Contrary to popular belief; Gaining root access to the system on this device is not as 'insecure' and 'dangerous' as one might think; Follow the correct safety measures mentioned below, and all will be failsafe. All tools/software used here is thoroughly tested, reliable and secured with years of working with Samsung devices.
With root you can edit your hosts file using https://f-droid.org/en/packages/org.adaway/ and check the world of rooted options.
After rooting you can keep your device up to date with security patches via
Settings > Software Update > Download updates manually
See Magisk tips for an explanation on how to use Magisk Manager to switch between rooted and unrooted states. This also allows you to use the stock bootloader to buy stuff via the Samsung store, and afterwards switch back to root.
If you have access to early releases of security-patches, having a rooted system allows you to patch against vulnerabilities earlier than having to wait for Samsung to push the updates out. Plus you can kick out system apps and services that you would never use that could only pose extra risks otherwise.
Now for the steps to gain root;
1. First, grab the required files to root your pocket super-computer:
Download SAMSUNG_USB_Driver_for_Mobile_Phones.zip from
unpack, run the exe and install.
Download Odin 3.13.1 (or newer) from
and unpack it in a folder you can find later.
Download Team Win Recovery Project for CrownLTE from
and put the TWRP*.tar.md5 file in the folder where Odin*.exe is
Download n9*.zip from
2. Make sure you have back-ups of your valuable data and keys stored outside of your internal Samsung storage, on an external micro-sdcard or remote server, or cloud option. Back up your DCIM folder and other data you've stored on your device. Check the chat back-up options within WhatsApp, and in Signal if you use that. If you use Titanium Backup make sure you don't have your back-up directory on internal storage.
3. Update your phone to the latest patches offered by Samsung;
Settings > Software Update > Download updates manually
As long as you're in stock firmware, might as well patch to the latest over the air updates.
4. Enable Developer Options (Settings > About phone > Software information - Tap 7 times on Build number to activate the Developer options at the bottom of the Settings menu)
5. Now under Settings > Biometrics and security
switch OFF [ Google Play Protect ] (apart from the open holes in their security setup, you'll see Google shows if an app is 'Verified in the Playstore' anyway whenever you install a new app..)
Under the Settings > Developer options;
switch off [ Auto update system ]
switch on [ USB debugging ]
switch off [ Verify apps via USB ]
switch on [ OEM unlock ]
It will prompt you this will Factory Reset the device. Let it do this.
6. On your PC fire up the Odin*.exe you've downloaded earlier, then in Odin under "Options" untag "Auto reboot". Don't connect your USB cable to your phone just yet !
7. Put your Note in 'Download mode'. To achieve that state follow this carefully, you have to perform near acrobatic stuff, so be careful not to drop your phone:
- Power down your phone. Wait a second.
While keeping both [Volume down] + [Bixby] buttons pressed,
put in your USB cable with Odin running on your PC
(putting in the cable powers up the phone),
the phone boots with a light-blue screen. Release the buttons, and then
press [Volume up] to allow Downloading.
Odin will tell you it [Added!] your device.
8. In Odin click on [ AP ] and select the TWRP tar.md5 file, then click [ Start ]
Check if TWRP recovery was successfully flashed onto your Note, Odin will say "Passed!"
9. Then boot with TWRP recovery, in order to do so, again, some acrobatics are required:
- Disconnect the USB cable from the phone,
hold [Vol down] + [Power] buttons until it powers down,
but don't let go off the [Power] button! It has to remain pressed.
As soon as the screen goes black let go of the [Vol down] and immediately
press both [Vol Up] + [Bixby] buttons (while [Power] remains pressed)
this will make it boot into the great TWRP.
or, if you've already accidentally booted:
- Press [Power] button, press and confirm (Restart) on screen,
while it's showing the shutdown animation press the [Power] button,
keep it pressed! Immediately after the screen goes dark
press [Vol Up] + [Bixby] buttons. It should then boot into TWRP.
10. In TWRP swipe right to allow modification. In the main TWRP screen, Select WIPE - Then FORMAT DATA - You need to type 'yes' to perform the wipe. This will erase all data including Internal Storage from your device. This part is required so the /data partition is no longer encrypted.
After the format completes, go back to the main TWRP screen and click Reboot and then 'Recovery', This will reboot to TWRP again.
11. Connect your USB cable if it is no longer connected. After your device booted into TWRP again on your PC you should see "omni-crownlte" and under that [Internal storage]. Upload n960*.zip into the root of your device's internal storage.
12. Now in TWRP select [ Install ] and scroll down to the bottom where you'll see n960*.zip. Select image, swipe right to confirm flash. Follow the instructions, make sure you have it install magisk and busybox, and pick the 'OEM Patch' option, doing so will prevent losing the OEM unlock option and with that you will not see the infamous 'custom binary error' with apps attempting to use root access.
13. Once flash successfully finished, it jumps back to TWRP, from where you can pick Reboot > System.
14. Let your device create new caches and wait for the normal setup of your rooted device!
Thanks to BlackMesa123 and Dr Ketan for some ideas and fixes.
P.S. - If you ever find a problem because SELinux status is set to "enforcing", you can set it to "permissive" in any terminal emulator, by typing "su" [Enter] then "setenforce 0" [Enter].
- If you need more guidance with the rooting process, check this guide.