[KNOX] Searching for users with root, active SELinux and a not tripped Knox

Search This thread
By:
Advanced…
R

refinition

Senior Member
Nov 9, 2013
209
19
Selinux is enforcing. So my phone is rooted with De la Vegas and still on mj1 firmware, do you need me to do anything?

Sent from my SM-N9005 using Tapatalk
 
nicholaschum

nicholaschum

Substratum Development Leader / Inactive RT
Feb 3, 2011
6,076
13,841
University of Toronto
plus.google.com
Oh and because I went so off-topic.....to the OP, there really isn't many ways to get a disabled SELinux device unless you flashed a different kernel, which means you break KNOX and have root.

Maybe should have asked to look for people who used Kingo root or RDLV successfully because those are the only people who fit your criteria.

Sent from my fingers to your face using Tapatalk VIP on my Note 3 LTE!
 
A

alwayslookingforanswers

Senior Member
Dec 20, 2011
333
118
Houston Tx.
img15.imageshack.us
I have AT&T version of the Note 3. Rooted unrooted and back again. I have used Kingo and Rdlv. Have had and still do have selinux enforced. I'll help in anyway I can. I to believe that there is some sort of hidden something there. Point being, wife had s4 thru sprint. I Rooted it uninstalled all security policy updates removed everything I could. Her device had an update pushed to her device and it was a complete hard brick. Sprint even tried to fix it couldn't get it to do nothing. Sent it off to Samsung. They said they would repair it for a fee. I accepted their offer. They sent it back and said it couldn't be fixed. Said I would have to purchase another device. I have had multiple attempts on my note 3 when I'm on wifi. Where it starts to download a update. And I've removed everything. I mean everything! I've been lucky enough to stop it. I no longer use wifi period. I am almost to the point where they are trying to destroy devices so they can sell more. I think there is a real problem with all this. I think people need to look outside the box and realize that there is something that needs to be done about this. TMobile will have their bootloader locked down soon enough I believe. I think that Samsung will not give them a choice otherwise in the near future. It's money out of their pocket. And big business is all about money not what's best for the people. Just my thoughts. And what's has happened to me.

---------- Post added at 09:17 PM ---------- Previous post was at 08:57 PM ----------

Guess I need to add that her s4 was totally stock rom, nothing custom except root. So how was I destroying any hardware on her device. I didn't put any Mods etc on it. What gives them the right to try and make that device up to their standards. If I wanted it to stay on the firmware it was on, then why should that be a problem. She didn't want anyone having access to her device except her.
 
You must log in or register to reply here.

Similar threads

djnoicatse
[Bounty] [05/20/2014]Reset KNOX counter to 0x0 (UPDATE: 3k +)
Replies
3K
Views
2M
Wattsensi
Wattsensi
TheMasterR
[ROOT][apk]{TowelRoot}[4.4.2] Does not trip KNOX and does not touch bootloader
Replies
249
Views
496K
J
JJEgan
doccrow
Galaxy note 3 indian users thread
Replies
4K
Views
724K
D
devilav
_alexndr
★ [ROOT][N9005] ★ Rooting 4.4.2 FNF4 & NEWER stock firmwares ★ (KNOX 0x0) ★
Replies
596
Views
316K
rayman95
rayman95
X
  • Locked
Knox is a software trigger and can be reset !
Replies
713
Views
341K
Moscow Desire
Moscow Desire

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 9
    Absolon
    Absolon
    Hello,

    I'm involved in trying to collect information regarding Knox, the illegal destruction of private property and possibility to run unknown code and I badly
    looking certain configurations to get more answers.

    If someone has root, not tripped Knox and preferably SELinux set to "Enforcing", please send me a message! Your help is needed!

    I was too late. The "Rules update #16" that blocked "Root de la Vega" was pushed to my phone against my will. Other got it as well.
    That means they already have some form of control and disregard your configuration. What can they do more?
    With an SELinux they can control your device as they wish if they configure it to hide processes that run, as of today, unknown code.
    I'm an "BOFH Unix kick ass consultant" by trade. ;) I know how nicely you can do this. "Living in a box". Oh yes.

    This is about our future, the right for privacy and the right to do what we want with out own private property!
    The extreme measures taken against just obtaining root are disproportionately harsh. If they succeed, others will follow.
    We might end up with iNdroid in a few years. I want to prevent that. But we need more knowledge. They destroy evidence if you trip Knox.

    Rooting is not illegal, but the active action of destroying someones property with indent is, whatever cause, warranty claims or not.
    There will be consequences. But we need more information, and you who have a Note 3, just as me, can help. The key can be your phone.

    Knox is not "just a flag". It have attached code. It sabotages your system both software and hardware. Scrambled software. Wifi permanently
    damaged, to name a few. I know, from my S4, and have it verified from source. But that code is run once and then gone. Are there more E-fuses?
    Dumping hardware has made at least one device totally bricked. Not even the Power button worked. It was stone-dead.

    Also:
    If someone has a way of obtaining it without tripping Knox please contact me. I'm willing to take the risk of tripping Knox since this is more important then
    some warranty.

    I've been working in this for two months now and the more I learn the more I start to question if this isn't a bad movie with Kevin Costner...

    No opt-out. Enforcement of this "Enterprise" solution. On your private phone? Think! The money this must cost? You want a return of investment!
    Rooted phones cost that much? I don't buy that. You have an unique certificate that binds YOU to your phone. You and your phone are bound as one.

    What if 3rd-party malicious code get hands of that? Viruses exist, even on Play. But your Antivirus can't run because it can't access the parts it must have
    higher right to read check your programs. I rather run a firewall and deny permissions of programs that want way too much.
    A "file manager" doesn't need to read your contacts. A game doesn't need to use your camera. But you can't prevent that.
    Knox prevents that. Because you can place a document in a container... I rather use my freeware AES-program that encrypt documents on the fly.

    Until we know more the device should be considered as not safe. Why is Samsung stonewalling the question so many have asked?
    "What is the extent of the damage made?". I think we have the right to now that, don't you? Many has tried. "Heavy damage" is so far the best we got.

    So please, if you still have root and not a crippled device, please contact me. Your help is the only way I see is possible right now.

    All the best,
    Abs (Yes, I need to update my tag, since I have so much new)
    View
    6
    Absolon
    Absolon
    xclub_101 said:
    On ANY MODERN PHONE (if possible - for instance you will not be able to do that on any iphone) you should:

    - start the phone once without any SIM card and without entering/activating any form of WiFi - this will guarantee that your phone will not connect first to the Internet

    - check/set any relevant settings regarding security and software updates - for instance on Note 3 those are two separate settings, and the security one seems to be activated "by default"; currently the firmware update is not really activated "by default" since it WILL ask you pick a country and agree to some EULA

    - either way, once you have disabled things (I also disable mobile data at this point) you can then power-off and insert your SIM, then enable WiFi and do whatever else you want to do.

    I am not saying that it is "normal" to be this way, but since it is then you better be prepared for it!
    Click to expand...
    Click to collapse

    And with a company that does fair play you don't have to worry that they push something you don't want on your phone.

    And they do. Don't be too sure that just because you turned your settings off that it protects you, because if you read through posts you will see that people got updates pushed, disregarding whatever setting you had. And that is certainly not fair play

    But to answer your question. First. Just dropping names here and there doesn't do it. To ride on someones "fame" to gain more authority and merit to your post is bad rhetoric.
    You should be able to do that on your own.

    Yes, there are many who are way better then me, but the nice thing is that when you asked them, they know they once been there themselves and don't feel the need to project personal problems and anger on some random person they never met.

    Just that we passed the 100 post mark and XDA automatically put a "senoir" next to the name means nothing more then we are good at bull****ting online,
    Doesn't tell if you are 1337 or a n00b. Even if you post 10000 post doesn't mean that you have any deeper understanding.
    But new users don't know that, and treating others without respect scares them away. Makes them afraid to ask. Who wants a snotty answer back on their first post?
    So please. Make this a constructive place. If you are angry I recommend Reddit/Imgur/Flashback. There you can project whatever you want or need.

    I don't know how to code a single line in Java!
    But I'm awesome in C64 Basic!! And I managed to write "Hello World" in BF!
    And I know several Asm's and I coded mostly in C (and C++ when it was still readable) and did my VHDL/Erlang-hell period (and I tested like 20++ other languages, some enforced during my master but some just for fun. I can write "Hello World!" in Sun's start eeprom!) but that was looong time ago. So I'm "rusty". Old. There are so many nifty new things. But then. Mostly I use something invented 200 years ago - A stethoscope. But there is a new COOL one! BT! With noise reduction and spectrum analysis! No more things that hurt in my ears! For the little sum of 1500 € it's yours!..... Bleh.

    But I'm not ashamed of that! I can learn if I want. XDA is a great place for that. Even have their own Android University! :)

    I'm fairly good with Unix. Even made money of it. For over 8 years. And the good with that is that some things we still use today haven't changed since 1973!
    And I worked some with hardware but I need a new JTAG. Know a good one? So many to choose and I don't know the quality or what is needed?
    Do the board even have pins or do you have to weld them? I hate welding!

    You say conspiracy. I say concern and worry.

    Why are people starting to get worried?
    It's not as much as conspiracy then more why they are behaving like they do?

    The fact is simple - the unknown

    The word SELinux has come to more people now since it's mandatory in 4.3. The "moblie magazines", M3, Android** talks about the "news in 4.3".

    But what is SELInux?
    So people turn to the trusty Wikipedia for answers: Wikipedia - SELinux

    And the first lines they see are
    Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides the mechanism for supporting access control security
    policies, including United States Department of Defense-style mandatory access controls (MAC).

    SELinux is a set of kernel modifications and user-space tools that can be added to various Linux distributions. Its architecture strives to
    separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security
    policy enforcement.[1][2]

    The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency.
    Click to expand...
    Click to collapse

    That is what people see!!

    I can bet some even read "police" and not "policies". The see all this and that SCARES THEM.

    With the recent scandals in mind of NSA hacking everything including the Germans Chancellors phone, an alley??
    And here, the American spy-outpost towards Sovjet/Russia since 1947. We have also a 3-letter agency. And not many weeks ago there where front pages that they shared the databases with each other. So is that so hard to understand?


    So to get from the unknowns they start to look
    So you turn to Samsung for answers, And they treat you like cattle. And they stonewall you? No transparency whatsoever.

    They reminds me of Nokia when they also went into "grandiose mode" and also through they could do whatever they please because of their total dominance. But they forgot one thing. The consumers got more and more unhappy. And they was their sole income. And when get got that in their heads it was too late. What are they now? Decimated to nothing. Trying desperately with a yet another attempt by Microsoft that is deemed to fail. How many times have Microsoft tried to get in on the hand-held market? I lost count.

    And then they start to Google. XDA turns up like the first thing. Find their phone and see "Knox?"
    (SELinux==NSA) --> Enterprise solution? On my private phone? Encryption? Damage? Container? What do I need THAT for?

    "I don't want THAT on my phone! NSA. Enterprise. Container? Where is the opt out? There are none? I was NOT informed of this!"

    That is what I find that worrying and I share that with many others.

    Yes, some say it's just a flag. Not on S4. Look how many got problem with Wifi. I got them as well. And I knew when I broke my Knox.
    Since SS goes all this trouble to hinder you to gain root access that they even had an E-fuse that does cause hardware damage.
    To prevent "Triangle Away"? As your friend if he believes it's because of that?


    I don't have to use SELinux to run code past your nose, root or not, but SELinux does it so much easier, since you can define it do hide processes from normal users and it has the possibility to run 3rd-party code. You know that, right?
    Since we don't know what is run on the phone you can't be sure it's not something with some intent? So why not investigate it? What is going on in the phone?

    Aren't you curious? I am. I would love to be able to root? Can I after #16 on MJ7?

    But sure ask them, please. Give it a try
    • Ask them for example why Wifi stopped working after Knox was tripped on your S4?
    • Ask them what the extent of the damage they have done?
    • Ask them where this "Efuse data" is, on what address-range so you can avoid it? Data for a flag? Wasn't that just burned in?
    • Ask them why you can't update with Kies anymore? Wasn't that just a flag?
    • Ask them anything.
    And I'm sure you will get a message back (if you get any) from "Steve". The poor overworked guy that serves the whole world and he always seems to write the same? We compared. He sits and write the same text over and over? "Sorry, we can't divulge this information at the moment".

    Poor Steve!
    Come back to the mother-continent! I promise, we've stopped flogging, guillotine, quartering and we changed the stake for a steak!
    We have much more fun! 6 weeks of full paid vacation. Here in Sweden we have Polar bears! While we sit in our igloos and make watches.
    And we have better beer as well! ;)


    If you see turning of a setting as a merit I think you should add that to your CV (and I was not alone in this).

    I did as 99% of all do. Unpack the phone. Skip the instruction. Put in the sim and the sd-card and then turn it on.
    BAM! I don't even think I had the time to enter my Gmail?

    But you didn't. Great! :)

    Here your knowledge would be useful! Help your fellow XDA members. In the spirit of XDA!
    • Can you dump the phone? Not block-wise but by reading the whole contact of the eeproms?
    • Can you compare your fstab and it sizes? Do they correspond to the space you have? If you dump them and compare it to the first, Do the differ much is size (a bit is natural)?
    • Can you use parted and list the partitions? Are all mounted? What rights do they have? Can you read them all?
    • The security policies in /system. What do they contain? See anything strange?
    • Can you compare what processes you see as a user and root?
    • Can you list the rules loaded in the kernel? MAC? (I think you need to compile the commands for it or get it from some Arm dist, they are not included)
    • Strace some processes that you don't recognize?
    • The kcryptd? What do they work against?
    • What files are open and locked? What does the stat say?
    • See kvm? Or are you in a kvm?

    Here you can actually ACT and DO something constructive and concrete or is this just, as from my compressor, high pressured air comming from your side?

    Time will tell I guess.

    For the others that have messaged me: A BIG BIG THANK YOU! :)

    And no, I don't have enough volunteers, if you do have this configuration, mess me. Or test sometime from test list. The dumping should be used by experienced users but you can do a lot on that list and you can zip and sent me some files. Rules, Pipe out the process lists.
    I don't care how much you can or can't. Ask away! We started at the beginning somewhere and I will do my best, ask around, and TOGETHER, we might get some result, because we want to DO something and maybe we CAN help right? Either we find something or we don't. If we are sure and can say "The system seems clean". That would calm a LOT people down. Including me.

    /Abs

    And with this I won't go into more arguments about this. It's enough. I saw this as an excellent solution to see and check. Not to argue.
    I already lost too much time on bla bla bla. I want to spend the time I have on things that matter. My friends that have their phones destroyed.
    Use the list or make another! All seem to have their own experiences/views. Samsung must love this division.
    Just DO something! Like in all research: Stipulate, challenge, prove, disprove, confirm, dismiss. Start over.
    If you need to vent, you can PM me as well, Xblub. :)
    View
    3
    F
    frostmore
    Skander1998 said:
    Do your research LG is making a Knox copy :)

    Listen, Knox is preinstalled and we all know that, we all know that rooting now voids your warranty permanently, if you do not like this, don't buy Samsung devices!
    Your whining won't do anything.
    The End.
    Click to expand...
    Click to collapse

    so,why are you here trying to defend samdung's knox?

    dun like the fact we rooters dun like samdung knox,then dun come into threads where ppl are professing their displeasure and dislike of knox.

    Your constant defense of samdung's knox is not helping anyone nor does it solve the problem of us wanting it removed.

    understand?
    View
    3
    radicalisto
    radicalisto
    Ahh @Absolon, Was wondering where you had gotten too.

    To be honest, I just tripped mine soon as I got it. removed the Stock ROM and just went custom. However... What I have noticed is knox.eventsmanager runs regardless of ROM and IF KNOX is uninstalled.. So probably running /hiding somewhere in the bootloader (at a guess anyway)..

    All this KNOX talk is getting complicated now, it's a 50-50 split I think with people tripping/keeping it. - Samsung have forced it upon us, and unless we custom flash (and lose warranty in parts of the world) we are screwed.
    View
    3
    L
    lispnik
    Absolon said:
    If someone has root, not tripped Knox and preferably SELinux set to "Enforcing", please send me a message! Your help is needed!
    Click to expand...
    Click to collapse

    I feel your frustration. I would much rather an open hardware platform with none of this KNOX business. It's starting to get ridiculous...

    It sounds like you've already got help, however I too have an un-tripped KNOX, w/ SELinux enforcing and would be happy to help out.
    View

New posts