hey everyone i recently got a new alaxy a70 and i dont want to trip knox but i want android 9 on it i have checked and there was no bootloader update so can i just flash the files with odin without unlocking bootloader and will this keep knox untripped
As long as you're flashing official firmware, you shouldn't trip Knox. I could be wrong.
If the bootloader version hasn't changed, you should be able to downgrade. You cannot however downgrade the bootloader, so if it was, say, version 3 on Android 9 but was updated to version 4 on Android 10/11, you wouldn't be able to downgrade.
V0latyle said:
As long as you're flashing official firmware, you shouldn't trip Knox. I could be wrong.
If the bootloader version hasn't changed, you should be able to downgrade. You cannot however downgrade the bootloader, so if it was, say, version 3 on Android 9 but was updated to version 4 on Android 10/11, you wouldn't be able to downgrade.
Click to expand...
Click to collapse
official firmware and here you can see theres 1 build of android 9 with a bootloader of 5 same as latest update
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
You should be fine then.
I can't say for 100% that this won't trip Knox, but my understanding of KG/Vaultkeeper is that only custom or modified images will trip it. Since you're flashing official signed firmware, I don't think there would be a problem.
V0latyle said:
You should be fine then.
I can't say for 100% that this won't trip Knox, but my understanding of KG/Vaultkeeper is that only custom or modified images will trip it. Since you're flashing official signed firmware, I don't think there would be a problem.
Click to expand...
Click to collapse
in my experience it trips when unlocking bootloader but it should be fine for official as for that you dont need to unlock it
Win_7 said:
in my experience it trips when unlocking bootloader but it should be fine for official as for that you dont need to unlock it
Click to expand...
Click to collapse
Unlocking the bootloader does not trip Knox.
Flashing custom or modified firmware does. So, if you unlock the bootloader, but only use pristine OEM firmware and never root the device or flash TWRP or a custom ROM, Knox should remain 0x0
V0latyle said:
Unlocking the bootloader does not trip Knox.
Flashing custom or modified firmware does. So, if you unlock the bootloader, but only use pristine OEM firmware and never root the device or flash TWRP or a custom ROM, Knox should remain 0x0
Click to expand...
Click to collapse
interesting thank you for your information
Win_7 said:
interesting thank you for your information
Click to expand...
Click to collapse
No problem.
I think the confusion comes from the fact that unlocking the bootloader means that security sensitive features won't work. SafetyNet (now Play Integrity) fails, and so do apps that depend on Knox security features, even though Knox hasn't been tripped.
The following should help clarify this:
Locked bootloader, OEM firmware: Knox 0x0, integrity guaranteed
Unlocked bootloader, unmodified OEM firmware: Knox 0x0, integrity NOT guaranteed
Relocked bootloader on OEM firmware as long as no modified image was ever flashed: Knox 0x0, integrity guaranteed
Unlocked bootloader, modified firmware (This means ANY modification, be it Magisk patch, custom recovery, custom ROM, etc): Knox 0x1, integrity NOT guaranteed (but can be fixed in Magisk)
Relocked bootloader, OEM firmware after Knox tripped: Knox 0x1, integrity guaranteed (Samsung apps might not work, Play Integrity dependent apps should)
V0latyle said:
No problem.
I think the confusion comes from the fact that unlocking the bootloader means that security sensitive features won't work. SafetyNet (now Play Integrity) fails, and so do apps that depend on Knox security features, even though Knox hasn't been tripped.
The following should help clarify this:
Locked bootloader, OEM firmware: Knox 0x0, integrity guaranteed
Unlocked bootloader, unmodified OEM firmware: Knox 0x0, integrity NOT guaranteed
Relocked bootloader on OEM firmware as long as no modified image was ever flashed: Knox 0x0, integrity guaranteed
Unlocked bootloader, modified firmware (This means ANY modification, be it Magisk patch, custom recovery, custom ROM, etc): Knox 0x1, integrity NOT guaranteed (but can be fixed in Magisk)
Relocked bootloader, OEM firmware after Knox tripped: Knox 0x1, integrity guaranteed (Samsung apps might not work, Play Integrity dependent apps should)
Click to expand...
Click to collapse
so theres no way to untrip knox right? i have a 2nd a70 that i did customize id like to get secure folder working i already tried the following:
1. knoxpatch
2. knoxpatch enhancher
3. smali patcher (pc)
4. general samsung patcher
5. securefolder_magisk.zip
but none worked no matter the order or anything i have hope in knoxpatch and it did work on another device of mine (sm-j330fn) but just not here
my 2nd a70 (unlocked) is running android 10 oneui 2.5
Win_7 said:
so theres no way to untrip knox right? i have a 2nd a70 that i did customize id like to get secure folder working i already tried the following:
Click to expand...
Click to collapse
Nope, Knox trip is basically an e-fuse - once tripped it is permanent and cannot be reversed.
Win_7 said:
1. knoxpatch
2. knoxpatch enhancher
3. smali patcher (pc)
4. general samsung patcher
5. securefolder_magisk.zip
but none worked no matter the order or anything i have hope in knoxpatch and it did work on another device of mine (sm-j330fn) but just not here
my 2nd a70 (unlocked) is running android 10 oneui 2.5
Click to expand...
Click to collapse
Don't know anything about that, sorry.
V0latyle said:
Nope, Knox trip is basically an e-fuse - once tripped it is permanent and cannot be reversed.
Don't know anything about that, sorry.
Click to expand...
Click to collapse
what advantages does RElocking bootloader have?
Win_7 said:
what advantages does RElocking bootloader have?
Click to expand...
Click to collapse
It's realy a matter of opinion, I think.
I prefer to have my bootloader unlocked so that I can flash whatever I want. I don't use Samsung security features so I don't care about Knox, and I'm able to use other means to pass Play Integrity so I can use Wallet and banking apps.
I personally wouldn't use a Samsung as my daily driver due to the Knox factor, but that's just me. I like my Pixel because I can do whatever I want with it, and should I ever decide that I want to unroot and return to bone stock, I can do that without having any permanent repercussions.
From a technical standpoint, locking the bootloader just means that only official signed binaries will load. This also restores hardware backed attestation allowing for STRONG integrity result in Play Integrity...as useless as that is
V0latyle said:
It's realy a matter of opinion, I think.
I prefer to have my bootloader unlocked so that I can flash whatever I want. I don't use Samsung security features so I don't care about Knox, and I'm able to use other means to pass Play Integrity so I can use Wallet and banking apps.
I personally wouldn't use a Samsung as my daily driver due to the Knox factor, but that's just me. I like my Pixel because I can do whatever I want with it, and should I ever decide that I want to unroot and return to bone stock, I can do that without having any permanent repercussions.
From a technical standpoint, locking the bootloader just means that only official signed binaries will load. This also restores hardware backed attestation allowing for STRONG integrity result in Play Integrity...as useless as that is
Click to expand...
Click to collapse
i like samsung more for everything else other than knox and bootloader updates
V0latyle said:
It's realy a matter of opinion, I think.
I prefer to have my bootloader unlocked so that I can flash whatever I want. I don't use Samsung security features so I don't care about Knox, and I'm able to use other means to pass Play Integrity so I can use Wallet and banking apps.
I personally wouldn't use a Samsung as my daily driver due to the Knox factor, but that's just me. I like my Pixel because I can do whatever I want with it, and should I ever decide that I want to unroot and return to bone stock, I can do that without having any permanent repercussions.
From a technical standpoint, locking the bootloader just means that only official signed binaries will load. This also restores hardware backed attestation allowing for STRONG integrity result in Play Integrity...as useless as that is
Click to expand...
Click to collapse
so if im scared of frp lock but dont want to trip knox is it fine to unlock bootloader but not flash anything custom
Win_7 said:
so if im scared of frp lock but dont want to trip knox is it fine to unlock bootloader but not flash anything custom
Click to expand...
Click to collapse
FRP has nothing to do with Knox. There is no point in unlocking your bootloader if you aren't going to root or flash custom firmware.
Knox will trip if you flash ANYTHING other than original unmodified firmware. This includes Magisk patched images and custom recovery.
The main effect of tripping Knox is that your warranty will no longer be valid. If you're already outside the 1 year warranty period, it doesn't matter anyway. There is the possibility that some Samsung specific services and apps may not work correctly but from what I've been reading most of them still work even with Knox 0x1.
V0latyle said:
FRP has nothing to do with Knox. There is no point in unlocking your bootloader if you aren't going to root or flash custom firmware.
Knox will trip if you flash ANYTHING other than original unmodified firmware. This includes Magisk patched images and custom recovery.
The only effect tripped Knox will have is some Samsung security features such as Samsung Pay will not work. It does not affect any Google apps or services.
Click to expand...
Click to collapse
i know but i ment should i have it unlocked still in case of it getting frp locked i can open it again or is that possible to do by flashing stock on locked?
Win_7 said:
i know but i ment should i have it unlocked still in case of it getting frp locked i can open it again or is that possible to do by flashing stock on locked?
Click to expand...
Click to collapse
I don't see how unlocking the bootloader will help with FRP.
V0latyle said:
I don't see how unlocking the bootloader will help with FRP.
Click to expand...
Click to collapse
well then incase its frp locked you can sacrifice knox in order to get twrp and magisk then reflash os and boom frp is one
Win_7 said:
well then incase its frp locked you can sacrifice knox in order to get twrp and magisk then reflash os and boom frp is one
Click to expand...
Click to collapse
Ah.
Well...that seems like a complicated workaround when you can just make sure you have a way to get back into your Google account in case you forget your password.
Related
Just a question im hoping someone can help me with
I have an S4 mini, I-9197 with std firmware, 4.2.2
build is I9197XXUBML3 which has knox and locked bootloader
I would like to get root on this device to run a particular app, but according to CF website
"UNLOCK BOOTLOADERS If you have locked bootloaders, flashing one of these will probably brick your device"
So has anyone sucessfully got root on this model phone and software or is it not possible due to locked bootloader and potentially bricking it,
Im not concerned with KNOX warranty status as i dont use any apps that need it, just need root access.
jamies22 said:
Just a question im hoping someone can help me with
I have an S4 mini, I-9197 with std firmware, 4.2.2
build is I9197XXUBML3 which has knox and locked bootloader
I would like to get root on this device to run a particular app, but according to CF website
"UNLOCK BOOTLOADERS If you have locked bootloaders, flashing one of these will probably brick your device"
So has anyone sucessfully got root on this model phone and software or is it not possible due to locked bootloader and potentially bricking it,
Im not concerned with KNOX warranty status as i dont use any apps that need it, just need root access.
Click to expand...
Click to collapse
Try Towelroot
https://towelroot.com/
download, install and that should do the magic.
have tried towelroot but phone just reboots therefore is unsucessful
I guess that that phone is completely locked from modification.
Googling and searching this website have yielded nothing useful so I figured I'd ask:
Has anyone yet been able to unlock the bootloader on the sm-t807a (the AT&T model of the 805)?
Thanks in advance. I'm just itching debloat this sucker and see what it can really do.
Not yet.
Okay; further query. Does the locked bootloader just mean I'll trip knox if I flash a custom ROM or otherwise acquire root or is it more insidious than that? Because I'll trade my warranty for root any day of the week. Is there absolutely nothing I can do? I can live with just root and not being able to use a custom ROM but I don't know how long I can run this thing without xposed before I lose my mind.
Locked bootloader means nothing will flash unless it stock and signed. There's chance of a brick and/ or end up with Knox tripped just for the he'll of of it.
Has anyone gained any ground on the T-807A as far as unlocking the bootloader. All I can get into is Odin Mode. Is there a fastboot mode? I have two tablets that are locked up and unbootable because of unapproved software. (TWRPn recovery on both occasions)
Geraldleach2 said:
Has anyone gained any ground on the T-807A as far as unlocking the bootloader. All I can get into is Odin Mode. Is there a fastboot mode? I have two tablets that are locked up and unbootable because of unapproved software. (TWRPn recovery on both occasions)
Click to expand...
Click to collapse
Just flash the stock firmware with odin.
If I were to unlock my bootloader, flash unmodified 8.1 dev preview and relock the bootloader, would I be able to pass safetynet? Or does unlocking the bootloader mean I'll permanently need to find workarounds no matter what I do afterwards?
Magisk rooting hides that. I can confirm that it works all the way up to November security patch. Look at the developer forum for more information.
TheSt33v said:
If I were to unlock my bootloader, flash unmodified 8.1 dev preview and relock the bootloader, would I be able to pass safetynet?
Click to expand...
Click to collapse
Yes.
I have a related question. Is locking the bootloader even necessary? I thought having an unrooted rom on an unlocked bootloader phone passes safetynet?
Hobox10 said:
I have a related question. Is locking the bootloader even necessary? I thought having an unrooted rom on an unlocked bootloader phone passes safetynet?
Click to expand...
Click to collapse
Safetynet checks for Bootloader Status, unlocked doesn't pass.
Hobox10 said:
I have a related question. Is locking the bootloader even necessary? I thought having an unrooted rom on an unlocked bootloader phone passes safetynet?
Click to expand...
Click to collapse
Custom roms often make changes at the kernel level to block safetynet's ability to check the bootloader status, which makes it pass (for now). Magisk also hides bootloader unlock status from safetynet. So there are workarounds.
Hi! I Just got the A2 Lite and would like to try some ROMs on It.
Will unlocking the bootloader void my warranty?
And if yes, Will re locking It get my warranty back?
Thanks in Advance
Unlocking the bootloader supposedly voids your warranty, but AndroidOne devices have no protection like Knox (which trips if you unlock BL), so there's no way of knowing if it's been unlocked before. Just flash the stock firmware via MiFlash and lock your bootloader before sending your device to warranty, voila. None of the roms I've tried work as good as the stock one though, I'd suggest rooting instead of changing the ROM. Have a nice day.
Very Good Answer Mastonpear...
marstonpear said:
Unlocking the bootloader supposedly voids your warranty, but AndroidOne devices have no protection like Knox (which trips if you unlock BL), so there's no way of knowing if it's been unlocked before. Just flash the stock firmware via MiFlash and lock your bootloader before sending your device to warranty, voila. None of the roms I've tried work as good as the stock one though, I'd suggest rooting instead of changing the ROM. Have a nice day.
Click to expand...
Click to collapse
Thanks!!!
Hi
I did the Unlocked OEM succes, but not root process, and right now i cant use the whole app of knox samsung as samsung pass, samsung pay, netflix.
I didn´t know, doing the Unlocked OEM the phone wouldn´t work as if it were root.
Somebody would help me to get back the Unlocked OEM for can use the mentioned APPs.? please.....
tradermax said:
Hi
I did the Unlocked OEM succes, but not root process, and right now i cant use the whole app of knox samsung as samsung pass, samsung pay, netflix.
I didn´t know, doing the Unlocked OEM the phone wouldn´t work as if it were root.
Somebody would help me to get back the Unlocked OEM for can use the mentioned APPs.? please.....
Click to expand...
Click to collapse
The same way you got rid of it. Same process.
Brava27 said:
The same way you got rid of it. Same process.
Click to expand...
Click to collapse
Hi
Thank you so much but you cannot explain me step by step because I'm not sure the right way.
Pretty sure with Samsungs once you trip Knox there's no way back. Made that mistake with Tab S4
tradermax said:
Hi
I did the Unlocked OEM succes, but not root process, and right now i cant use the whole app of knox samsung as samsung pass, samsung pay, netflix.
I didn´t know, doing the Unlocked OEM the phone wouldn´t work as if it were root.
Somebody would help me to get back the Unlocked OEM for can use the mentioned APPs.? please.....
Click to expand...
Click to collapse
Not sure what exactly you did.
Do you mean you just toggled "allow OEM unlock" in Developer Settings? If so, just go back to Developer Setting and toggle it back off.
Do you mean you booted into Download mode and confirmed you wanted to unlock the bootloader? If that's the case, I'm not sure. Maybe boot into Download mode again and see if there's an option to relock it?
Either way, unlocking the bootloader should not have tripped Knox or prevented you from using Knox services.
Now. If you unlocked the bootloader and flashed TWRP or any custom firmware, then Knox is tripped and that is irreversible. If that's the case you'll never be able to use Knox services on that device again.
Mr. Orange 645 said:
Not sure what exactly you did.
Do you mean you just toggled "allow OEM unlock" in Developer Settings? If so, just go back to Developer Setting and toggle it back off.
Do you mean you booted into Download mode and confirmed you wanted to unlock the bootloader? If that's the case, I'm not sure. Maybe boot into Download mode again and see if there's an option to relock it?
Either way, unlocking the bootloader should not have tripped Knox or prevented you from using Knox services.
Now. If you unlocked the bootloader and flashed TWRP or any custom firmware, then Knox is tripped and that is irreversible. If that's the case you'll never be able to use Knox services on that device again.
Click to expand...
Click to collapse
I think once you unlock it trips Knox as it considers itself "vulnerable" then.
jjayzx said:
I think once you unlock it trips Knox as it considers itself "vulnerable" then.
Click to expand...
Click to collapse
I used to think that as well; however, I've been told by a few Exynos users that unlocking bootloader itself will not trip Knox. I did some research last night and the site's I found agreed. Knox is not tripped until a custom recovery or firmware is flashed.
I'm NOT saying I'm 100% right about that. I have a US Snapdragon and haven't unlocked a bootloader since the S7Edge (I bought a Exynos model of that phone from eBay). I'm just researching and trying to help the OP best I can. It sounds like he tripped Knox and that can't be reversed, but won't know until we find out exactly what he did.
Mr. Orange 645 said:
I used to think that as well; however, I've been told by a few Exynos users that unlocking bootloader itself will not trip Knox. I did some research last night and the site's I found agreed. Knox is not tripped until a custom recovery or firmware is flashed.
I'm NOT saying I'm 100% right about that. I have a US Snapdragon and haven't unlocked a bootloader since the S7Edge (I bought a Exynos model of that phone from eBay). I'm just researching and trying to help the OP best I can. It sounds like he tripped Knox and that can't be reversed, but won't know until we find out exactly what he did.
Click to expand...
Click to collapse
Yea SD here, he might have done something more than, instead of just toggling.