Sent My Note 3 into Samsung Repair- with KNOX tripped

[people211]

It took about a week between sending it in and getting it back. The issue I had was that the note would not reboot if you pulled the battery and reinserted without having to connect it to the charger. Before I sent it in, i flashed back to stock using ODIN. I checked the status of the repair and it said they had replaced a component. I wasn't sure if they were going to do anything since I had tripped KNOX counter.

**The kicker**

I got it back today and immediately went into download mode and to my surprise, KNOX was reset to 0X0!! I know they said they were going to flash it back to stock when they got it, but i didn't think KNOX could be reset (even by them).

 

[Compusmurf]

It took about a week between sending it in and getting it back. The issue I had was that the note would not reboot if you pulled the battery and reinserted without having to connect it to the charger. Before I sent it in, i flashed back to stock using ODIN. I checked the status of the repair and it said they had replaced a component. I wasn't sure if they were going to do anything since I had tripped KNOX counter.

**The kicker**

I got it back today and immediately went into download mode and to my surprise, KNOX was reset to 0X0!! I know they said they were going to flash it back to stock when they got it, but i didn't think KNOX could be reset (even by them).

Maybe they swapped the whole board?

 

[bookmonke]

Mine went in tripped and came back reset also and it said they replaced a component. Mine had a non working SD card slot, i figured that replacing that part would but the phone still has the same serial number and imei number, plus I had used the region unlock and it was still in place and the software wasn't even reset.

Maybe they swapped the whole board?

 

[Compusmurf]

Nice. Maybe the programmer geeks here will figure out how they did it and make everyone else one.

Not that I care about KNOX and wish it would just die already.

 

[people211]

Mine went in tripped and came back reset also and it said they replaced a component. Mine had a non working SD card slot, i figured that replacing that part would but the phone still has the same serial number and imei number, plus I had used the region unlock and it was still in place and the software wasn't even reset.

Same here. Used region lock away before and it sim unlocked my note. I got the unlock code from tmobile but didn't even have to use it. Unlock was still in place when I got it back

Sent from my LG-E988 using xda app-developers app

 

[daraj]

Same here. I sent it to Tmobile tripped and I got a replacement 0x0

 

[noobtoob]

Thing is, the Knox warranty gets voided by a private key missing from the bootloader. Most likely, they are just flashing it back to stock with the signed bootloader, hence returning it back to 0x0.

Sent from my SM-N900T using Tapatalk

 

[EtherealRemnant]

Thing is, the Knox warranty gets voided by a private key missing from the bootloader. Most likely, they are just flashing it back to stock with the signed bootloader, hence returning it back to 0x0.

Sent from my SM-N900T using Tapatalk

Yes but this goes a long way to proving that it isn't an efuse as has been suggested in the past and has been shot around as being a fact by so many. An efuse wouldn't ever be able to be reset. Since its being reset, there is a possibility (no matter how small) of figuring out how to reset the bootloader so that it is signed when it gets sent in for warranty or traded in for JUMP.

 

[noobtoob]

Yes but this goes a long way to proving that it isn't an efuse as has been suggested in the past and has been shot around as being a fact by so many. An efuse wouldn't ever be able to be reset. Since its being reset, there is a possibility (no matter how small) of figuring out how to reset the bootloader so that it is signed when it gets sent in for warranty or traded in for JUMP.

I agree. I never thought it was an e fuse myself. But private keys are nearly impossible to crack, unless released, which I doubt Samsung is going to leak.

If they put an e fuse in the phone, they would lose money replacing parts during their manufacturer warranty.

But, here's to hoping it does get cracked one day...:beer:

Sent from my SM-N900T using Tapatalk

 

[xile6]

Even if it is an e fuse they probably able to just solder in a new one.
If software then they simply flash the code and it resets.

We just need to talk to someone there. I know its hard to get a hold of anyone let alone get this info out of then.

But cool you guys got it back reset.

I think it is like the HTC One tampered bootloader setup.

Just give it time and we will have a way to reset it.

 

[Jfree3000]

Yeah there is a tread in the international note 3 forum about this same thing. Couldn't find it with tapa but the topic was quite a few pages long last time I checked. Appears Samsung had the ability to rest it with their magic equipment.

Sent from my SM-N900T using Tapatalk

 

[CalcProgrammer1]

There could be many possibilities here:

1. They replaced the whole device, motherboard, or CPU. The motherboard contains the CPU which supposedly contains the efuse. Replace the whole board with a fresh stock board and it will be reset. They definitely have the ability to load your old unit's serial number/IMEI/etc. onto the new board if need be.

2. The Knox flag is an efuse, but there are backup fuses. They could have set it so that a tripped fuse can be "reset" by blowing yet another fuse, which in turn would make the knox flag look at yet another fuse for the status. Since efuses are likely just one-time programmable memory there's probably millions of potential fuses in the chip. OTP memory is often available in the hundreds-of-KB to MB range on integrated CPU chips like this.

3. The Knox flag isn't an efuse, but rather a bit in EEPROM or Flash memory. If this is the case, they can reset it by just erasing the secret location that holds this status. It's possible the CPU has a small bit of EEPROM memory inside that could hide the bit from being found in the main EMMC flash. I have no idea if this is the case on this particular SoC though.

I highly doubt the efuse is a soldered on discrete component they could just replace. For one, it would have been found on the board during teardowns and two, I'm sure we'd be seeing "knox reset services" offering to replace the blown fuse for a price. Plus it would increase cost, something no high volume manufacturer want to do.

 

[shaungregg]

Mine bricked flashing from Wicked 4 to 5, couldn't Odin stock back and my backups wouldn't work either. T-Mo overnighted me a new one after the tech at the store tried to boot it up a few times.

 

[xclub_101]

Thing is, the Knox warranty gets voided by a private key missing from the bootloader. Most likely, they are just flashing it back to stock with the signed bootloader, hence returning it back to 0x0.
...

No, that is not accurate - that theory was tested by re-programming the flash directly with JTAG programmer and it failed on Qualcomm-based devices where something IS stored in qfuses (but there are rumors it might work on Exynos-based devices and the latest generation of JTAG programmers that can also access the "invisible" partitions of flash.).

 

[DAD12345]

I agree someone on here will cracked it

Sent from my SM-N900T using XDA Premium 4 mobile app

 

[daneurysm]

I agree someone on here will cracked it

Sent from my SM-N900T using XDA Premium 4 mobile app

While I'm all for enthusiasm, positivity and support for the community I think you should ask Verizon modders and Moto modders.

Aside from the fact that as we find exploits that only makes the next exploit increasingly more difficult to come across (as we are pointing out the weaknesses in their systems in the process, effectively helping to harden the security wielded against our own community...for good and evil), if this e-fuse thing ends up being what a lot of us suspect it is (or, worse yet, what they claim it is) then there ain't much to "crack," sadly.

Thankfully this has the potential to be an extremely elaborate system. The more elaborate it is the more vulnerabilities will exist for it. Though, again, as we exploit vulnerabilities we are only helping them to harden the system against future compromises of said security.

...There is a very high likelihood that in the not-so-distant future we'll have to just get a Nexus device to ensure custom ROMability...and that's assuming that El Goog doesn't turn to teh evilz outright.

Either way, here's hoping for the best.

 

[ihidbehindmusic]

Someone posted earlier about trading in a device with Knox tripped concerned about JUMP upgrade eligibility. I would say it isn't an issue, as a T-Mobile Retail Sales Rep not a damn person in store would even know what Knox was anyways, and the people who did would not care if it were tripped.

Sent from my SM-N900T using XDA Premium 4 mobile app

 

[hypershark]

It took about a week between sending it in and getting it back. The issue I had was that the note would not reboot if you pulled the battery and reinserted without having to connect it to the charger. Before I sent it in, i flashed back to stock using ODIN. I checked the status of the repair and it said they had replaced a component. I wasn't sure if they were going to do anything since I had tripped KNOX counter.

**The kicker**

I got it back today and immediately went into download mode and to my surprise, KNOX was reset to 0X0!! I know they said they were going to flash it back to stock when they got it, but i didn't think KNOX could be reset (even by them).

I was having issues with my Note 3. (Unit becoming unresponsive intermittently) After trying to clear cache(s) and reverting back to stock via Kies, as well as not installing any apps, AND having it freeze on me during initial setup, it became clear that the device had an issue. Sent it to Samsung (Plano,TX) and the technical assigned it a "BER" (Beyond Econimical Repair) status. They shipped it back the same day and received it via UPS exactly a week later from when I mailed it out. In detail, they didn't even touch it because Knox was voided.

Not giving up, I went to a TMobile store and told them the symptoms and replicated the issue. I also mentioned that Samsung wouldn't fix it due to Knox being tripped. The manager at the store was helpful and explained to me that TMo has a warranty exchange program separate to the manufacturers. So, he verified that it was a TMobile phone (checking IMEI) and ordered a replacement Note 3. I paid the $20 processing fee. I would then simply have to send the defective unit back. I asked about Knox begin tripped. He stated that as long as there isn't any physical damage (screen) or water damage, that I shouldn't be liable for anything else. (He inspected the unit and deemed it was free of those things)

Anyway, he did mention that the unit could be a new or refurb depending on what they had in stock. I told him that it didn't matter as long as it the replacement works. We'll see... The unit arrives in five days.

 

[mrhomg]

That makes me feel great incase mine ever breaks. I cannot live without root.

Sent from my SM-T520 using XDA Premium HD app

 

[audscott]

Yes but this goes a long way to proving that it isn't an efuse as has been suggested in the past and has been shot around as being a fact by so many. An efuse wouldn't ever be able to be reset. Since its being reset, there is a possibility (no matter how small) of figuring out how to reset the bootloader so that it is signed when it gets sent in for warranty or traded in for JUMP.

There's a thread on the T-Mo JUMP! here in he general section that corroborates instances of JUMP! and warranty returns not affecting warranties. In fact, I sent my knox tripped N3 back to T-Mo on JUMP! warranty replacement last month without incident.