Post Reply

[Q] reflash from 4.1.2 without burning Knox fuse? (solved)

OP bitbang3r

20th March 2014, 07:13 AM   |  #1  
OP Senior Member
Flag Broward County, FL
Thanks Meter: 58
 
347 posts
Join Date:Joined: Mar 2010
More
The original post follows at the end for historical context, but the important part is summarized in this opening post since you probably found it via Google and just want to get to the good stuff...

This applies to you if:

* You have a S3 that was NEVER upgraded to 4.3 or later. (Smile. You're about to be richly-rewarded for obeying XDA's #1 rule: NEVER allow an OTA update from your carrier to get installed. If the phone is already shutting down, yank the battery out.

* You don't want Knox now, but would like to keep it available as a future option so you can repurpose your old S3 as a wifi-only device for checking your company email or calendar at home, and running all the intrusive, performance-killing enterprise apps you'd never allow anywhere NEAR the phone you actually use in real life.

The good news:

* You can install the MJ2 bootloader, the MJB radio modem, and a 4.3 (possibly 4.4) AOSP-derived ROM that has every scrap of Knox stripped out of it. Not all ROMs fall into this category, and you still have some research to do (especially if you found this post via Google, and more than a few weeks have elapsed since the time it was written), but have faith... they exist, and it IS possible.

* Unlike the S4 and newer Samsung phones, a S3 with an older bootloader has no concept of Knox or its evil e-fuse. As long as you don't flash a Knox bootloader to the phone, there's no Knox e-fuse to blow (it's not a real e-fuse, anyway... it's just software running under ARM TrustZone pretending to be a fuse). You can enjoy a life of rooted sin and freedom, then wipe the slate clean by flashing to MJB (or later) and Samsung's stock 4.3 or later ROM when/if the need arises someday.

Now, skip to the third post by Larry2999 for a good solution.

Tip: download the MJ2 bootloader now, even if you aren't ready to use it yet. Remember, things like this have a habit of disappearing without warning.


(original opening post, for the sake of historical context)


Is there any way to reflash a S3 that still has 4.1.2 and whichever bootloader was the current one circa mid-September of last year to a 4.3 or 4.4 ROM in a way that preserves the ability to flash Samsung's official Knox-enabled bootloader and ROM to the phone at a later date?


In other words... I don't need Knox enterprise capabilities NOW... but I'd prefer to avoid permanently burning the Knox bridge behind me if I can. I've kind of put off upgrading until now for this exact reason, but now AT&T is hitting me with "screw wi-fi and a fully-charged battery... we don't CARE if we brick your phone. We're going to forcibly reboot it and install 4.3 in 30 seconds unless you yank out the battery first" dialogs (not quite AT&T's wording, but pretty close to the meaning).
Last edited by bitbang3r; 21st March 2014 at 05:05 AM.
20th March 2014, 08:23 PM   |  #2  
OP Senior Member
Flag Broward County, FL
Thanks Meter: 58
 
347 posts
Join Date:Joined: Mar 2010
More
(preserved for the sake of historical context, but hidden since it's unlikely to be of interest to you if you just want the solution to your problem)

Uh oh... lots of views, no replies. Now I'm getting scared.

Just to prove I've been doing my homework, and I'm still overwhelmed, someone please correct me if I'm totally off-base so far with the conclusions I've come to from reading a few thousand pages of threads over the past two days:

* Any 4.3+ ROM based on Samsung's stock is automatically going to require a Knox bootloader.

* Cyanogen requires a Knox bootloader.

* Every OTHER non-Touchwiz ROM for the S3 ultimately builds upon Cyanogen, and was therefore recursively infected by its need for Knox.

Does that sound about right so far?

Now... what I've learned about bootloaders:

* MJ2 is the last non-evil bootloader. Or at least, the last bootloader that wasn't openly evil, and known to be evil right from the start. IS MJ2 truly non-evil?

* You can use MJ2 with a newer radio modem


Still unknown:

* How far can I go with a MJ2 bootloader without permanently rendering the phone unable to EVER create or run a Knox container after reflashing to a "trusted" bootloader/rom at some point in the future?

* What are the consequences and limits imposed by refusing to install a newer bootloader?

* Is there a S4-like "safe root" method that Knox will knowingly pretend to not see, and refrain from blowing the fuse as long as it doesn't catch me trying to create/launch a secure Knox container on a (newly) rooted ROM?

* Can you go a step further and flash a new rom without blowing the fuse, as long as the bootloader itself is untampered-with? How about a kernel?

If there are ROMs (especially 4.3+) that are "KnoxFuse-safe", are they tagged in any particular way to make them stand out from the others? I'm not averse to reading, but some of them have literally a thousand pages of comments. If I try to comb through them one by one, I'm going to be researching this for another 5 weeks... 5 weeks I don't have. My phone is unusable right now. I can't even boot into Android without having it tell me that it's going to forcibly reboot and upgrade in 5 seconds (unless I yank the battery out), and I have a hunch that by tomorrow, it's not even going to give me THAT courtesy anymore. As badly as I hate to admit it, I'm drowning right now trying to come to a coherent understanding of Knox right now.
Last edited by bitbang3r; 21st March 2014 at 04:50 AM.
20th March 2014, 10:56 PM   |  #3  
Senior Member
Atlanta, GA
Thanks Meter: 74
 
354 posts
Join Date:Joined: Feb 2014
More
Quote:
Originally Posted by bitbang3r

Is there any way to reflash a S3 that still has 4.1.2 and whichever bootloader was the current one circa mid-September of last year to a 4.3 or 4.4 ROM in a way that preserves the ability to flash Samsung's official Knox-enabled bootloader and ROM to the phone at a later date?

In other words... I don't need Knox enterprise capabilities NOW... but I'd prefer to avoid permanently burning the Knox bridge behind me if I can. I've kind of put off upgrading until now for this exact reason, but now AT&T is hitting me with "screw wi-fi and a fully-charged battery... we don't CARE if we brick your phone. We're going to forcibly reboot it and install 4.3 in 30 seconds unless you yank out the battery first" dialogs (not quite AT&T's wording, but pretty close to the meaning).

Sure. You could manually install the (modified) root and no-knox version of the 4.3 (MJ2) now with the MJB modem and you would have (full) 4.3 functionality without the kind and loving attentions of Knox. The download link can be found below ...

http://www.androidfilehost.com/?fid=23196940996968760

If you change your mind at a latter date and decide to go complete stock 4.3 you could always use the procedure outlined in the following thread to restore. This will not only restore to complete stock including system, bootloader, kernel, recovery et al. It will also reset your flash counter to zero.

http://forum.xda-developers.com/show....php?t=2658486

Before installing even the modified ROM, however, I would suggest you use the free unlock functionality of the older ROMs. Some users have claimed the modified ROM uses a different and downgradeable bootloader but I'm not too sure of this

---------- Post added at 05:56 PM ---------- Previous post was at 05:45 PM ----------

Please see response below ....


Quote:
Originally Posted by bitbang3r

Uh oh... lots of views, no replies. Now I'm getting scared.

Just to prove I've been doing my homework, and I'm still overwhelmed, someone please correct me if I'm totally off-base so far with the conclusions I've come to from reading a few thousand pages of threads over the past two days:

* Any 4.3+ ROM based on Samsung's stock is automatically going to require a Knox bootloader.

Not necessarily. The modified MJ2 ROM has a knox-free version. See my earlier response.

* Cyanogen requires a Knox bootloader.

I'm not too sure about this. I once went from stock 4.1.1 to Kit-Kat based CM11 and back to stock 4.1.1 without any (serious) hitches. This wouldn't have been possible if the bootloader had been updated.

* Every OTHER non-Touchwiz ROM for the S3 ultimately builds upon Cyanogen, and was therefore recursively infected by its need for Knox.

There are too many custom ROMs out there for one to be too certain about this statement. I'd feel doubtful, however.

Does that sound about right so far?

See comments above.

Now... what I've learned about bootloaders:

* MJ2 is the last non-evil bootloader. Or at least, the last bootloader that wasn't openly evil, and known to be evil right from the start. IS MJ2 truly non-evil?
I've seen other users agree with this statement. I haven't tested it, however, to be sure.

* You can use MJ2 with a newer radio modem

That's correct. You can use the MJ2 with the (stock) MJB modem, for instance, and still have full functionality.

Still unknown:

* How far can I go with a MJ2 bootloader without permanently rendering the phone unable to EVER create or run a Knox container after reflashing to a "trusted" bootloader/rom at some point in the future?

* What are the consequences and limits imposed by refusing to install a newer bootloader?

* Is there a S4-like "safe root" method that Knox will knowingly pretend to not see, and refrain from blowing the fuse as long as it doesn't catch me trying to create/launch a secure Knox container on a (newly) rooted ROM?

* Can you go a step further and flash a new rom without blowing the fuse, as long as the bootloader itself is untampered-with? How about a kernel?

If there are ROMs (especially 4.3+) that are "KnoxFuse-safe", are they tagged in any particular way to make them stand out from the others? I'm not averse to reading, but some of them have literally a thousand pages of comments. If I try to comb through them one by one, I'm going to be researching this for another 5 weeks... 5 weeks I don't have. My phone is unusable right now. I can't even boot into Android without having it tell me that it's going to forcibly reboot and upgrade in 5 seconds (unless I yank the battery out), and I have a hunch that by tomorrow, it's not even going to give me THAT courtesy anymore. As badly as I hate to admit it, I'm drowning right now trying to come to a coherent understanding of Knox right now.

The Following User Says Thank You to Larry2999 For This Useful Post: [ View ]
20th March 2014, 11:05 PM   |  #4  
OP Senior Member
Flag Broward County, FL
Thanks Meter: 58
 
347 posts
Join Date:Joined: Mar 2010
More
Thanks!!!! Flashed it, and it's working perfectly
Last edited by bitbang3r; 21st March 2014 at 04:50 AM.
Post Reply Subscribe to Thread

Tags
bootloader, fuse, knox, root
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes