[Virgin Mobile] [GUIDE][Q&A] Myths and Truths About KNOX

Ok so what the hell is the point of the knox bootloader other than just pissing us off ?

 

In case it isn't clear from the OP:

Bootloader DOES NOT EQUAL Android Build Number DOES NOT EQUAL Modem

This seems to be where most of the confusion comes from, along with flashing from recovery versus pushing via Odin. Thank God you made this thread Britton. I can just link to here from now on instead of typing the same reply over and over. While I don't mind providing answers instead of "look it up" responses, this one was definitely overdue.

 

Picture needs readded under "how do I know if I have the knoz bootloader

 

Not showing on my computer either.

 

Working! Good job.

 

May want to add that it is possible to repair a hardbricked, KNOx'ed up SGS3, but as of right now it appears the *only* way to do that is via JTAG Riff Box.

 

Yeah, a lot of the Knox info implies that using Odin to push the official Knox boot loader ROM back onto the phone is supposed to work, but it seems like nobody who has bricked this way can even get into download mode! Conversely, all the assumptions were that JTAG wouldn't work, but now we know it does, go figure!

 

Yeah agreed- I meant to highlight "as of right now" not "only" but had an epic typing failure lol

 

So does Knox actually modify something on the hardware since mirroring all partitions from a 0x0 device leaves it bricked?

I wish I had a spare knoxed S3 to play with, but I'm not going to spend $300 to get one. I'm definitely not going to let my current phone get infected with Knox.

I have some ideas and
I would love to attempt downgrading the bootloader though, although I'm sure I'd just end up with a bricked phone if I did try since people a lot smarter than me can't do it.

Edit: Also I don't see how Knox is supposed to secure anything if devices can just have the Knox apps removed and rooted and get access to the whole system anyway. Can someone explain

 

I've been doing a lot of reading over the past few days. So anyway I might as well post my ideas about removing the Knox bootloader since I'll probably never get to attempt it myself.

Note: THESE ARE JUST IDEAS AND NOTHING I'M SAYING IS CONFIRMED TO WORK! IF YOU TRY THIS AND BRICK YOUR DEVICE, DON'T BLAME ME!

With that said, here are the steps I'm envisioning that probably won't even work.
1. Make sure the Knox efuse is not yet tripped, otherwise this has no chance of working.
2. Create a debrick sdcard from an MG2 device (instructions for this can be found in other forums)
3. Place the debrick sdcard into a Knoxed device.
4. Use a usb jig to power the device into download mode. (Again, instructions for this can be found elsewhere with a Google search)
5. Make sure the download mode screen makes no mention of Knox or warranty bit or whatever the download mode of a Knoxed device shows. This means download mode booted from the sd card and doesn't contain the code for blowing the efuse.
6. Use Odin to flash an MG2 boot image.

Again there is probably something I've overlooked that will cause this not to work, otherwise, I'm sure someone would have already tried it.

 

Hey, gurus. Thanks for all the insights. I just purchased a VM S3, and have been reading about my rooting options.

My phone is on MK5 4.3, and if I look under "Device Administrators" in the menu I see Knox (although it is not enabled).

But when I compare my download screen to the one in this thread, it makes no mention of KNOX. Does that mean that my phone doesn't have the KNOX bootloader?

This is everything my download screen displays:

ODIN MODE
PRODUCT NAME: SPH-L710
CUSTOM BINARY DOWNLOAD: No
CURRENT BINARY: Samsung Official
SYSTEM STATUS: Official
QUALCOM SECUREBOOT: ENABLE
Warranty Bit: 0
BOOTLOADER RP SWREV: 1


Thanks again for all the help!
JCHammerPants

 

I believe the fact that it says "Warranty bit" means that you have knox, and the fact that it is zero means you haven't tripped it. Someone correct me if I am wrong.

 

Your are correct. It'll change to 1 once you trip it.

 

is knox used to prevent us from doing something? or is it a tracker app? does it peel info about your rom to who ever has that ability? to google? a hacker? something to block third party aps? why cant we choose to have it or not? what happens if you trip knox?

 

I don't care about the warranty. If I root and install custom recovery/rom/kernel, will it brick the phone? Or just trip this counter and void my warranty?

 

@Plumblossom- knox is a security program, was originally created if I recall correctly to enable ppl working for governments and other high security jobs to be able to use their phones for home and buissness instead of having a cell phone for each, but Knox doesn't work, reports online of folks getting spam thru Knox secure apps, issue is once installed it cannot be removed or altered or its designed to make the phone brick to an unrecoverable state

@chris- as long as you follow directions to the T and ask questions and all that then your device should be fine, but there is always a chance to brick a device when installing/using custom Roms

 

This part is not true. I have flashed the stock Lollipop rom using Odin to my Galaxy S5 and my Knox flag is still 0x0. Might be true for the S3 but not for the S5.

 

I am new to this thread...but why do I have the knox app on my phone. I didn't ask for it. But now I get reminders that it is open in the notification bar. I didn't install it. I don't have a password or pin.

How is this possible. How can I get rid of it? Help please.