Galaxy S5 Knox Reset (New Hope)

Search This thread
By:
Advanced…
Slicktune

Slicktune

Senior Member
May 7, 2010
1,255
236
P4k1t0 said:
Even with official status, if u sent to warranty they will check Knox status and not repair the phone if broken... Thats the sad situation :(
Click to expand...
Click to collapse

Thats my biggest confusion... WHAT IF ITS NOT A REPAIRRRR!! What if im sending it AFTER they sent the replacement from the warrenty (tmobile)

And by the wayy even if it was a repair thru insurance... WHY O WHYYY IN THE WORLD would u do repair when u can report it lost... get charged the same deductable.. sell the "lost one" to a 3rd world country and use that money to pay for the deductible.. that way they dont find out about knox... Can i Get an AMEN THOOOO!! Sheesh...

Sent from my SM-G900F/T/I/M/P/W8 using Tapatalk
 
  • Like
Reactions: Annunneo, bungadudu, Active_Matrix and 1 other person
D

devoidx

Senior Member
Mar 15, 2013
202
43
Slicktune said:
And by the wayy even if it was a repair thru insurance... WHY O WHYYY IN THE WORLD would u do repair when u can report it lost... get charged the same deductable.. sell the "lost one" to a 3rd world country and use that money to pay for the deductible.. that way they dont find out about knox... Can i Get an AMEN THOOOO!! Sheesh...
Click to expand...
Click to collapse

and this is why you see a million bad IMEI t mobile listings on ebay.
 
  • Like
Reactions: PhreakAccident and codee
codee

codee

Senior Member
Jun 14, 2010
199
32
Twin Cities
Slicktune said:
Thats my biggest confusion... WHAT IF ITS NOT A REPAIRRRR!! What if im sending it AFTER they sent the replacement from the warrenty (tmobile)

And by the wayy even if it was a repair thru insurance... WHY O WHYYY IN THE WORLD would u do repair when u can report it lost... get charged the same deductable.. sell the "lost one" to a 3rd world country and use that money to pay for the deductible.. that way they dont find out about knox... Can i Get an AMEN THOOOO!! Sheesh...

Sent from my SM-G900F/T/I/M/P/W8 using Tapatalk
Click to expand...
Click to collapse

Why ohhhh whyyyy would you commit FRAUD when you could just replace/repair it under a normal deductible or you know, accept the consequences for the choices you made when you decided to void your warranty?

Sent from my SM-G900F using XDA Premium 4 mobile app
 
Slicktune

Slicktune

Senior Member
May 7, 2010
1,255
236
codee said:
Why ohhhh whyyyy would you commit FRAUD when you could just replace/repair it under a normal deductible or you know, accept the consequences for the choices you made when you decided to void your warranty?

Sent from my SM-G900F using XDA Premium 4 mobile app
Click to expand...
Click to collapse

So then whyyy ohhh whyyy reset Knox and not just deal with the consequences... Goes both ways buddy... Looking for a way to reset Knox is fraud as well but you don't see me pointing fingers....
#JUST SAYIN'

Sent from my SM-G900F using Tapatalk
 
Slicktune

Slicktune

Senior Member
May 7, 2010
1,255
236
devoidx said:
and this is why you see a million bad IMEI t mobile listings on ebay.
Click to expand...
Click to collapse

I've got family over seas that would throw me about $400 for the phone... Deductible is $150, plus the replacement phone and the $250 is profit towards the new phone with jump... Come on man really?? How is that fruad, that's smart... Business man mentality... You think these guys had any consideration on what we thought about Knox? No so why should I?

Who's with me..

Sent from my SM-G900F using Tapatalk
 
slind

slind

Senior Member
Aug 18, 2007
391
80
Bremen
MasK said:
Guys..

I have my Knox tripped and I *might* wanna sell the device. I plan to flash in a stock firmware before putting it up on sale.
I hear that the Knox software will keep popping up messages and such?
So, how do I go completely stock, but with the Knox stuff removed?

Currently I'm on a custom ROM and there's no such issues as obviously the dev removed Knox.

Thanks!
Click to expand...
Click to collapse

If you are selling your device and won't mention that the warranty is void, you are committing fraud. And you should feel bad about yourself.
 
  • Like
Reactions: PhreakAccident, lcmazza and codee
WPMan

WPMan

Senior Member
Aug 20, 2010
268
78
Is it true that knox won't get tripped just by merely rooting the device? (No flashing of custom recovery, kernel, etc., just root)

Sent from my SM-G900F using Tapatalk
 
nicholaschum

nicholaschum

Substratum Development Leader / Inactive RT
Feb 3, 2011
6,076
13,841
University of Toronto
plus.google.com
If you read the forum post carefully, they talked about many factors that can trip KNOX.

S5 users have to take account that you have KNOX 2.0 and not KNOX 1.0 like Note 3 users. I myself have the N900W8 Note 3 version that can flash anything without touching KNOX status, so I have custom ROM, kernel, recovery with 0x0 KNOX.

It is the way the bootloader is signed to be able to trip the KNOX value.

Also since we're all breaking the rules here, why don't you guys talk about the QComm leaked certificate signing tool.....haha I said too much....it's gone from the internet and that was our last wisp of hope (Qualcomm users) to clear KNOX value how Samsung does it.
 
  • Like
Reactions: Vren D and Active_Matrix
A

andyistic

Senior Member
Aug 17, 2013
77
7
www.chattermatrix.com
Slicktune said:
So that's my question, is there really a physical fuse in there that blows when you trip the knox counter? I'm confused ?...

Thanks in advance!

Sent from my SM-G900T using Tapatalk
Click to expand...
Click to collapse
My guess is that on cellphones with q-fuse CPU's (a q-fuse is an e-fuse embedded into the CPU, q meaning that Qualcomm did this to their Snapdragons), one or more q-fuses are involved with the KNOX operation.
Once blown, you cannot reset without replacing the CPU, which contains the q-fuse.

On other cellphones with non-Qualcomm CPU's, there's no such e-fuse, and therefore, the KNOX bit(s) are simply located in flash memory.
In this case, it's just a matter of being able to reflash this memory with non-tripped values, if it's possible to access it.

Shouldn't be hard to confirm if my guess is true or not, but for the moment, it seems to be.
 
S

Stiflerlv

Senior Member
Apr 9, 2010
249
20
andyistic said:
My guess is that on cellphones with q-fuse CPU's (a q-fuse is an e-fuse embedded into the CPU, q meaning that Qualcomm did this to their Snapdragons), one or more q-fuses are involved with the KNOX operation.
Once blown, you cannot reset without replacing the CPU, which contains the q-fuse.

On other cellphones with non-Qualcomm CPU's, there's no such e-fuse, and therefore, the KNOX bit(s) are simply located in flash memory.
In this case, it's just a matter of being able to reflash this memory with non-tripped values, if it's possible to access it.

Shouldn't be hard to confirm if my guess is true or not, but for the moment, it seems to be.
Click to expand...
Click to collapse

It would sound stupid, for service centers to replace CPU only because of knox.. They wouldnt do that...
 
nicholaschum

nicholaschum

Substratum Development Leader / Inactive RT
Feb 3, 2011
6,076
13,841
University of Toronto
plus.google.com
andyistic said:
My guess is that on cellphones with q-fuse CPU's (a q-fuse is an e-fuse embedded into the CPU, q meaning that Qualcomm did this to their Snapdragons), one or more q-fuses are involved with the KNOX operation.
Once blown, you cannot reset without replacing the CPU, which contains the q-fuse.

On other cellphones with non-Qualcomm CPU's, there's no such e-fuse, and therefore, the KNOX bit(s) are simply located in flash memory.
In this case, it's just a matter of being able to reflash this memory with non-tripped values, if it's possible to access it.

Shouldn't be hard to confirm if my guess is true or not, but for the moment, it seems to be.
Click to expand...
Click to collapse

They are able to reset the counter. Replacing a whole CPU is tedious and we all know that.

Sent from my fingers to your face using my custom Note 3 with 0x0 KNOX!
 
  • Like
Reactions: Vren D and Active_Matrix
A

Albadros

Senior Member
Apr 23, 2010
141
18
Brussel
When I had my S2, I had the yellow triangle and I had a problem with NAND memory >> Brick :/ The phone was stucked on this yellow triangle. I send it to warranty and I get a new motherboard...

So.. warranty or not... is it a real problem for that warranty ? I will root my S5 in a few days... **** warranty ^^ I need Xposed and Greenify !
 
Active_Matrix

Active_Matrix

Senior Member
Oct 19, 2010
714
99
Bethpage, Ny
Do not know if this helps anything, but I wound up rooting my phone TWICE. I did it the day after I got the S5, sprint version, which tripped knox so yes, I am 0x1. I took the update on Kies while half asleep forgetting i would loose root. So, after the update EVERYTHING was Official. After that I re-rooted again, and glad to say, the knox counter stayed at 0x1! I was afraid that it would trip it again?! Then I installed TWRP, and same thing stayed 0x1.
 
nicholaschum

nicholaschum

Substratum Development Leader / Inactive RT
Feb 3, 2011
6,076
13,841
University of Toronto
plus.google.com
Active_Matrix said:
Do not know if this helps anything, but I wound up rooting my phone TWICE. I did it the day after I got the S5, sprint version, which tripped knox so yes, I am 0x1. I took the update on Kies while half asleep forgetting i would loose root. So, after the update EVERYTHING was Official. After that I re-rooted again, and glad to say, the knox counter stayed at 0x1! I was afraid that it would trip it again?! Then I installed TWRP, and same thing stayed 0x1.
Click to expand...
Click to collapse

Haha don't worry, your binary counter won't get any worse than it already is.

As binary (usually categorized in base-2 numeral system) only consists of two digits, 0 and 1, you can only have either 0x0 or 0x1
 
  • Like
Reactions: Vren D and Active_Matrix
D

devoidx

Senior Member
Mar 15, 2013
202
43
Active_Matrix said:
Do not know if this helps anything, but I wound up rooting my phone TWICE. I did it the day after I got the S5, sprint version, which tripped knox so yes, I am 0x1. I took the update on Kies while half asleep forgetting i would loose root. So, after the update EVERYTHING was Official. After that I re-rooted again, and glad to say, the knox counter stayed at 0x1! I was afraid that it would trip it again?! Then I installed TWRP, and same thing stayed 0x1.
Click to expand...
Click to collapse

lol 0x1 is all you need to lose all your warranty. 0x1 and 0x30000000000 isn't going to make a difference
 
  • Like
Reactions: Vren D and Active_Matrix
You must log in or register to reply here.

Similar threads

hyelton
[SM-G900/F/K/L/W8/A/T/M] S5 Firmware Thread
Replies
6K
Views
2M
M
m3vuv
S
Galaxy S5 Secret Codes
Replies
174
Views
566K
S
sloWmotion01
XdividerX
Samsung Galaxy S5 - Australian Users
Replies
2K
Views
566K
Y
yuhin103
A
Galaxy S5 plus SM-G901F user thread. And Repository :)
Replies
1K
Views
348K
D
dave678
Ricky Divjakovski
[HOW TO][ALL VARIANTS][19/11/ Gain root, custom recovery, prep for modding on your S5
Replies
637
Views
483K
M
m3vuv

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 13
    nicholaschum
    nicholaschum
    Vaira said:
    Many are speaking of 'the S5'. It very depends on the type of SoC (Qualcomm or Exynos). Also when reading the thread there are many pointless assumptions without tech. background. Both bootchains are different. Also one q-fuse can theoretically re-set the state of another when programmed that way (odd / even).

    Knox is a combination of bootloader / kernel implementation / Knox system apps and the 'flag'. There are different ways how Knox flag could be triggered.
    It depends on where I modify and what I modify and when I modify. AFAIK both kernels and the bootloader are digitally signed (recovery and OS). As soon as the digital signature of one of the kernel has changed Knox will be triggered, also when flashing an unsigned bootloader.
    Custom roms can be applied as long as the stock kernel remains untouched.

    The primary control instance is the bootloader itself (flashing with Odin). Now we're having towel root. Nobody knows exactly how 'knox' knows when the kernel has changed. Is it the bootloader directly that verifies on any boot? Is there code that calculates the 'new' signature?
    Click to expand...
    Click to collapse

    Hi there, may I introduce some mind boggling facts into your assumption as well?

    I have the Canadian Note 3, and I am currently the OP of the N900W8 KNOX 0x0 guide.

    I added an educated answer to why this is happening only for our devices on my thread, if you want to check it out.

    I am on NA2 bootloader (Mexican leaked), Custom Recovery, Custom Kernel, Custom ROM - and KNOX is still at 0x0.

    The fact that people have been using MOP to flash custom ROMs and keep KNOX at 0x0 shows that custom ROMs don't trigger the flag, and neither do modem flashes. It is all within the Recovery-Kernel TrustZone.

    To answer your "Nobody knows exactly how 'knox' knows when the kernel has changed" with an educated theoretical answer - KNOX tests for Su/checks typical directories for Su and hence it starts crashing (but this doesn't mean that it would trip KNOX, it has just detected an unsafe environment in the userland) [Which is why people disable KNOX/uninstall KNOX on custom ROMs - disabling KNOX through SuperSU has no adverse effects towards the flag].

    If you take a look at how KNOX functions, you will know what the so-called TrustZone is, which is typically why after the SECOND reboot after a normal root using Odin, your flag would be tripped on a normal device. Your phone goes into it's boot algorithm called "Secure Boot" which verifies the signatures on the bootloader, kernel and occasionally system software. As CF-Root is injected into a partition without any need of authentication or permissions, it will automatically boot after applying the "update", bypassing the check once, but after a reboot, poof goes your KNOX.

    If I could dumb it down any further, when regarding Towelroot and not getting KNOX 0x1, it is because it is essentially a backdoor exploit using the signed Samsung kernel, which does not breach any of the TrustZone partition checks. A userland exploit, while gaining the help of the kernel (either through a backdoor or a buffer overflow) will not, and is unable to, destroy any higher level system structures such as the Kernel, ROM structure or Bootloader (as an office worker can't just fire their boss, they can still help and change ideas of their boss, but they can't make them *not* the boss (digitally UNsign him to trip KNOX)). However changing the officer in the company just by firing and hiring a new one, can easily corrupt the company by changing rules of the lower hierarchical members (Using Odin to inject Auto CF-Root). This is KNOX's main rule, written out for us to know.

    All I can say is, after nearly a full year with my Canadian Note 3 and half a year with KNOX 0x0, this answer is the car and the driver relationship. The Car being the bootloader, and the driver being the kernel. As these are the two main things that KNOX loves tripping us on, I can safely assume that the bootloader is the key reason why people get tripped KNOXes.

    Some useful information here on KNOX: http://www.samsung.com/my/business-..._whitepaper_An_Overview_of_Samsung_KNOX-0.pdf
    View
    8
    nicholaschum
    nicholaschum
    Problem is you guys are just having chit chats on this thread with no helpful development - hence it's under General, go find sh*t out yourself and don't ask to get spoonfed answers.

    If you want to know what's happening, this is the bounty thread that just has bounties: http://xdaforums.com/showthread.php?t=2486346

    This is the useful thread you should try to understand 100% before just blatantly asking whether there's a fix or not: http://xdaforums.com/showthread.php?t=2642207

    This was our last hope: http://xdaforums.com/showthread.php?t=2721505 (which contained the actual Qualcomm certificate signing tool to reset KNOX, if you guys have been following the right threads, you would have already gotten hands on this)
    View
    7
    D
    davidk21770
    cloudx720 said:
    Knox won't ever be cracked, ever. NSA approved.
    Click to expand...
    Click to collapse
    All that meas is that they already know how to crack it :angel:
    View
    6
    Slicktune
    Slicktune
    eraby6a2.jpg

    It seems like there is a cure and its not impossible.. Does this mean that all that crap that people said about a physical eFuse blowing up was debunked... Meaning we have hope!!! ?????


    BTW sorry i forgot to mention.. It's for the galaxy note 3..?

    here's the link to the original thread http://xdaforums.com/showthread.php?t=2486346

    Thanks in advance
    Sent from my SM-G900T using Tapatalk
    View
    6
    D
    drakester09
    Airboner said:
    someone have to test it and report it back to know :D
    we hope that works
    Click to expand...
    Click to collapse

    I downloaded the tar and checked it's contents.

    It's for the Exynos Note 3. Both files are only for that variant. (N900)

    No one should try to cross-flash them in another device, it will most likely brick your phone.

    Sent from my SM-G900H using Tapatalk
    View

New posts