When you’re about to sell or give away your old Android phone to upgrade to a newer, better one, the first thing you do (aside from finding a buyer/taker) is to back-up your data, and then do a factory reset. You’re probably confident that all your data, including contacts, emails, log-in details, etc are forever erased from the device. Unfortunately, a group of Cambridge University researchers have found a flaw in the process and they have managed to recover data from these supposedly clean phones.

The factory data reset is built-in to Google’s mobile operating system. But apparently, if you’ve previously turned on the full-disk encryption, people who are knowledgeable about these things will still be able to get your data that you presumably erased. The researchers are estimating that around 500 million devices have not fully wiped clean their partitions that may contain sensitive information like login credentials, emails, contact details, and other files. Around 630 million phones meanwhile do not wipe clean the internal SD cards that may contain pictures, videos, and other important files.

The findings of their research were published in a paper called the Security Analysis of Android Factory Resets. They tested around 21 Android devices from five different manufacturers and all of them retained fragments of old data even after the factory data reset. They were also able to extract from 80% of the devices the master token which is used to access Google user data. Using that master token, they tried to restore the credential file and so were able to resynchronize the contacts, emails, etc.

There were various reasons for this, including failure to include necessary software drivers, the nature of the composition of flash drives being really hard to erase, etc. However, the phones they used for testing were only up to versions 4.3, so there are no studies yet to see if those running beyond that have better factory reset settings. They advise users to create randomly generated passwords to protect full disk encryption, although it is a pain to keep re-entering that everytime you reset. Users can also fill up a partition with random-byte files so as to overwrite all allocated space.

VIA: ArsTechnica

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.