After you install TWRP on the Galaxy Note 9 the Samsung Experience software recognizes that changes have been made. Specifically, a service called the Service Log Agent notices this and warns the user via a notification about unauthorized actions. This notification will constantly come back unless we use a free application to prevent it from happening.
Some OEMs are okay with letting people modify the software on the smartphones they sell to customers. Some will limit various features (like Samsung does) if there have been any modifications made. But then there are some (Samsung again) who may want the user to be aware that such changes have been made. This is particularly useful if you bought a used phone.
What is the Security Log Agent?
Dozens of premium Android apps go on sale every single day. Check out the latest over at PlayStoreSales.com.
This system application is called the Security Log Agent and it sits in the background constantly monitoring your device for any such changes. For someone like you or me who have purposefully installed TWRP and/or gained root access, we don’t need this notification sitting in our Notification Shade. But again, if someone bought the phone used then they may not be aware of the changes.
This notification tells you that “authorized actions have been detected,” and that you need to “restart your device to undo any unauthorized changes.” Installing TWRP isn’t something that can be undone by simply rebooting the Galaxy Note 9 but we can uninstall the application that is displaying this notification (this method does require root access).
How to Disable the Galaxy Note 9 Security Notice Notification
- Download and install the Root Uninstaller application
- Open the Root Uninstaller application and tap the OK button at the bottom right
- Grant Root Uninstaller access to your storage
- Then grant the Root Uninstaller application Superuser access via the Magisk pop-up
- Tap the magnifying glass at the top and search for the word “security” (without quotes)
- Look for the SecurityLogAgent package so you can tap on the empty check box to the right of it
- Now tap the Uninstall button at the bottom to start uninstalling the process
- You will be prompted twice about restarting the Galaxy Note 9 after uninstalling the Security Log Agent Notice
- Wait for the Galaxy Note 9 to Reboot and the unauthorized actions notification will no longer appear
There are many, many ways that we can go about uninstalling the package that creates this Security Notice notification but I found this method to be the easiest. That will always be my goal here at Android Explained, to show you the easiest way possible to get something done. I know there are a lot of people who are intimidated by ADB/Fastboot and the command line interface.
Why is Samsung Annoying us With a Notification?
I wish I could answer this question. Smartphones from companies like Google and OnePlus display a warning message during the boot cycle. I’m guessing that Samsung did some data collection and found out that people ignore things that show up while the phone is booting. Whatever the reason is though, this is what Samsung has chosen so this is what we have to deal with.
Remember, this is all about Knox and the security protections that it adds to features of the Galaxy Note 9. So, now that we are no longer protected by Knox, we see errors pop up when doing certain things (like trying to create a Secure Folder). So it’s possible that this notification is a reminder for those times when people are confused by those types of errors.
Most OEMs also choose to not show a notification when the phone is in Safe Mode either. However, Samsung does this too so I guess all of this is par for the course.
Will This Make the Galaxy Note 9 Any Less Secure?
Since we have already unlocked the bootloader of the Galaxy Note 9, and then we installed TWRP on the smartphone, there isn’t much else we can do to make the phone less secure. There are enough malicious applications out there from untrusted sources. People are enticed into installing free versions of premium applications and games all the time.
Your bootloader can be locked and the phone could not have root access and those malicious applications can do a lot of bad things to your device. This is why there are so many different layers of protection when it comes to sideloading applications. We have the unknown sources toggle, the Google Play Protect scanner and the verify apps feature.
All of this isn’t even taking into account that a phone could have an unlocked bootloader or TWRP installed and rooted. My main point here is to not install applications from untrusted sources. It’s pretty easy to jump on a forum like XDA-Developers and ask if an application or source is trustworthy. I would say that places such as XDA Labs, APK Pure, and APK Mirror are all trusted sources.
Use Your Common Sense
These sources aren’t promising premium apps and games for free though. So that’s a big sign that they are trusted by the community. Just use your common sense and you will be okay to install thousands of useful mods and apps from those trusted sources. I also want to tell you to be careful with what you choose to uninstall with this application.
Just like I showed you, we can easily uninstall a system application in a matter of seconds. If you were to uninstall a vital system application then it could prevent the Galaxy Note 9 from booting. It could prevent certain apps from opening or you could lose access to even more Samsung applications and services (like we lose when we tripped Knox).
You may be okay with “debloating” the Galaxy Note 9 and doing so could save you some battery life while also increasing the overall performance (by a small amount). Again, just use your common sense and at least create a backup via TWRP so that you can restore from it in case something goes wrong.