Go Back   Android Forums > Android Phones > Samsung Galaxy S4 > (International) Galaxy S4 - All Things Root

Like Tree47Likes

test: Reply
 
LinkBack Thread Tools
Old September 28th, 2013, 03:03 AM   #51 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Quote:
Originally Posted by dynomot View Post
Applications can have their permissions recindered remotely and basically Knox has the US military's approval. All good stuff for Samsung.
It will go far beyond just the US military. Five Eyes, (FVEY), and other defence and government departments worldwide as well as their contractors and sub contractors and any organisations who have sensitive information or are worried about industrial espionage all have lists of devices that they can or cannot use for security reasons. See this recent article...

Spy agencies 'ban Lenovo from secret networks'

Advertisements
__________________
Did you know that hitting the Thanks button is quicker than typing it and the Search button is your friend.

Dummies Guides Rooting Galaxy S4 * Know Your S4 * Update Problems * Knox Security * Bloatware * GPS
ironass is offline  
Reply With Quote
sponsored links
Old September 28th, 2013, 09:08 PM   #52 (permalink)
Senior Member
 
Rudedawg's Avatar
 
Join Date: Jun 2011
Location: Southampton UK
Posts: 856
 
Device(s): Samsung Galaxy S4 I9505 DjeMBeY MGA ROM
Carrier: EE

Thanks: 163
Thanked 94 Times in 79 Posts
Default

Sitting here on MGA trying to take this all in. It seems like things could be as they always were ...just with a one way ticket.


Ive been considering going back to stock unrooted alot lately, my phone has never been as spot on as since I first booted it up. Everything worked but soooo much bloat and a lack of UI customisation made my mind up about rooting once more.
Now im ok in this MGA bubble. My only issues are random phone resets time to time. A bug in the camera app me suspects. So untill 4.3 ...I guess call me the Robinson Crusoe of The forum.
Rudedawg is offline  
Reply With Quote
Old September 29th, 2013, 01:54 PM   #53 (permalink)
Senior Member
 
dynomot's Avatar
 
Join Date: Dec 2011
Location: Sheffield U.K
Gender: Male
Posts: 1,197
 
Device(s): SGSII (GT-i9100)-SOLD SGSIII(GT-i9300)-SOLD SGS4 (GT-i9505)-SOLD
Carrier: Vodafone UK

Thanks: 329
Thanked 386 Times in 299 Posts
Default

Quote:
Originally Posted by Rudedawg View Post
Sitting here on MGA trying to take this all in. It seems like things could be as they always were ...just with a one way ticket.


Ive been considering going back to stock unrooted alot lately, my phone has never been as spot on as since I first booted it up. Everything worked but soooo much bloat and a lack of UI customisation made my mind up about rooting once more.
Now im ok in this MGA bubble. My only issues are random phone resets time to time. A bug in the camera app me suspects. So untill 4.3 ...I guess call me the Robinson Crusoe of The forum.
I guess that goes for all of us. Ah well bring on 4.3, "have a break - have a Kit - Kat"
__________________
Samsung Galaxy Note 3 SM-N9005
ROOTED STOCK FIRMWARE PHILZ TOUCH RECOVERY

"The only foolish question is the question not asked"-Anon
dynomot is offline  
Reply With Quote
Old September 30th, 2013, 03:11 PM   #54 (permalink)
Senior Member
 
Shotgun84's Avatar
 
Join Date: May 2011
Location: Cambridgeshire, England
Posts: 5,245
 
Device(s): Galaxy S4 GT-I9505 ROM: WanamLite, Kernel: KT-SGS4
Carrier: 3UK

Thanks: 1,613
Thanked 3,037 Times in 1,815 Posts
Default

There are ROM's out there which don't change the bootloader or knox so the only thing which is holding me back is that domination theme isn't compatible with the latest firmware. As soon as that's compatible I'll be on the latest.
Shotgun84 is offline  
Reply With Quote
Old October 1st, 2013, 10:45 AM   #55 (permalink)
Senior Member
 
lotus49's Avatar
 
Join Date: May 2011
Location: Yorkshire
Gender: Male
Posts: 1,478
 
Device(s): Samsung Galaxy S4, Motorola Xoom (wi-fi), Samsung Galaxy Note 10.1 2014
Carrier: Three

Thanks: 69
Thanked 216 Times in 181 Posts
Default

Is ther anything in the latest firmware that is particularly worth upgrading for?

It is very unlikely I shall be installing a stock ROM again since I am safely rooted with a pre-Knox firmware. If I want the latest features I shall probably wait until they appear in a custom ROM or I'll just do without.
lotus49 is offline  
Reply With Quote
Old October 1st, 2013, 10:58 AM   #56 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Quote:
Originally Posted by dynomot View Post
Ah well bring on 4.3, "have a break - have a Kit - Kat"
Errr.... 4.4 = KitKat

(You were just trying to see if I was paying attention)


Quote:
Originally Posted by lotus49 View Post
Is ther anything in the latest firmware that is particularly worth upgrading for?
Re: post #43...

Quote:
Originally Posted by ironass View Post
Since the latest releases of firmware for the S4 all seem to be based on MGA/MH1 with just the addition of the new security features, I can see no reason to shift from my present ROM as there is no advantage. However, with the imminent release of Android 4.3 and the enhancements that this brings, I shall be updating.
ironass is offline  
Last edited by ironass; October 1st, 2013 at 11:12 AM.
Reply With Quote
Old October 2nd, 2013, 12:50 AM   #57 (permalink)
Senior Member
 
dynomot's Avatar
 
Join Date: Dec 2011
Location: Sheffield U.K
Gender: Male
Posts: 1,197
 
Device(s): SGSII (GT-i9100)-SOLD SGSIII(GT-i9300)-SOLD SGS4 (GT-i9505)-SOLD
Carrier: Vodafone UK

Thanks: 329
Thanked 386 Times in 299 Posts
Default

Quote:
Originally Posted by ironass View Post
Errr.... 4.4 = KitKat

(You were just trying to see if I was paying attention)
I was ironass, I was. (More likely was a typo, TBH.)
dynomot is offline  
Reply With Quote
Old October 3rd, 2013, 09:42 AM   #58 (permalink)
Junior Member
 
Join Date: Apr 2013
Gender: Male
Posts: 99
 
Device(s):
Carrier: Not Provided

Thanks: 22
Thanked 8 Times in 7 Posts
Default

The ability to lock bootloaders on Samsung devices has been a constant claim from many users, that because of security reasons.

If you have a Nexus, it comes locked out of the box, and nobody can run ClockWorkMod from a external sdcard and grab all your partitions there. And if you unlock the bootloader you get the device formatted. On Samsung actually data can be stolen because of the previous explanation, so I am really glad they decided to implement it.

It's a step forward in security and goes in the direction of iOS which is almost impossible to read you data without knowing your passwords / fingerprints.
Raptor_Jesus is offline  
Reply With Quote
Old October 4th, 2013, 06:04 AM   #59 (permalink)
Senior Member
 
Join Date: Nov 2012
Posts: 671
 
Device(s): Samsung Galaxy Note 3 SM-N9005 Black 32GB
Carrier: Three (UK)

Thanks: 29
Thanked 105 Times in 88 Posts
Default

Quote:
Originally Posted by Raptor_Jesus View Post
if you unlock the bootloader you get the device formatted. On Samsung actually data can be stolen because of the previous explanation, so I am really glad they decided to implement it.
Actually a good point. I think what most people annoys is not KNOX itself - its that no one really knows if Samsung would refuse hardware warranties based on the Knox Warranty flag ...
Gomjaba is offline  
Reply With Quote
Old October 4th, 2013, 06:34 AM   #60 (permalink)
Senior Member
 
dynomot's Avatar
 
Join Date: Dec 2011
Location: Sheffield U.K
Gender: Male
Posts: 1,197
 
Device(s): SGSII (GT-i9100)-SOLD SGSIII(GT-i9300)-SOLD SGS4 (GT-i9505)-SOLD
Carrier: Vodafone UK

Thanks: 329
Thanked 386 Times in 299 Posts
Default

Quote:
Originally Posted by Gomjaba View Post
Actually a good point. I think what most people annoys is not KNOX itself - its that no one really knows if Samsung would refuse hardware warranties based on the Knox Warranty flag ...
Since tripping the Knox security actually alters (ergo breaks) the hardware my guess is it would void any warranty. The phone would be "damaged", as in useless as a BYOD phone and the security features would not work anymore. I would imagine in UK law it would be legal to deny warranty on a rooted phone with Knox compromised. The "Pre Knox" denial of warranty is very dubious legally in the UK. Samsung have got around that now.

We still pay our money and take a choice wether to root or not, only now with the new bootloaders and Knox I think anybody rooting can kiss their warranty good bye.
dynomot is offline  
Reply With Quote
sponsored links
Old October 4th, 2013, 07:21 AM   #61 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

The warranty blackmail of rooting, driven in part by corporate greed and in part by bad rooters trying to scam the suppliers when they screw up.

Sprint (US carrier) came out with an enlightened service policy a few years ago. Take them your broken phone. They'd restore it to stock on the service bench. If it worked, you paid, if it didn't, it was a hardware fault and you didn't.

With an HTC, you go to HTCdev.com to unlock the bootloader and you decide before proceeding to give up the warranty. You know what you're choosing.

Because of the fraud aspect, I can see suppliers wanting to cover their backsides.

But Sprint has already shown the path to salvation for the corporate greed part.

Sadly that hasn't caught on.

I keep hearing that we're such a small minority of users.

Seems to me we're big enough to dominate the industry blogs, and get a lot policies and laws passed concerning us.
__________________
|

Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.

Links: Site Rules / Guidelines -and- Zero Tolerance Policy (All Members Read)


For right-on help, the Thanks button is on the right of the post.
For anything out in left field, the /!\ report button is to the left.

Remember, it's our forums and we're all in this together - so let's keep it cool!

Shoot the breeze at the best new gun forum!
EarlyMon is offline  
Reply With Quote
The Following 2 Users Say Thank You to EarlyMon For This Useful Post:
dynomot (October 4th, 2013), ironass (October 4th, 2013)
Old October 4th, 2013, 07:33 AM   #62 (permalink)
Senior Member
 
dynomot's Avatar
 
Join Date: Dec 2011
Location: Sheffield U.K
Gender: Male
Posts: 1,197
 
Device(s): SGSII (GT-i9100)-SOLD SGSIII(GT-i9300)-SOLD SGS4 (GT-i9505)-SOLD
Carrier: Vodafone UK

Thanks: 329
Thanked 386 Times in 299 Posts
Default

Indeed EarlyMon.

I'm more than a little annoyed with myself. I bought a smashed screen SGSIII, bought a screen, replaced it and to my delight got it working again. Played with it Rooted, flashed etc, but in my exuberance didn't back up the EFS folder, more fool me. Fortunately my local repair shop can fix it as long as I can prove it is mine (I can) so no harm done. I wouldn't try and scam Samsung, but I feel pre judged by their Knox counter.
EarlyMon and Screech like this.
dynomot is offline  
Reply With Quote
The Following User Says Thank You to dynomot For This Useful Post:
EarlyMon (October 4th, 2013)
Old October 4th, 2013, 08:05 AM   #63 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

I saw that post and was hoping for the best - glad you had an honest vendor to help you on that!

But yeah - I know exactly what you mean.

The presumption of guilt - what could possibly go wrong?

Statistics and semiconductors are a funny thing.

There is no certainty that any storage location on any electronic media will be accurate for all time.

Let me break that down - ever done a battery pull to fix something, and it worked?

Then you were the victim of a class of semiconductor upset called latch-up: some bit at the right place to cause trouble got stuck in ram and a board-level reset (what us non-removable battery types do) or removal and reapplication of power fixes it.

Statistically, the probability of the Knox counter going astray all without the user doing anything is extremely small. Like winning the lottery.

And like winning the lottery, that probability is not zero.

The right way to have done this would have been a semiconductor fuse, not a counter.

Some day, someone is going to claim that losing his warranty is not their fault - and not one person that matters is going to believe them.

This isn't about the silly, undying myth of Android being inherently unsecure.

It's about Android being secure for enterprise use.

Enterprise use means that instead of the maker or carrier essentially being the root user - read precisely: the administrator - and instead of you being the root user, someone at your place of work becomes your administrator.

The only way for that to have been possible in the past was to have rooted devices distributed - the opposite of what makes security sense for a corporation.

So Android hasn't been able to realistically play in enterprise. We used to have an enterprise forum but removed it because it was a non-starter.

Does Knox make it possible to work in an enterprise environment?

Yes, all the way up to military enterprise.

Will it make individual users more secure?

If you say so.

But the first day that a Knox update releases to fix the latest security threat is the day that the answer to that last question will be proven: no.

Just saying.

PS - just for a little levity and definitely for perspective, here's a classic from over 3 years ago warning you about how insecure Android is.

NSFW, foul language, you've been warned.



Just as true today as it was back then.
lotus49 and dynomot like this.
EarlyMon is offline  
Last edited by EarlyMon; October 4th, 2013 at 09:54 AM.
Reply With Quote
Old October 7th, 2013, 03:24 PM   #64 (permalink)
Senior Member
 
lotus49's Avatar
 
Join Date: May 2011
Location: Yorkshire
Gender: Male
Posts: 1,478
 
Device(s): Samsung Galaxy S4, Motorola Xoom (wi-fi), Samsung Galaxy Note 10.1 2014
Carrier: Three

Thanks: 69
Thanked 216 Times in 181 Posts
Default

Although blowing the eFuse is irreversible, I don't understand how Samsung prevents the bootloader being hacked directly.

I presume that there is code in the firmware somewhere that blows the eFuse before unlocking the bootloader. If that code could be identified and disabled by directly altering the low level data, the bootloader could be unlocked leaving the eFuse intact.

I cannot be the first person to have thought about this so I wonder how they can prevent this.
lotus49 is offline  
Reply With Quote
Old October 8th, 2013, 06:08 PM   #65 (permalink)
Senior Member
 
Join Date: Nov 2012
Posts: 671
 
Device(s): Samsung Galaxy Note 3 SM-N9005 Black 32GB
Carrier: Three (UK)

Thanks: 29
Thanked 105 Times in 88 Posts
Default

Quote:
Originally Posted by lotus49 View Post
Although blowing the eFuse is irreversible, I don't understand how Samsung prevents the bootloader being hacked directly.

I presume that there is code in the firmware somewhere that blows the eFuse before unlocking the bootloader. If that code could be identified and disabled by directly altering the low level data, the bootloader could be unlocked leaving the eFuse intact.

I cannot be the first person to have thought about this so I wonder how they can prevent this.
Good point, but given that it is approved by the US military as well makes me wonder if this is not just a software solution, but embedded in the hardware somehow somewhere - which essentially just gets enabled once you install the new firmware.

So clearly, how they do that (hardware / encryption / software) will remain a nice kept secret until someone can indeed hack it....

But again - given the military approval I'd be surprised someone can find it - without making Samsung looking like an idiot
Gomjaba is offline  
Reply With Quote
Old October 9th, 2013, 03:34 AM   #66 (permalink)
Senior Member
 
dynomot's Avatar
 
Join Date: Dec 2011
Location: Sheffield U.K
Gender: Male
Posts: 1,197
 
Device(s): SGSII (GT-i9100)-SOLD SGSIII(GT-i9300)-SOLD SGS4 (GT-i9505)-SOLD
Carrier: Vodafone UK

Thanks: 329
Thanked 386 Times in 299 Posts
Default

My reading of the situation, and I could be wrong is that the Knox flag and therfore the e-fuse are tripped by rooting, during rooting. Not by unlocking the bootloader, but the actual rooting of it. No matter what you do if the device is rooted (and I doubt there are many different ways to root) the actual process of rooting trips it. Next to impossible (but I live in hope) to circumvent.
dynomot is offline  
Reply With Quote
Old October 9th, 2013, 04:27 AM   #67 (permalink)
Senior Member
 
sntaylor's Avatar
 
Join Date: Jan 2012
Location: Ayrshire, scotland
Posts: 1,570
 
Device(s): S2 Rooted, Nexus 7 (Shared So Stock) Galaxy W(Fiancees)
Carrier: Not Provided

Thanks: 510
Thanked 393 Times in 307 Posts
Default

A hardware thing might be along the right lines as Samsung have always planned to have Knox in the s4, certainly it was one of the big things being touted at the release of it!
sntaylor is offline  
Reply With Quote
Old October 9th, 2013, 04:39 AM   #68 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

Has the existence of an efuse been confirmed?
EarlyMon is offline  
Reply With Quote
Old October 9th, 2013, 05:27 AM   #69 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Quote:
Originally Posted by EarlyMon View Post
Has the existence of an efuse been confirmed?
Good point EarlyMon.

In post #1 I link to chainfire's post, here, where he states...

"I've taken a look around, I've disassembled the bootloader, etc, and it looks like an efuse might be involved ( == not resetable ). I'm not exactly sure what triggers it yet either."

However, over on xda forums thread, "Samsung Knox: Warranty Void Behavior"
there is some speculation to this and to how the Knox counter is blown, as shown in the post by the developer, DjeMBeY, here and here.

There are currently 45 pages of posts and it would appear that in the absence of an official statement from Samsung on how Knox Security actually works and what impact an increased Knox counter has on your warranty, it is all speculation thus far.

Those who know more than I, (not hard), seem to be going with the efuse embedded in the chip as this would appear to be the most likely way of flagging a security breach without the ability to reset the Knox counter by re-programming, re-flashing or using a jtag thus making Knox secure enough for its intended purpose.
ironass is offline  
Reply With Quote
The Following 3 Users Say Thank You to ironass For This Useful Post:
dynomot (October 9th, 2013), EarlyMon (October 9th, 2013), sntaylor (October 9th, 2013)
Old October 9th, 2013, 09:05 AM   #70 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

The Qualcomm S4 has a rather sophisticated efuse setup.

http://forum.xda-developers.com/showthread.php?p=30781353

It wouldn't surprise me if the later processors do as well.

Interesting if it's being used.
EarlyMon is offline  
Reply With Quote
The Following 2 Users Say Thank You to EarlyMon For This Useful Post:
dynomot (October 9th, 2013), ironass (October 9th, 2013)
sponsored links
Old October 9th, 2013, 12:47 PM   #71 (permalink)
Senior Member
 
Hawker's Avatar
 
Join Date: Aug 2011
Location: UK
Posts: 3,929
 
Device(s): GT-I9505
Carrier: EE UK (4G)

Thanks: 558
Thanked 1,819 Times in 1,121 Posts
Default

What you also consider is if this efuse actually does exist within the chip, why did it take samsung so many firmware releases to utilise it? I would think they would have been making full use of it from day one.
__________________
My Scripts/Threads
My Web Site
Hawker is offline  
Reply With Quote
Old October 9th, 2013, 02:02 PM   #72 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

Quote:
Originally Posted by Hawker View Post
What you also consider is if this efuse actually does exist within the chip, why did it take samsung so many firmware releases to utilise it? I would think they would have been making full use of it from day one.
Why?

Knox is a comprehensive enterprise security solution.

The Department of Defense was first published as considering Android for deployment back in 2010 and iOS consideration followed shortly thereafter.
This may affect DoD office workers but their first look was for data fusion and command coordination for soldiers on the ground.

Developing suitable specs and running through trials did not happen overnight.

And until they were really ready to understand and support enterprise security, there was simply no need.

http://www.spyghana.com/android-more-reliable-in-security-than-iphone/

How about some numbers?

http://www.xda-developers.com/android/just-how-safe-is-safe-in-android/

In the common parlance, user isolation from malware is already hitting 5 nines.

99.999% of app installs won't present the problem.

100% of that is driven by people understanding app permissions before installing.

And not everyone does.

So in an enterprise situation, people are paid to stay on top of it for the whole organization.

But outside of that, there's just no need.
EarlyMon is offline  
Reply With Quote
The Following User Says Thank You to EarlyMon For This Useful Post:
ironass (October 10th, 2013)
Old October 9th, 2013, 02:05 PM   #73 (permalink)
Senior Member
 
dynomot's Avatar
 
Join Date: Dec 2011
Location: Sheffield U.K
Gender: Male
Posts: 1,197
 
Device(s): SGSII (GT-i9100)-SOLD SGSIII(GT-i9300)-SOLD SGS4 (GT-i9505)-SOLD
Carrier: Vodafone UK

Thanks: 329
Thanked 386 Times in 299 Posts
Default

Hawker, I suspect Knox wasn't ready in time, but the rest of the software and hardware was. I'm speculating of course, but I can t think of any other logical reason. It does seem odd that the bootloader was open on early firmwares up until comparatively recently.
dynomot is offline  
Reply With Quote
Old October 9th, 2013, 02:21 PM   #74 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

Am I the only one that remembers that Samsung hired Steve Kondik from CyanogenMod back in August 2011 and fell over themselves in the press bragging about how developer friendly they were?

That at that point, they were encouraging CM development for their phones?

Anyone? Beuller? Anyone?

Bling, bling, dollar, dollar bill, y'all.

In 2011, Android times were different and 2010 saw the SGS with a lot of problems. A year later, Samsung saw the demand for rapid updates and more feature choices so they opened up a lot.

Today, Android and Samsung aren't struggling for domination, they have it.

Where's the rest of the dollar bills that haven't been scooped up?

Not with rooters spreading the word to non-rooting friends.

It's in enterprise sales - virgin territory.
EarlyMon is offline  
Reply With Quote
Old October 9th, 2013, 02:24 PM   #75 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Quote:
Originally Posted by Hawker View Post
What you also consider is if this efuse actually does exist within the chip, why did it take samsung so many firmware releases to utilise it? I would think they would have been making full use of it from day one.
Two reasons spring to mind old stick...

1. The partnership and licensing agreement between Samsung and Centrify was not ready in time. See here and here.

2. Samsung waited until you had got the S4... just to spite you.


(Personally, I think the latter )
dynomot likes this.
ironass is offline  
Reply With Quote
Old October 9th, 2013, 04:29 PM   #76 (permalink)
Senior Member
 
dynomot's Avatar
 
Join Date: Dec 2011
Location: Sheffield U.K
Gender: Male
Posts: 1,197
 
Device(s): SGSII (GT-i9100)-SOLD SGSIII(GT-i9300)-SOLD SGS4 (GT-i9505)-SOLD
Carrier: Vodafone UK

Thanks: 329
Thanked 386 Times in 299 Posts
Default

Quote:
Originally Posted by ironass View Post
Two reasons spring to mind old stick...

1. The partnership and licensing agreement between Samsung and Centrify was not ready in time. See here and here.

2. Samsung waited until you had got the S4... just to spite you.


(Personally, I think the latter )

I think you just want to make our soggy moggy paranoid !

Seriously, you have trawled the depths of Wikipedia and probably found the real answer. I'll claim an intelligent guess though.

Earlymon sums this whole debacle well, its about $'s at the end of the day. Android now is dominant, it needs new markets to grow further. Knox has given Samsung at least a way in.
dynomot is offline  
Reply With Quote
Old October 10th, 2013, 05:54 AM   #77 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Quote:
Originally Posted by dynomot View Post
I think you just want to make our soggy moggy paranoid !
... and your point is?

Quote:
Seriously, you have trawled the depths of Wikipedia and probably found the real answer. I'll claim an intelligent guess though.
The ability to add Knox to older phones such as the S3 would indicate that the wherewithal to implement Knox has been present for some time. Be it in the Qualcomm chip or elsewhere. Therefore, I surmised, that since it had not been implemented earlier it was because of the necessary software and licensing.

Quote:
Earlymon sums this whole debacle well, its about $'s at the end of the day. Android now is dominant, it needs new markets to grow further. Knox has given Samsung at least a way in.
I would tend to agree with that inasmuch as the BYOD market is huge worldwide and Samsung needed to gain approval for its latest devices from government, defence and corporate IT departments for devices that could offer a separate and secure environment on their phones such as that offered by Blackberry, for instance. As it states in this Centrify release...

"Centrify can leverage Samsung's extensive global sales and marketing teams to promote its solutions to the wide network of Samsung customers, carriers and channel partners."


UPDATE

Have further updated post #1 with what is currently known about Knox, so far.
ironass is offline  
Last edited by ironass; October 10th, 2013 at 06:57 AM. Reason: updated info
Reply With Quote
The Following User Says Thank You to ironass For This Useful Post:
EarlyMon (October 10th, 2013)
Old October 10th, 2013, 06:49 AM   #78 (permalink)
AF Contributor
 
Screech's Avatar
 
Join Date: Jun 2011
Location: Eastern NC
Posts: 236
 
Device(s): Samsung I9500,Samsung P3113,Samsung I9300 (wife),Samsung I9100 (kid 1),Motorola Defy+ (kid 2)
Carrier: Straight Talk

Thanks: 7
Thanked 20 Times in 19 Posts
Default

First, sorry for my PC terms like BIOS while referring to a phone. Not completely schooled up on the current names, but I think you'll understand my thought.

I know this may be a slightly off topic, while related. Where would you think the code to pop the efuse is. Would it be in the BIOS level, possibly requiring a JTAG interface to replace with code that will not pop the efuse? Maybe I'm way off track, but I think this type of security would have to be supported to the BIOS level.

If at BIOS level I think you may be able to flash a new bios that will not pop the efuse regardless of the recovery or ROM being used. I understand that a JTAG interface with these phones is beyond what most of the ROM users would be capable on there own and that most devices would have a physical trail from being JTAGed since soldering on the board is often required so a warranty would be out of the question. But, it could allow for you use the device in a corporate level is you corporation has a BYOD program and on the weekends or such play with other ROMs/rooting without having the KNOX system report the device as "compromised" or by a second device to toy with.
Screech is offline  
Reply With Quote
The Following User Says Thank You to Screech For This Useful Post:
EarlyMon (October 10th, 2013)
Old October 10th, 2013, 08:28 AM   #79 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

Phones don't have a BIOS but the bootloader is analogous to it. It's the lowest level firmware component and it dictates the boot vector, and includes some maintenance functions.

Here's some info to help sort out terms -

http://forum.xda-developers.com/wiki/Bootloader

Open source bootloaders do exist, Das U-Boot is one, I seem to recall another but don't recall the name. They're uncommon in phone rooting.

Replacing bootloaders with modified versions and even using jtag to get through bootloader security when all else fails isn't at all unheard of with HTCs.

When you do that, an HTC becomes permanently s-off (a term unique to HTCs) where encrypted signature security is permanently off. I never gave it much thought but for all I know, the HTC s-on/off flag might be an efuse.

So the jtag unlocking precedent is certainly there, not sure about it with respect to the Knox flag.

Very interesting thought.

PS - if you could circumvent Knox and be undetected, I'd expect Samsung to OTA patch that in a jiffy. Anyone without the update would be suspect.

Trying to bypass IT security where you work hardly seems worth it, but that's imo.

Also review the OP for what's known so far about using jtag and Knox.
EarlyMon is offline  
Last edited by EarlyMon; October 10th, 2013 at 09:01 AM.
Reply With Quote
Old October 11th, 2013, 02:52 PM   #80 (permalink)
AF Contributor
 
Screech's Avatar
 
Join Date: Jun 2011
Location: Eastern NC
Posts: 236
 
Device(s): Samsung I9500,Samsung P3113,Samsung I9300 (wife),Samsung I9100 (kid 1),Motorola Defy+ (kid 2)
Carrier: Straight Talk

Thanks: 7
Thanked 20 Times in 19 Posts
Default

First, I'm not saying to try and bypass IT security where you work. I think that if you had a devices that still has the "Knox bit" in a 0 state and you jtag a boot-loader that had the code that stores 1 to the "Knox bit" modified to store to, and check, a different location, a "false Knox bit", that can be changed on and off you could use a custom rom. I would expect that Knox software should fail to load since 1 is reported unless Knox is still looking directly at the "Knox bit" location and seeing 0. Then if you got hired by a company that had a BYOD program, your company adds the program or you just want to sell the phone you restore stock recovery/rom. The custom boot-loader would then store 0 to "False Knox bit" location and Knox would work again in a secure environment. After confirming that all is working and not setting that "false Knox bit", you should be safe to restore the original boot-loader if desired and have an OEM perfect device. Again soldering a jtag interface to the board would be enough to void the warranty, not like I would be trying to claim a warranty on it though.

As you can see I was not thinking about bypassing IT security at work, but allowing freedom to use the device as we want is a way that is reversible if needed.

The jtag mention in the OP is about just coping from a device with Knox bit still off to one that has already been set. But if that bit is write-once, as stated by Samsung, and is part of some series of addresses that have a check-bit, when it is expected 0 from Knox bit but is getting 1 the check fails.

Again, I have no idea how they are writing this code, just guess at what could have been done.
Screech is offline  
Reply With Quote
sponsored links
Old October 11th, 2013, 03:26 PM   #81 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

Please see the diagrams on the link I provided for efuses.

I think Knox is fundamentally SELinux, not an application that can be patched and spoofed into thinking it's still secure.

We'll see.
dynomot likes this.
EarlyMon is offline  
Last edited by EarlyMon; October 11th, 2013 at 03:29 PM.
Reply With Quote
Old October 11th, 2013, 05:39 PM   #82 (permalink)
AF Contributor
 
Screech's Avatar
 
Join Date: Jun 2011
Location: Eastern NC
Posts: 236
 
Device(s): Samsung I9500,Samsung P3113,Samsung I9300 (wife),Samsung I9100 (kid 1),Motorola Defy+ (kid 2)
Carrier: Straight Talk

Thanks: 7
Thanked 20 Times in 19 Posts
Default

I not suggesting it should think its secure when its not. Just of ideas to prevent it from popping the eFuse when its not secure (custom roms and such), so that if you revert to a secure system (OE rom) it does not refuse to act secure because of the eFuse reflects that at some time with a previous load it was not secure. Unless the chatter about Knox not working after restoring to a secure state once the eFuse is blown from a previous custom rom are not true I'm under the impression that some apps will not treat the phone as secure if that eFuse is blown, regardless of whether the current install actually is secure.

Maybe I'll just sit back a bit and see how the updates and news concerning this plays out. I like to run custom recovery so that I can do full backup/restores with easy, but if I'm on travel out of the country I would like to use the phone in a much more secure manner, maybe one day even access to work related things if my employer decides to support Samsung's push into corporate market place.
Screech is offline  
Reply With Quote
Old October 13th, 2013, 06:05 PM   #83 (permalink)
New Member
 
Join Date: Oct 2013
Posts: 1
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

What am I failing to see here? I Understand the efuse blows your warranty. Is that the down side? I never return one of these devices via warranty its a hassle and I just replace it with a used one off of cl or buy a new one? I'm rooted and running gpe ROM but don't remember if it was before the mh8 rom
mikeyb918 is offline  
Reply With Quote
Old October 14th, 2013, 12:08 PM   #84 (permalink)
Senior Member
 
Sydney99's Avatar
 
Join Date: Jul 2011
Location: UK
Posts: 1,653
 
Device(s): Galaxy S4: Danvdh KitKat GE + Philz + KT kernel + NE5 modem
Carrier: Vodafone

Thanks: 499
Thanked 428 Times in 313 Posts
Default

Progress?

http://forum.xda-developers.com/showthread.php?p=46406218
Sydney99 is offline  
Reply With Quote
The Following 2 Users Say Thank You to Sydney99 For This Useful Post:
EarlyMon (October 14th, 2013), ironass (October 14th, 2013)
Old October 27th, 2013, 11:59 AM   #85 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Updated post #1 with more details on Knox enabled firmware and, in #1.4, how posters can check their current Knox status.

Still no reliable way of rooting and flashing a custom recovery without tripping the Knox counter, AFAIK. Also, no way of resetting the counter.

If anyone comes across a reliable method of doing either, please do not hesitate to post it here!
dynomot and silentwitness like this.
ironass is offline  
Reply With Quote
Old November 6th, 2013, 01:38 AM   #86 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default Knox Security... You ain't seen nothing yet!

Knox Security... You ain't seen nothing yet!

The following article by Galen Gruman in yesterday's Info World, lifts the lid on the new Knox security feature and goes into a lot more detail regarding its future use, (oh yes, there's more to come), on phones and tablets and why some carriers may not even implement it fully.

The truth about Samsung Knox for Android security
The higher-level security technology for select Android devices isn't really available yet, despite the hype
ironass is offline  
Reply With Quote
The Following 3 Users Say Thank You to ironass For This Useful Post:
EarlyMon (November 6th, 2013), sntaylor (November 6th, 2013), Sydney99 (November 6th, 2013)
Old November 6th, 2013, 04:28 AM   #87 (permalink)
Senior Member
 
Sydney99's Avatar
 
Join Date: Jul 2011
Location: UK
Posts: 1,653
 
Device(s): Galaxy S4: Danvdh KitKat GE + Philz + KT kernel + NE5 modem
Carrier: Vodafone

Thanks: 499
Thanked 428 Times in 313 Posts
Default

Think if this is how things are developing this will be my last Samsung, unless a bypass hack is found
Sydney99 is offline  
Reply With Quote
Old November 6th, 2013, 04:58 AM   #88 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Quote:
Originally Posted by Sydney99 View Post
Think if this is how things are developing this will be my last Samsung
Where Samsung, Apple and Blackberry have gone, the others are sure to follow!

Syd's next, Knox-less, mobile phone...

Sydney99 and sntaylor like this.
ironass is offline  
Reply With Quote
Old November 6th, 2013, 05:29 AM   #89 (permalink)
Senior Member
 
sntaylor's Avatar
 
Join Date: Jan 2012
Location: Ayrshire, scotland
Posts: 1,570
 
Device(s): S2 Rooted, Nexus 7 (Shared So Stock) Galaxy W(Fiancees)
Carrier: Not Provided

Thanks: 510
Thanked 393 Times in 307 Posts
Default

I'm sure I've suggested this already, but, I really believe that as all the companies go in this direction and modding your phone becomes irreparably traceable(no reset on counters etc) cyanogenmod Inc will bring out their own phone or range of phones, possibly taking the stock unit from say Samsung, but selling it with their own, very customisable, firmware, without having to void warranty as root is a given?

Either way, I shall be awaiting a few weeks or more before buying my next phone to see what I can and can't do. I will also now have to take extra care I don't break this s4, as I fear a replacement would come Knox activated :-(
sntaylor is offline  
Reply With Quote
Old November 6th, 2013, 05:39 AM   #90 (permalink)
Senior Member
 
Hawker's Avatar
 
Join Date: Aug 2011
Location: UK
Posts: 3,929
 
Device(s): GT-I9505
Carrier: EE UK (4G)

Thanks: 558
Thanked 1,819 Times in 1,121 Posts
Default

I particularly dislike Samsung's use of the phrase "paid subscription"
Hawker is offline  
Last edited by Hawker; November 6th, 2013 at 05:58 AM.
Reply With Quote
sponsored links
Old November 12th, 2013, 11:10 AM   #91 (permalink)
Member
 
Join Date: Apr 2012
Location: Ireland
Gender: Male
Posts: 145
 
Device(s): Samsung Galaxy S4 GT-I9505, Samsung Galaxy S2 GT-I9100, Samsung Galaxy Tab 2 10.1
Carrier: 3 Ireland

Thanks: 9
Thanked 20 Times in 17 Posts
Wink To flash or not to flash!

Ironass, thanks for this comprehensive guide and even bigger thanks for the rooting guide.

But i am confused with all this talk of 'MGG' and Knox.

I have rooted my

GT-I9505
Android Version 4.2.2
Baseband I9505XXUBMEA

I have no Knox counter flag messages when i boot into download mode, so i am confused if i should continue the flash the ass of my shiny new S4 the way i did with my S2.

Can you throw me a stupid bone here please
Romulous is offline  
Reply With Quote
Old November 12th, 2013, 11:40 AM   #92 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Quote:
Originally Posted by Romulous View Post
Ironass, thanks for this comprehensive guide and even bigger thanks for the rooting guide.

But i am confused with all this talk of 'MGG' and Knox.

I have rooted my

GT-I9505
Android Version 4.2.2
Baseband I9505XXUBMEA

I have no Knox counter flag messages when i boot into download mode, so i am confused if i should continue the flash the ass of my shiny new S4 the way i did with my S2.

Can you throw me a stupid bone here please
Samsung releases are categorised as follows:-

M = year = 2013 (13th letter of alphabet)

E = Month of year (May in this case, 5th letter of the alphabet)

A = Release of that month (10th for, "A", as they start 1-9 first, before letters)

Therefore, MEA is pre MGG, (2013, July, 16th release), and is before Knox. Only stock Samsung firmwares MGG onwards, (with the exception of MH1), have Knox.
ironass is offline  
Reply With Quote
The Following 2 Users Say Thank You to ironass For This Useful Post:
EarlyMon (November 12th, 2013), Romulous (November 12th, 2013)
Old November 12th, 2013, 11:43 AM   #93 (permalink)
Senior Member
 
Sydney99's Avatar
 
Join Date: Jul 2011
Location: UK
Posts: 1,653
 
Device(s): Galaxy S4: Danvdh KitKat GE + Philz + KT kernel + NE5 modem
Carrier: Vodafone

Thanks: 499
Thanked 428 Times in 313 Posts
Default

You have an old boot loader. You are Knox free. If you flash anything with a new boot loader there's no going back. So anything new will do this.

If you stick to roms and firmware that you flash with a zip and doesn't include the new boot loader, you don't have to worry about Knox. Generally speaking that's the aosp roms and Sammy roms like Echoe....

That's my simplistic view, over to rusty bum for a more a thorough and accurate picture
Sydney99 is offline  
Reply With Quote
The Following 2 Users Say Thank You to Sydney99 For This Useful Post:
EarlyMon (November 12th, 2013), Romulous (November 12th, 2013)
Old November 12th, 2013, 11:49 AM   #94 (permalink)
Member
 
Join Date: Apr 2012
Location: Ireland
Gender: Male
Posts: 145
 
Device(s): Samsung Galaxy S4 GT-I9505, Samsung Galaxy S2 GT-I9100, Samsung Galaxy Tab 2 10.1
Carrier: 3 Ireland

Thanks: 9
Thanked 20 Times in 17 Posts
Default

And that folks, is why this Website/forum/mods are so great.

Thanks ironass and Syd, here is a virtual high 5 from me!

Now i need to decide if i want to remain on stock rooted or try Echoe rom V7.

Although i must admit, i am missing my nightly updates of Cyanogen.
Romulous is offline  
Reply With Quote
The Following 2 Users Say Thank You to Romulous For This Useful Post:
EarlyMon (November 12th, 2013), ironass (November 13th, 2013)
Old November 13th, 2013, 01:47 PM   #95 (permalink)
Junior Member
 
Join Date: Aug 2011
Location: Lancs, UK
Posts: 25
 
Device(s): Samsung Galaxy S4 GT i9505 KitKat Danvdh CM ROM 4.4.2, Philz,
Carrier: EE

Thanks: 9
Thanked 1 Time in 1 Post
Default

So in October I changed my lovely S2 I9100 running Carbonrom 4.2.2 for a shiny new S4 I9505....then read about Knox etc . I assumed that my phone had Knox as in my application manager I have "Knox notification manager" and "Knox store" but after reading these posts I am not sure. There is nothing about Knox in download mode and my baseband is MG7. Does this mean Im Knox free?
kingink65 is offline  
Reply With Quote
Old November 13th, 2013, 01:51 PM   #96 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,377
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

Quote:
Originally Posted by kingink65 View Post
So in October I changed my lovely S2 I9100 running Carbonrom 4.2.2 for a shiny new S4 I9505....then read about Knox etc . I assumed that my phone had Knox as in my application manager I have "Knox notification manager" and "Knox store" but after reading these posts I am not sure. There is nothing about Knox in download mode and my baseband is MG7. Does this mean Im Knox free?
Looks that way -


Quote:
Originally Posted by ironass View Post
Samsung releases are categorised as follows:-

M = year = 2013 (13th letter of alphabet)

E = Month of year (May in this case, 5th letter of the alphabet)

A = Release of that month (10th for, "A", as they start 1-9 first, before letters)

Therefore, MEA is pre MGG, (2013, July, 16th release), and is before Knox. Only stock Samsung firmwares MGG onwards, (with the exception of MH1), have Knox.
EarlyMon is offline  
Reply With Quote
The Following 2 Users Say Thank You to EarlyMon For This Useful Post:
ironass (November 13th, 2013), kingink65 (November 13th, 2013)
Old November 15th, 2013, 04:36 AM   #97 (permalink)
Senior Member
 
Sydney99's Avatar
 
Join Date: Jul 2011
Location: UK
Posts: 1,653
 
Device(s): Galaxy S4: Danvdh KitKat GE + Philz + KT kernel + NE5 modem
Carrier: Vodafone

Thanks: 499
Thanked 428 Times in 313 Posts
Default

http://forum.xda-developers.com/showthread.php?p=47465272

Djembey just got his phone back. Knox was tripped. Samsung still repaired under warranty.......interesting!
ironass and sntaylor like this.
Sydney99 is offline  
Reply With Quote
The Following User Says Thank You to Sydney99 For This Useful Post:
ironass (November 15th, 2013)
Old November 15th, 2013, 04:41 AM   #98 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Have added a couple of links in #1.9 of post #1 to help explain what Knox Security is all about in very simple terms, with a video, as well as the Knox User Manual/Guide.

I have also added, in #1.8, a breakdown of the Samsung firmware release numbering, mentioned a few posts earlier, in an attempt to clear up any confusion on whether a particular firmware is Knox enabled, or not.

Quote:
Originally Posted by Sydney99 View Post
Let's find out if KNOX flag 0:1 does void the phone's warranty or not - Page 6 - xda-developers

Djembey just got his phone back. Knox was tripped. Samsung still repaired under warranty.......interesting!
In light of Syd's post, I have also amended the main body of post #1 to read that Knox, "may", invalidate your warranty and have also added in #1.10, a link to the xda forum thread on the subject of the Knox flag and warranty. This thread shows that the situation with tripping the Knox flag and warranty repairs is still far from clear and that there are conflicting reports on the subject.
EarlyMon likes this.
ironass is offline  
Last edited by ironass; November 15th, 2013 at 06:18 AM.
Reply With Quote
The Following User Says Thank You to ironass For This Useful Post:
EarlyMon (November 15th, 2013)
Old November 15th, 2013, 12:54 PM   #99 (permalink)
Member
 
Join Date: Feb 2011
Posts: 137
 
Device(s):
Carrier: Not Provided

Thanks: 1
Thanked 10 Times in 8 Posts
Default

Just trying to confirm that my I9505G I purchased from Google has an unlocked bootloader. I don't have Knox installed, and no flag appears when I go into Download mode. I was able to install Goo Manager and custom recovery from within the application (TWRP.)

Seeing that I will be getting my updates from Google instead of Samsung, then I guess I won't have to worry about Knox.
evilbastard is offline  
Reply With Quote
Old November 15th, 2013, 01:05 PM   #100 (permalink)
Senior Member
Thread Author (OP)
 
ironass's Avatar
 
Join Date: Aug 2010
Location: Cotswolds, England
Gender: Male
Posts: 8,695
 
Device(s): SGS5 SM-G900F. Rooted. KitKat 4.4.2 NG7 NEAT ROM. Baseband: NG8. KT kernel+PhilZ recovery.
Carrier: Vodafone

Thanks: 1,187
Thanked 3,919 Times in 2,582 Posts
Default

Quote:
Originally Posted by evilbastard View Post
Just trying to confirm that my I9505G I purchased from Google has an unlocked bootloader. I don't have Knox installed, and no flag appears when I go into Download mode. I was able to install Goo Manager and custom recovery from within the application (TWRP.)

Seeing that I will be getting my updates from Google instead of Samsung, then I guess I won't have to worry about Knox.
As per #1.0 in post #1...

Quote:
Originally Posted by ironass View Post
It is being rolled out across the board to all the latest devices, branded and unbranded, with the exception of the GT-i9505G, Google Play Edition with stock Android firmware.
Bootloader is not locked on GE which is a requirement of Knox.
ironass is offline  
Reply With Quote
Reply


Go Back   Android Forums > Android Phones > Samsung Galaxy S4 > (International) Galaxy S4 - All Things Root
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 08:26 PM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.