Originally Posted by BlueChris
No because if you do anything you alter the md5 checksum m8 and knox watch this
Sent from my SM-N9005 using Tapatalk 4
I was talking according to Chainfire, dude. He just showed us that there could "may be" a way to root without knox would recognise this.
I think may be knox watches only the bootloader and recovery situation (if it is custom or official).
Chainfire's root method includes to flash first insecure recovery and after root flashes back the official recovery. During this process knox recognise the shortly time with the insecure recovery and the counter goes to 0x1. But iaw Chainfire's post, i think if someone could root without touching the recovery or kernel, it could be possible not to trigger the knox during the root process.