Remove Knox configure customization crap? - Samsung Galaxy Note 10 Lite Guides, News, & Discus

Hello, I received a Galaxy Note10 Lite as a gift from a bank, but on the first boot will launch Knox Configure and download a profile, with crappy customized startup and poweroff animation and the bank app (of course with the uninstall option disabled).
I've enabled adb and removed/disabled knox and the app bank, but the animation (and maybe more?) remains.
So i've tried to restore and enable adb and uninstall knox BEFORE connecting to the internet and download the knox profile...but somehow the phone will trigger knox and disable the adb debug option (greyed out) until i "activate" it...but if i activate the phone i will get the customization.
Is there a way to get rid of this knox customization crap for good? I simply want a stock phone without the crappy startup animation from the bank! And frankly it's a bit creepy to have my phone under control from a bank...what they can see?
Thank you
P.S. this is not a rented/stolen phone, the knox crap is here just for customization purposes, it works without problems but i want a clean phone.

Related

Quick Qs - Wanam Xposed, Tethering, and disabling OTA

Hey folks!
I followed the instructions posted by allcaps33 at http://forum.xda-developers.com/showthread.php?p=53549710 to get provisioning disabled, and the native hotspot app is working for me now! I just wanted to confirm if this was an operation similar to running Wifi Tether Router on an unlocked/rooted device (I had an S2Sky prior that I tethered off of regularly). I've got one of those too-rare Unlimited Data plans and am traveling cross-country, made possible by being able to tether my laptop to my phone to work. Just wanting to confirm that this was relatively as secure as using the Wifi Tether Router on my S2Sky. On a semi-related note, that app doesn't seem to want to run properly on my S5; when I click Enable Router it turns on the Wifi, which immediately connects to the house's wired router. It still broadcasts but doesn't send data, and it's hit or miss if a device can even connect to it from there.
Next question - I'm used to flashing a CM ROM within the first couple days of getting a new phone, which doesn't seem feasible just yet with the S5 (from what I can tell anyway; I'm not used to having a current-gen device). I've heard about the myriad evils of OTA updates, and was hoping to get help on how to disable them. I would like to avoid my device upgrading to a point where my above-stated desired functionality is disabled. Ideally, I'd like to get rid of the various bloatware apps as well, though am not sure how to go about that.
I appreciate your time and support, and thanks for being a community that's always been there for me as I derp along with my fancy internet boxes!
Hi!
The absolute easiest way is to use Rom Toolbox. I have the pro version, but I believe it's available in the lite version as well.
Download and open up RTB.
Tap on "App Manager"
Then scroll down until you see "AT&T Software Update"
Tap on it.
A popup will display. Swipe from right to left, and you will be on the "Advanced" tab.
Scroll down and tap on "Advanced Freeze."
You will come to a screen which shows you the Activities, Recievers, Services, and Providers. Tap on EACH box/line. This will Disable OTA services.
We're not done yet!
Go back to the App Manager screen again, and repeat the process for an app called "LocalFOTA"
Finished!
I also Disable most of the bloatware and Knox this way.
Have fun!
---------- Post added at 12:58 PM ---------- Previous post was at 12:49 PM ----------
Now for the hard part...
Yes this can be as secure as the other the tether. Ensure you use and change the password service with the app.
As for the tether turning your wifi on, it is supposed to do that. The best way to get this to work is to turn the tether on and off (then on again). If this does not work, try emptying the data/cache for the built-in tether app. And start from scratch.
allcaps33 said:
I also Disable most of the bloatware and Knox this way.
Click to expand...
Click to collapse
KNOX - What is it? I'm under the impression it's some sort of security for the phone, to protect from malicious activity that you might not be aware of, but also that it'll "tattle" on you if you mod your phone in a way AT&T doesn't approve.
Knox is two things.
1) It is a security container for apps. It works as both a license/drm type software for Samsung official apps.
And
2) Android contains a root environment at all times. This is what makes SU possible. It used to be quite easy to invoke Android system calls as root.
Root is actually separate from super user. Knox, like SEPolicy, helps dev companies detect, halt, and/or hinder apps, not su itself, but apps that that use these root system calls.
Be wise, even though Knox itself does not "report" these types of actions, it still logs them. And there are other apps that can read these logs and send out these reports. I should say (and I'm only guessing) that only work/company issued phones are setup like this. Not your personal phone.
In fact, our phones actually contain a file which logs all root system calls. It has nothing to do with Knox but, I believe this binary is what hinders us open devs, but makes it easy for Samsung and AT&T to restore/repair our phones.
For more info on Knox:
https://www.samsungknox.com/en/partners/app-developers

Can I Safely Disable IPSec Service?

I'm still seeing Android System using the lion's share of my battery life and I've started looking at the services running within it. The IPSec service is always near the top of the Android System pile and I was wondering if it's safe to disable it.
Some light Googling is turning up the service is related to VPN networking but there's not much more available (at least at an entry level of understanding). This link provides a decent understanding. I don't use remote access or corporate VPNs. My only real question is if I disable it using the App manager, are there routine functions that might be disabled? Should I be weary about Samsung Pay?
Thanks!
Finaly have you find a solution ? i'm reseaching on google and i can't find how disable ipsec on android , if you have know how do this , please let me know
Root your phone to enable super user abilities, and search for ipsec in rom manager, then disable it.
Realizing Im going back in time.. Or if you have a device like the Samsung S6 Active, an AT&T branded, close to perfect device which I have yet to find a way to Unlock the bootloader and root ..? Try AdHell-2. The link(s) are here at XDA. You must... 1.) Create a Samsung Account, 2.) Apply for a Developers Account SEAP, 3.) Request a License Key, 4.) Toggle On Unknown Sources in Settings/Lockscreen & Security/Unknown Sources, 5.) Install the AdHell-2 .apk, 6.) Then Activate the App by Copying your License Key. * This is a great App which not only serves as a highly-efficient Ad Block, but also allows for the Disabling of System and User Apps. Anyone reading this know of a way to root the S6 Active?

the warranty isn't the only thing you have to worry about after you trigger Knox!!?

Hi I have a note 4 (marshmallow 6.0.1).
If I tripped knox by either rooting or flashing a custom rom, and then if I decided to revert back say i unrooted and re-flashed the stock rom.
Assuming everything is back normal except that
now you have "knox warrnety void 0*1"
Will I still be able to:
-Enable Knox active protection from Samsung's "smart manager" app.
-Use "Samsung my knox" app
-Use Samsung pay or android pay
-Do OTA updates
Or is having a "stock non-rooted rom" still not enough and you won't be able to do all of the above as long as you have already tripped knox?
(Also apparently you cannot enable it while "rooted" even if you have managed to root it without tripping Knox).
Thanks in advance :good:
I cant confirm things like Android/Samsung Pay, But you cannot use the Knox App anymore. Smart Manager still says protected on mine, and yes OTA updates will work (assuming your not rooted). I'm on stock 6.0.1 rooted myself and I find no issues. Once I got rid of all the bloat. TW actually seems pretty decent. However I do throw on Nova if I want a change.
cash2387 said:
I cant confirm things like Android/Samsung Pay, But you cannot use the Knox App anymore. Smart Manager still says protected on mine, and yes OTA updates will work (assuming your not rooted). I'm on stock 6.0.1 rooted myself and I find no issues. Once I got rid of all the bloat. TW actually seems pretty decent. However I do throw on Nova if I want a change.
Click to expand...
Click to collapse
Amazing thanks for your helpful reply, so you can't use my Samsung knox app. Don't really care about it.
And what happens when you try tp activate "knox active protection" if you have already triggered knox? assuming of course you're not rooted
Does it give like an error?
mandroid email said:
Amazing thanks for your helpful reply, so you can't use my Samsung knox app. Don't really care about it.
And what happens when you try tp activate "knox active protection" if you have already triggered knox? assuming of course you're not rooted
Does it give like an error?
Click to expand...
Click to collapse
I'm rooted at the moment. I don't have exact error right now, but it basically tells me the phone isn't "secure" and cannot use the Knox app. Which for most users it isn't an issue, The Knox app is for someone who wants security for certain things. But overall its for a BYOD environment. A company may want to set up a secure workspace for the email and company files. Then if you ever leave (or lose your phone) they can blow away that information without touching your personal info.
cash2387 said:
I'm rooted at the moment. I don't have exact error right now, but it basically tells me the phone isn't "secure" and cannot use the Knox app. Which for most users it isn't an issue, The Knox app is for someone who wants security for certain things. But overall its for a BYOD environment. A company may want to set up a secure workspace for the email and company files. Then if you ever leave (or lose your phone) they can blow away that information without touching your personal info.
Click to expand...
Click to collapse
Aha I understand now, thank you very much for your helpful response, appreciated.
Reactivation lock will not work if knox is 0x1 - not sure if that's a deal breaker though.

enable biometrics with no screenlock

Pretty basic questions whether i need an app that does this or a workaround i just want to use my biometrics without a dam screenlock? Such as samsung pay, samsung pass, my bank apps and others. Dam google phone arent adding feature like before they are going back in time.
Except without root.
saulc1981 said:
Pretty basic questions whether i need an app that does this or a workaround i just want to use my biometrics without a dam screenlock? Such as samsung pay, samsung pass, my bank apps and others. Dam google phone arent adding feature like before they are going back in time.
Click to expand...
Click to collapse
Actually you can without root. Set your biometrics normally with a password or a pin then go back to lock screen options and change it to swipe or no lock. And from there you will get a warning and it will have 2 options. One is remove data and the other is keep it. If you keep it it will work with the other apps. I have PayPal installed and I did the same thing also Samsung Pay.
And I'm not rooted using stock
Stevieboy02008 said:
Actually you can without root. Set your biometrics normally with a password or a pin then go back to lock screen options and change it to swipe or no lock. And from there you will get a warning and it will have 2 options. One is remove data and the other is keep it. If you keep it it will work with the other apps. I have PayPal installed and I did the same thing also Samsung Pay.
And I'm not rooted using stock
Click to expand...
Click to collapse
No dice. I know that already. My fault i did say basic. Thats the problem. When i put keep data like ice done for a long time but now i get this message and i cant use the fingerprint or iris with any app.
saulc1981 said:
No dice. I know that already. My fault i did say basic. Thats the problem. When i put keep data like ice done for a long time but now i get this message and i cant use the fingerprint or iris with any app.
Click to expand...
Click to collapse
Well then you might need root access. I don't have root access but it works for me just fine so im not sure.
use a secure settings app to set automatic lock delay to something ridiculously high like 540000(several days)
and turn off "lock instantly with power key".
normally you're limited to 30 minutes by the settings app, but if you use a secure settings app you can manually change it to something much higher.
using this setup you no longer need a pin coming from standby(lockscreen is skipped completely) unless you don't touch your phone for several days.
you'll still need a pin when turning on your phone or accessing lockscreen settings, but that's not something you'll do multiple times a day.
this does require ADB(to grant the hidden "secure settings" permission to the secure settings app once) but doesn't require root.
You can't do it anymore. AFAIK, Samsung changed this with the Jan or Feb patch. There's an article on sammobile that highlighted the change.
Edit : Here's the article : https://www.sammobile.com/news/on-o...ed-and-stored-only-with-a-secure-screen-lock/
Sent from my ONEPLUS A5010 using Tapatalk
saulc1981 said:
Pretty basic questions whether i need an app that does this or a workaround i just want to use my biometrics without a dam screenlock? Such as samsung pay, samsung pass, my bank apps and others. Dam google phone arent adding feature like before they are going back in time.
Click to expand...
Click to collapse
I don't use any screenlock etc on my phone.
What i have done is place all my relevant apps eg banking, password manager etc in the Secure folder
(knox protected) If i want to use them i use fingerprint to unlock my secure folder.
Then i use fingerprint, to log into my banking app or use fingerprint for my password manager.
Further, I only install the relevant app (Google Play) that i want, inside secure folder. So no duplication of app.
saulc1981 said:
Pretty basic questions whether i need an app that does this or a workaround i just want to use my biometrics without a dam screenlock? Such as samsung pay, samsung pass, my bank apps and others. Dam google phone arent adding feature like before they are going back in time.
Click to expand...
Click to collapse
I found a small loophole if you have a bluetooth device. You can turn smart lock on and have it stay unlocked as long as its connected to that device be it headset, smartwatch, etc. You can also do it based on location.
Stevieboy02008 said:
Actually you can without root. Set your biometrics normally with a password or a pin then go back to lock screen options and change it to swipe or no lock. And from there you will get a warning and it will have 2 options. One is remove data and the other is keep it. If you keep it it will work with the other apps. I have PayPal installed and I did the same thing also Samsung Pay.
And I'm not rooted using stock
Click to expand...
Click to collapse
It will On SOME apps paypal abd lastpass for example but not others Chase bank for example. Also whos bright idea was it to remove app long press option functionality? No more app info, uninstall etc. Why do they do this s%it?
demize! said:
It will On SOME apps paypal abd lastpass for example but not others Chase bank for example. Also whos bright idea was it to remove app long press option functionality? No more app info, uninstall etc. Why do they do this s%it?
Click to expand...
Click to collapse
Lol. I know but actually some functions still work on the app long press
thedicemaster said:
use a secure settings app to set automatic lock delay to something ridiculously high like 540000(several days)
and turn off "lock instantly with power key".
normally you're limited to 30 minutes by the settings app, but if you use a secure settings app you can manually change it to something much higher.
using this setup you no longer need a pin coming from standby(lockscreen is skipped completely) unless you don't touch your phone for several days.
you'll still need a pin when turning on your phone or accessing lockscreen settings, but that's not something you'll do multiple times a day.
this does require ADB(to grant the hidden "secure settings" permission to the secure settings app once) but doesn't require root.
Click to expand...
Click to collapse
Hi @thedicemaster this sounds like a great solution. I have been trying, but can't get it to work. Can you tell me more on how to do this? Appreciate it!
EDIT: Nvm, I managed to do it
Delete me
It's been years already but I have a way to get it to work without root without installing any apps. I hope it helps some one.
You will need adb and usb debugging on. Open cmd / terminal and execute these 2 commands:
Code:
adb shell settings put secure lock_after_timeout_rollback 86400000
adb shell settings put secure lock_screen_lock_after_timeout 86400000
86400000 = 24 hours in miliseconds. You can change to a number that you find suitable.
This secure settings will survive after reboot so you only need to do once.

Why root our phone nowadays?

Hi,
I used to root my phone but since I bought the S10 I found myself using Samsung Pay instead of using my cards all the time.
Before I used to root in order to have:
- Spotify mod, but now you can hack Spotify without root installing a modded version
- adaway but you can still use adhell
- YouTube vanced worked on non-root device
So do you think it's worth rooting the phone to maybe removing some bloating and add some minor customisations but lose Samsung Pay?
ValouSydney said:
Hi,
I used to root my phone but since I bought the S10 I found myself using Samsung Pay instead of using my cards all the time.
Before I used to root in order to have:
- Spotify mod, but now you can hack Spotify without root installing a modded version
- adaway but you can still use adhell
- YouTube vanced worked on non-root device
So do you think it's worth rooting the phone to maybe removing some bloating and add some minor customisations but lose Samsung Pay?
Click to expand...
Click to collapse
i think yeah, debloating is the first thing to pushed me to root, but more reasons exist, like tweaks to systemui, backups, also this time i use it to be able to mock locations on pokemongo hehe.
The only thing stopping me to root my s10 was securefolder, because the warranty doesn't mind if you break,wet,loose the phone and since someone found a way to use it theres no other reason to not root for me
Chuytl said:
i think yeah, debloating is the first thing to pushed me to root, but more reasons exist, like tweaks to systemui, backups, also this time i use it to be able to mock locations on pokemongo hehe.
The only thing stopping me to root my s10 was securefolder, because the warranty doesn't mind if you break,wet,loose the phone and since someone found a way to use it theres no other reason to not root for me
Click to expand...
Click to collapse
I DO NOT ROOT ANYMORE!
Debloating is NO LONGER an excuse either!! Infact the phones are SUPER EASY to remove ALL the bloatware from!!!
Just flash a stock "unlocked" firmware and boom, bloatfree.. you dont even need to sim unlock!!!
Modded Apks are good enough for me, and work fine on unrooted devices.
You maintain ALL features...
AND YOU KEEP YOUR WARRANTY INTACT!!!
Some apps only work with root. Root also gives you access to install a custom recovery which can be used to make nandroid backups of the phone. Something stock recovery can't do unless you use the flash fire app in which case you need root to use it.
psynetkilla said:
I DO NOT ROOT ANYMORE!
Debloating is NO LONGER an excuse either!! Infact the phones are SUPER EASY to remove ALL the bloatware from!!!
Just flash a stock "unlocked" firmware and boom, bloatfree.. you dont even need to sim unlock!!!
Modded Apks are good enough for me, and work fine on unrooted devices.
You maintain ALL features...
AND YOU KEEP YOUR WARRANTY INTACT!!!
Click to expand...
Click to collapse
if thats your choice thats ok...
warranty is not a deal with because probably I'll break my phone before any factory issue also a full debloated stock firmware?
im not telling you to root but for me is not a need is because i like to do it. manually debloting a rom, use of apps that need device admin without grant it, backups,kernel wireless and framework tweaks, ui customization and a lot of things you can do with root only
Couple of reasons why I have it rooted:
- Replace the ugly Samsung Emoji for any other (I use the legacy but updated blobs).
- Full disable Google if you care "a bit" about privacy.
- Remove Bixby and remap without accepting their contract.
- Full VPN, Android by default don't tether internet with VPN
In overall, rooting is needed if you want to own your device and care about privacy. People have more usage for rooting, but that's why I prefer rooting.
The main reasons I used to root were
-Install black theme. These days every manufacturer offers black themes and Google also offers black themes.
-Adaway for ads removal. There are many alternatives for non rooted devices.
-Viper 4 Android for superior sound. I bought an external DAC which is much better.
-Debloating. Nowdays we are able to remove most of the apps we don't want.
I like my rooted LG G4 a lot, but I need my S10 to use my bank apps without hassle, so I will probably never root it.
Not any real important reasons that usually can't be done some other way, sometimes because their friends are doing it.
Tel864 said:
Not any real important reasons that usually can't be done some other way, sometimes because their friends are doing it.
Click to expand...
Click to collapse
Rooting is cool, only cool kids root :good:
I root my phone just because I want to have the freedom to do what I want.
I like to modify config files for apps (whatsapp for example - better photo quality, larger videos and so on).
Adhell isn't working anymore and non-root adblockers including AdGuard DNS are either sucking battery or you need to disable it often to enter websites. You can't add filters to the DNS. Adaway works great on root.
Also Substratum or similar is great and I like the Swift Black theme.
For me it's more the principe. Before I switched to Android I used to have jailbroken iPhones, only - and I loved the freedom.
But since my warranty's void and my USB port got destroyed by fake moisture I'm thinking about to suppress my thoughts of "Android freedom" - the repair shop wanted 400€ for switching the mainboard. I let them send my S10 back and now VaultKeeper prevents booting...and without USB I don't have any chance to use the phone.
So, rooting is great but if your device got damaged it gets expensive.
It's annoying that the phone brands are working so hard to prevent rooting without any logical reason...VaulKeeper and KNOX are just two examples just by Samsung. Huawei, for example, disabled the unlocking of their devices completely, this was the reason for me to switch to Samsung.

Categories

Resources