• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root [Virgin Mobile] [GUIDE][Q&A] Myths and Truths About KNOX

TheBritton

Resident Galaxy Cat
Oct 9, 2011
2,257
1,225
Amarillo, TX
thebritton.tumblr.com
MYTHS AND TRUTHS ABOUT KNOX
Important Things You Need To Know
How Does Knox Affect Root Users?

There has been inaccurate information circulating about Knox and how it affects us as root users.
So I have compiled this Q&A and I will update it as questions and answers arise.
CNexus at XDA has made a similar thread:
[FAQ] KNOX and you - xda-developers


Q: If I have KNOX can I root my device?

  • Yes, you can most certainly root your device. KNOX apps may prevent SuperSU from functioning properly but the KNOX bootloader does not prevent one from gaining root access.
Q: If I have KNOX can I install a custom recovery?

  • Yes. You may install a custom recovery with Odin. Doing so will trip the KNOX flag. The custom recovery can also be used to flash SuperSU or Superuser to gain root access or to install custom roms, kernels, and modems.
Q: I've heard that I can't downgrade my firmware once I have the KNOX bootloader. Is this true?

  • Yes and no. The only thing the KNOX firmware will not allow you to downgrade is the bootloader. You can install custom roms. You can even install stock roms based on earlier versions of Android as long as they do not include a bootloader. The best method to do this is through a flashable zip via custom recovery. You CANNOT install earlier firmware via Odin. Odin firmware packages contain everything including the bootloader so once you have the KNOX bootloader you may just want to stay away from Odin altogether except for custom recoveries.
Q: If I have KNOX can I install custom kernels?

  • I asked this question when I first got "KNOXed up" and the answer is yes. Once again, all the KNOX bootloader cares about is itself meaning you can flash whatever you want to the device as long as it's not another bootloader and if you don't mind tripping the KNOX flag. You are free to flash roms, kernels, and modems. Bootloader DOES NOT EQUAL Android Build Number DOES NOT EQUAL Modem.
Q: How do I know if I have the KNOX bootloader?

  • When you enter download mode, you will see something that looks like this:
4umera7a.jpg


  • In the above picture KNOX warranty is in tact as the flag is 0x0
  • A KNOX warrant void line says 0x1
  • If the KNOX warranty void line says 0x1 then you cannot use KNOX software as your device has been flagged as insecure. By this I mean that if your workplace / company supports bring your own device to work for corporate emails etc and they use KNOX to keep security your device will not allow this. You are still able to use future Samsung firmware releases with the KNOX flag 0x1.
Q: I took an OTA Update and now I have been KNOXed Up! I have been upgraded to MK5. Can I rid myself of this infliction?

Q: I have tripped the KNOX flag? What does that mean exactly?

  • Excellent question. This brings us to the known facts about KNOX and what it means.


Known Facts About KNOX:

  • Upgrading to newer Samsung firmware MK5 will upgrade the bootloader to KNOX bootloader. this will give an additional 2 lines in download mode about KNOX status.
  • Not possible to downgrade to KNOX-disabled firmwares/bootloaders without tripping the KNOX flag (An attempt sets 0x1) (even though some people state, downgrade is possible when omitting the bootloader file in a firmware package: see http://forum.xda-developers.com/show....php?t=2444671, not confirmed)
  • Even if you flash a KNOX-enabled firmware via Odin (e.g. the latest fw) Knox will be set to 0x1
  • Flashing unsigned or modified images via Odin will set KNOX to 0x1
  • Once the KNOX flag gets set to 0x1 there is no way to set it back (that anyone has found yet anyway!) Samsung stated, resetting the flag is impossible
  • KNOX is mandatory and can not be completely removed
  • Warranty Void is no counter, it is a flag (0,1) it was never seen 0x2 or so
  • Mirroring all partitions from a clean 0x0-Device to a 0x1-Device via JTAG produces an unfunctional device (reversible by restoring the 0x1 partitions on the phone)
  • KNOX bootloader verifies signatures of kernels and recoveries. No custom ones possible without voiding the KNOX warranty
  • If the KNOX warranty void line says 0x1 then you cannot use KNOX software as your device has been flagged as insecure. By this I mean that if your workplace / company supports bring your own device to work for corporate emails etc and they use KNOX to keep security your device will not allow this. You are still able to use future Samsung firmware releases with the KNOX flag 0x1.
  • with the new KNOX bootloader root will work, however rooting will trip the KNOX flag
 
In case it isn't clear from the OP:

Bootloader DOES NOT EQUAL Android Build Number DOES NOT EQUAL Modem

This seems to be where most of the confusion comes from, along with flashing from recovery versus pushing via Odin. Thank God you made this thread Britton. I can just link to here from now on instead of typing the same reply over and over. While I don't mind providing answers instead of "look it up" responses, this one was definitely overdue.
 
Upvote 0
May want to add that it is possible to repair a hardbricked, KNOx'ed up SGS3, but as of right now it appears the *only* way to do that is via JTAG Riff Box.

Yeah, a lot of the Knox info implies that using Odin to push the official Knox boot loader ROM back onto the phone is supposed to work, but it seems like nobody who has bricked this way can even get into download mode! Conversely, all the assumptions were that JTAG wouldn't work, but now we know it does, go figure!
 
Upvote 0
Yeah, a lot of the Knox info implies that using Odin to push the official Knox boot loader ROM back onto the phone is supposed to work, but it seems like nobody who has bricked this way can even get into download mode! Conversely, all the assumptions were that JTAG wouldn't work, but now we know it does, go figure!

Yeah agreed- I meant to highlight "as of right now" not "only" but had an epic typing failure lol
 
  • Like
Reactions: struckn
Upvote 0
So does Knox actually modify something on the hardware since mirroring all partitions from a 0x0 device leaves it bricked?

I wish I had a spare knoxed S3 to play with, but I'm not going to spend $300 to get one. I'm definitely not going to let my current phone get infected with Knox.

I have some ideas and
I would love to attempt downgrading the bootloader though, although I'm sure I'd just end up with a bricked phone if I did try since people a lot smarter than me can't do it.

Edit: Also I don't see how Knox is supposed to secure anything if devices can just have the Knox apps removed and rooted and get access to the whole system anyway. Can someone explain
 
Upvote 0
I've been doing a lot of reading over the past few days. So anyway I might as well post my ideas about removing the Knox bootloader since I'll probably never get to attempt it myself.

Note: THESE ARE JUST IDEAS AND NOTHING I'M SAYING IS CONFIRMED TO WORK! IF YOU TRY THIS AND BRICK YOUR DEVICE, DON'T BLAME ME!

With that said, here are the steps I'm envisioning that probably won't even work.
1. Make sure the Knox efuse is not yet tripped, otherwise this has no chance of working.
2. Create a debrick sdcard from an MG2 device (instructions for this can be found in other forums)
3. Place the debrick sdcard into a Knoxed device.
4. Use a usb jig to power the device into download mode. (Again, instructions for this can be found elsewhere with a Google search)
5. Make sure the download mode screen makes no mention of Knox or warranty bit or whatever the download mode of a Knoxed device shows. This means download mode booted from the sd card and doesn't contain the code for blowing the efuse.
6. Use Odin to flash an MG2 boot image.

Again there is probably something I've overlooked that will cause this not to work, otherwise, I'm sure someone would have already tried it.
 
Upvote 0
Hey, gurus. Thanks for all the insights. I just purchased a VM S3, and have been reading about my rooting options.

My phone is on MK5 4.3, and if I look under "Device Administrators" in the menu I see Knox (although it is not enabled).

But when I compare my download screen to the one in this thread, it makes no mention of KNOX. Does that mean that my phone doesn't have the KNOX bootloader?

This is everything my download screen displays:

ODIN MODE
PRODUCT NAME: SPH-L710
CUSTOM BINARY DOWNLOAD: No
CURRENT BINARY: Samsung Official
SYSTEM STATUS: Official
QUALCOM SECUREBOOT: ENABLE
Warranty Bit: 0
BOOTLOADER RP SWREV: 1


Thanks again for all the help!
JCHammerPants
 
Upvote 0
@Plumblossom- knox is a security program, was originally created if I recall correctly to enable ppl working for governments and other high security jobs to be able to use their phones for home and buissness instead of having a cell phone for each, but Knox doesn't work, reports online of folks getting spam thru Knox secure apps, issue is once installed it cannot be removed or altered or its designed to make the phone brick to an unrecoverable state

@chris- as long as you follow directions to the T and ask questions and all that then your device should be fine, but there is always a chance to brick a device when installing/using custom Roms
 
Upvote 0

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones