the new firmware or is it irrelevant?
Using the Samsung phone info app (available on play store) software I checked if Knox was triggered, it wasn't. Seems like it relies on another counter to check if you have rooted your Note 10.1...
ultramag69 said:
Using the Samsung phone info 9available on play store) software I checked if Knox was triggered, it wasn't. Seems like it relies on another counter to check if you have rooted your Note 10.1...
Click to expand...
Click to collapse
Same here, Knox wasn't detected on mine either. Even checked in the applications manager, no sign of knox is there too. Anyone got any ideas to make sure it doesn't have knox?
link6155 said:
Same here, Knox wasn't detected on mine either. Even checked in the applications manager, no sign of knox is there too. Anyone got any ideas to make sure it doesn't have knox?
Click to expand...
Click to collapse
The application manager can be a bit deceptive because I think it only shows KNOX as installed if you have created a secure container. The actual KNOX flag must be stored somewhere else on the device and handled only by the bootloader. Have you tried booting into download mode to check? If there is a KNOX flag, this is most likely where it'll be displayed, like on the Note 3 and other devices.
teh_geek said:
The application manager can be a bit deceptive because I think it only shows KNOX as installed if you have created a secure container. The actual KNOX flag must be stored somewhere else on the device and handled only by the bootloader. Have you tried booting into download mode to check? If there is a KNOX flag, this is most likely where it'll be displayed, like on the Note 3 and other devices.
Click to expand...
Click to collapse
Tried that too, there is no KNOX flag on the download mode screen.
link6155 said:
Tried that too, there is no KNOX flag on the download mode screen.
Click to expand...
Click to collapse
Looks like Samsung did us a favour and didn't include that obKNOXious thing in the new firmware :laugh: That's great news. I wonder if it's because of missing hardware or simply because they don't care enough about their old devices (spoiler alert: they don't) to add features from their newer ones.
If they had added KNOX however, that could lend more credibility to the theory that even on new KNOX-enabled devices the flag is NOT an efuse and that it's actually stored somewhere in the emmc. Oh well, I'd rather enjoy my tablet unrestricted than be concerned about triggering a stupid flag. Thanks for checking guys :highfive:
It is possible, as with the Note 3 3G version, Knox was included but there is no counter. It seems only on the 4G Qualcomm variants that the "Knox counter" is apparent. If you checkout the N9000 part of the Note 3 forums this seems to be true. I wonder if it is CPU specific? They only trigger a physical change on the CPU that isn't Samsung's own...
ultramag69 said:
It is possible, as with the Note 3 3G version, Knox was included but there is no counter. It seems only on the 4G Qualcomm variants that the "Knox counter" is apparent. If you checkout the N9000 part of the Note 3 forums this seems to be true. I wonder if it is CPU specific? They only trigger a physical change on the CPU that isn't Samsung's own...
Click to expand...
Click to collapse
I've been looking into this matter quite a bit lately since I also own a Note 3 (Qualcomm LTE version - N9005) and from what I've gathered, the Note 3 N900 does have a KNOX flag and counter. However, a while ago a special service bootloader was leaked specifically for that variant, which apparently wipes this flag altogether and allows users to flash custom roms freely and downgrade to earlier software versions. The security implementation likely differs between Note 3 variants but I'm not really convinced that the flag is stored in an efuse on the Qualcomm chip. Even if that's the case though, I think Samsung so far have failed to add efuse-equivalent technology to their Exynos chips and this means that the only way for a KNOX flag to exist would be on the device memory, probably somewhere within the sboot partition or a partition of its own maybe. I don't think they would go into so much trouble to add all these security features to an almost 2 year-old device that probably also lacks the proper technologyNot to mention that many original Note 10.1 devices are not covered by warranty anymore (ie outside the EU where warranty is valid for only a year in some places) so they wouldn't really care about users voiding their warranties at this point and thus no need for the KNOX flag.
We got lucky with the Note 10.1 actually. Only a custom flash counter that's easy to reset thanks to TriangleAway and now we also get KitKat. Very nice :laugh:

Root without installing twrp trip knoc?

Will root s7 edge without installing twrp trip knox
Sent from my SM-G935F using XDA-Developers mobile app
haseeb.khld said:
Will root s7 edge without installing twrp trip knox
Sent from my SM-G935F using XDA-Developers mobile app
Click to expand...
Click to collapse
It will trip Knox, because you are modifying the system and it doesn't matter it you also flash twrp or not. And once you have rooted your phone, there are no ways to untrip Knox, so you can say goodbye to your warranty.
TheSproker said:
It will trip Knox, because you are modifying the system and it doesn't matter it you also flash twrp or not. And once you have rooted your phone, there are no ways to untrip Knox, so you can say goodbye to your warranty.
Click to expand...
Click to collapse
Well i have a rooted S6 and the Knox flag is not triggered (thanks to the leaked samsung service bootloader ).
So there is always hope :fingers-crossed:
clonednull said:
Well i have a rooted S6 and the Knox flag is not triggered (thanks to the leaked samsung service bootloader ).
So there is always hope :fingers-crossed:
Click to expand...
Click to collapse
Well, unlike the s6 with the s7 Samsung has done some hard work to keep everything closed source. As of now there is no way to bybass the Knox flag and it is very unlikely that any workaround will be available, because of Samsung's non friendly attitude towards developers.

KingRoot Questions

1. Did anyone try KingRoot and found a working method?
2. Does this trip the Knox Counter as soon as it works?
Both questions are related to the portable version of KingRoot for Android.
Thanks.
1) no
2) no one used it so they can't say what it does, if anything
Mystixor said:
2. Does this trip the Knox Counter as soon as it works?
Both questions are related to the portable version of KingRoot for Android.
Thanks.
Click to expand...
Click to collapse
Any method of rooting this device will trip the Knox counter.
the_scotsman said:
Any method of rooting this device will trip the Knox counter.
Click to expand...
Click to collapse
Really? And I always thought it was due to flashing a new firmware...
Sent from my SM-G955F using XDA Labs
Mystixor said:
Really? And I always thought it was due to flashing a new firmware...
Sent from my SM-G955F using XDA Labs
Click to expand...
Click to collapse
Nope, flashing new official samsung firmware won't trip Knox.
the_scotsman said:
Nope, flashing new official samsung firmware won't trip Knox.
Click to expand...
Click to collapse
Well what I wanted to stress wasn't that a custom firmware trips Knox but that KingRoot does not flash a new firmware and therefore potentially does not trip Knox. All it uses is an exploit to change some specific root-determining system files.
Sent from my SM-G955F using XDA Labs
Mystixor said:
Well what I wanted to stress wasn't that a custom firmware trips Knox but that KingRoot does not flash a new firmware and therefore potentially does not trip Knox. All it uses is an exploit to change some specific root-determining system files.
Sent from my SM-G955F using XDA Labs
Click to expand...
Click to collapse
Knox detects if system files are changed, it is simply not possible to change or modify any system files in any way without tripping Knox. So if you managed to use any sort of 3rd party application to root (not possible currently), the application would trip Knox, because it modifies system files.
The Knox security bombproof to the level that a physical fuse is blown inside the phone when Knox is tripped, meaning there is no way to un-trip Knox through software once it's been tripped. It's possible to fool the ROM to think that it's not tripped (like some S8 ported ROMs, to enable secure folder), but warranty can never be restored, as the Knox counter in download mode can't be tricked.
galaxyYtester said:
Knox detects if system files are changed, it is simply not possible to change or modify any system files in any way without tripping Knox. So if you managed to use any sort of 3rd party application to root (not possible currently), the application would trip Knox, because it modifies system.
Click to expand...
Click to collapse
It was possible
Kingroot used to work on s6 you could root with knox intact and use all root features only thing that would trip knox was custom recovery and/or rom
Wish it could be done with s8
skinza said:
It was possible
Kingroot used to work on s6 you could root with knox intact and use all root features only thing that would trip knox was custom recovery and/or rom
Wish it could be done with s8
Click to expand...
Click to collapse
That was over 2 years ago, when you could use root tools to reset the counter back to not tripped. Nowadays the security is much more strict, and there's a physical fuse inside the phone that gets blown when Knox is tripped. Knox isn't a bootloader-only thing anymore, now it scans system files to see any third party tampering, and gets tripped if it's detected.
galaxyYtester said:
That was over 2 years ago, when you could use root tools to reset the counter back to not tripped. Nowadays the security is much more strict, and there's a physical fuse inside the phone that gets blown when Knox is tripped. Knox isn't a bootloader-only thing anymore, now it scans system files to see any third party tampering, and gets tripped if it's detected.
Click to expand...
Click to collapse
Yep, Knox is totally solid these days. Its impossible to not trip it when rooting. F*** it and root the phone anyway, if it breaks ill claim it on insurance not through warranty.
Sent from my SM-G955F using Tapatalk
galaxyYtester said:
That was over 2 years ago, when you could use root tools to reset the counter back to not tripped. Nowadays the security is much more strict, and there's a physical fuse inside the phone that gets blown when Knox is tripped. Knox isn't a bootloader-only thing anymore, now it scans system files to see any third party tampering, and gets tripped if it's detected.
Click to expand...
Click to collapse
There was no need to reset anything i rooted used some tweaks then when i restored my knox was still 0x0
I never phiscally reset anything
Even while i was rooted my phone still said 0x0
skinza said:
There was no need to reset anything i rooted used some tweaks then when i restored my knox was still 0x0
I never phiscally reset anything
Even while i was rooted my phone still said 0x0
Click to expand...
Click to collapse
I didn't mean that, I meant that if you rooted with a method that worked through bootloader (Not kingoroot), you still could restore Knox to not tripped through root tools. Knox security used to be that simple to bypass, nowadays it's impossible to revert once tripped.
Having successfully rooted two HTC devices and a Samsung devices in the past and loved every minute of it, I was kinda excited when Kingroot props said it was possible to root the later Notes... but I never did my old Note 4, partially but not primarily because of the Knox issue.
I've heard different things RE: Knox, pretty much covers what everyone else has been saying here (no way to reset Knox, possible to reset Knox, "soft-root" via Kingroot trips/doesn't trip Knox counter, etc.) Personally, since the Note 4 issue where (correct me if I'm wrong) that Samsung phone was the first one that full rooting was impossible, I've pretty much given up on rooting for a while. Though S8+ may be possible to root (provided you're OK with possibly never resetting Knox), I'm OK with my S8+ non-rooted stock (for now), just like I HAD to be OK with my old Note 4 never being able to be rooted.
I guess my bottom line take on all this is, root at your own risk, know what you're doing, and do it if you can say "Knox be damned" and have no intention of trading the phone back in or reselling it to someone who knows nothing about rooting.
Sent from my SM-G955U using XDA Premium HD app
BereanPK said:
Having successfully rooted two HTC devices and a Samsung devices in the past and loved every minute of it, I was kinda excited when Kingroot props said it was possible to root the later Notes... but I never did my old Note 4, partially but not primarily because of the Knox issue.
I've heard different things RE: Knox, pretty much covers what everyone else has been saying here (no way to reset Knox, possible to reset Knox, "soft-root" via Kingroot trips/doesn't trip Knox counter, etc.) Personally, since the Note 4 issue where (correct me if I'm wrong) that Samsung phone was the first one that full rooting was impossible, I've pretty much given up on rooting for a while. Though S8+ may be possible to root (provided you're OK with possibly never resetting Knox), I'm OK with my S8+ non-rooted stock (for now), just like I HAD to be OK with my old Note 4 never being able to be rooted.
I guess my bottom line take on all this is, root at your own risk, know what you're doing, and do it if you can say "Knox be damned" and have no intention of trading the phone back in or reselling it to someone who knows nothing about rooting.
Click to expand...
Click to collapse
Root became possible on note 4 after a program to alter cid to dev version was released. Also because something was possible before shouldn't mean it's possible anymore as things are updated, common sense.
skinza said:
There was no need to reset anything i rooted used some tweaks then when i restored my knox was still 0x0
I never phiscally reset anything
Even while i was rooted my phone still said 0x0
Click to expand...
Click to collapse
As I said, it's not possible to root the S8 without tripping Knox. Regardless of how it was with the S6. This is the S8, it's different. It cannot be done.
the_scotsman said:
As I said, it's not possible to root the S8 without tripping Knox. Regardless of how it was with the S6. This is the S8, it's different. It cannot be done.
Click to expand...
Click to collapse
Definitely
Those days are over unless someone gets lucky,i know they wont though just wishful thinking
Well.. Do samsung says knox became bulletproof, or does the best hackers see it that way to?
rk73 said:
Well.. Do samsung says knox became bulletproof, or does the best hackers see it that way to?
Click to expand...
Click to collapse
Both sides.
Sent from my SM-G955F using XDA Labs

Samsung pay fix

Anyone found a way to use Samsung Pay after trip Knox? I have a Galaxy S8, when i reinstall stock the app not work, anyone know a kernel to fix that and run?
dorfohm2 said:
Anyone found a way to use Samsung Pay after trip Knox? I have a Galaxy S8, when i reinstall stock the app not work, anyone know a kernel to fix that and run?
Click to expand...
Click to collapse
It won't happen. Tripping KNOX is actual physical change in the mothet board. It blows a fuse. You can't flash any software ro trick it. Its military-grade security. Once you trip KNOX, you permanently bork SPay.

Question Secure folder s22 ultra

I am unable to create secure folder in my s22 ultra . While I am trying to create secure folder it says "If this keeps happening , contact customer service" . I tested my device via Samsung members app and I noticed something strange . I have attached the screenshot below. I really want to fix this software issue and secure folder . Please anyone help me out. I also tried clean flash via odin . But the issue is same. I formatted the device and restored the OS. But that doesn't help. Please help me out. Thanks .
Is it rooted? Rooting disables Knox, which is what Secure Folder, Samsung Wallet, DeX, and many banking apps require to run or work.
I rooted it earlier but then I removed root and flashed stock firmware . Now my device is not rooted and the bootloader is also locked . And after locking the bootloader , I flashed stock firmware again . But the issue is still same. How can I reflash full stock firmware so that I can enjoy all of the knox essential apps.
Knox is removed and you cant use secure folder anymore.
Is there any way to fix this .? Or , I need to visit customer service .?
arslaankhan said:
Is there any way to fix this .? Or , I need to visit customer service .?
Click to expand...
Click to collapse
Once you root, knox tripped forever and some knox apps won't work. Nothing can help but buy a new device/replace mobo
dr.ketan said:
Once you root, knox tripped forever and some knox apps won't work. Nothing can help but buy a new device/replace mobo
Click to expand...
Click to collapse
^this^
The efuse is a physical micro fuse that's part of the chipset.
arslaankhan said:
Is there any way to fix this .? Or , I need to visit customer service .?
Click to expand...
Click to collapse
Only fix is replacing the phone motherboard...in a service yes
Rapier said:
Only fix is replacing the phone motherboard...in a service yes
Click to expand...
Click to collapse
That won't be cheap. Samsung seems to accept knox tripped phones for trade ups though. So best course of action probably is to live with it and wait.
Knox isn't that useful, but having it tripped may skew banking apps... more work arounds to do, or just access banking through the browser which is a better plan anyway.
arslaankhan said:
I rooted it earlier but then I removed root and flashed stock firmware . Now my device is not rooted and the bootloader is also locked . And after locking the bootloader , I flashed stock firmware again . But the issue is still same. How can I reflash full stock firmware so that I can enjoy all of the knox essential apps.
Click to expand...
Click to collapse
Rooting trips an "e-fuse" that breaks Knox. Restoring to stock, locking the bootloader, and un-rooting doesn't fix it. As far as I know, once that e-fuse is tripped there is no way to get Knox back short of sending it to Samsung.
You fu##ked your device men. And how can you bring it to customer service if the knox is already tripped
They even not take it for other stuff if knox is tripped and imagine you're going just for knox
Mr Hassan said:
You fu##ked your device men. And how can you bring it to customer service if the knox is already tripped
They even not take it for other stuff if knox is tripped and imagine you're going just for knox
Click to expand...
Click to collapse
With a warranty repair of any kind Samsung may charge you to replace the mobo.
However knox being tripped isn't on their trade-in criteria list.
What stops working when knox is tripped.
Download a module to solve the problem that a secure folder cannot be created after root. Support one UI (4.1)
After installation, restart to create a secure folder
blackhawk said:
.... Samsung seems to accept knox tripped phones for trade ups though....
Click to expand...
Click to collapse
Well in some regions/countries maybe but in others they just started to accept trade in of normal functional devices.
I agree with you...if you did it, at least you did it for a reason so live with it, rooting offers some benefits if you use them.
Rapier said:
Well in some regions/countries maybe but in others they just started to accept trade in of normal functional devices.
I agree with you...if you did it, at least you did it for a reason so live with it, rooting offers some benefits if you use them.
Click to expand...
Click to collapse
Agreed, not the end of the world. I run stock N10+'s but don't use any of the knox features, never have.
blackhawk said:
Agreed, not the end of the world. I run stock N10+'s but don't use any of the knox features, never have.
Click to expand...
Click to collapse
If you use banking apps, then you are using a Knox feature. Most banking apps rely on Knox for secure banking.
gernerttl said:
If you use banking apps, then you are using a Knox feature. Most banking apps rely on Knox for secure banking.
Click to expand...
Click to collapse
Not, logon through the browser...
blackhawk said:
Not, logon through the browser...
Click to expand...
Click to collapse
You do it through the browser because you think the apps are susceptible to being hacked?
dj24 said:
You do it through the browser because you think the apps are susceptible to being hacked?
Click to expand...
Click to collapse
No social media or shopping apps either.
It's loose ends I don't want or need. Small wonder people have trouble with malware/spyware, just look at the junkware they eagerly load themselves.
The browser provides another layer of protection and isolation. The load speed is fast too.
Not working modile

Categories

Resources