Your personal data may not be completely removed with an Android factory reset
posted by Maxwell R. / Jul 08, 2014, 3:00 PM
You have taken really good care of your older Android device and are certain that it will get a great price from an eager buyer. All you need to do is perform a factory reset and you are good to go, right? Maybe not.
AVAST, an anti-virus software and provides free software, as well as paid services for consumers and businesses alike, took to the internet and bought 20 used Android phones for the purposes of seeing how much, if any, personal data was still on the devices after a factory wipe and reset had been performed. The results were stunning to say the least.
With the help of some off-the-shelf digital forensic software (such as FTK Imager), AVAST was able to cover the following:
- Over 40,000 stored photos
- More than 1,500 family photos of children
- More than 750 photos of women with varying degrees of clothing on (or off)
- More than 250 selfies taken by men doing their best imitation of former Congressman Anthony Weiner
- Over 1,000 Google searches
- At least 750 emails and text messages
- More than 250 contacts names and email addresses
- Four previous owners’ identities
- One completed loan application
What is happening then? AVAST’s press release does not note if any of the devices were, in fact, not factory reset or if there were any errors in how devices might have been reset. We also do not know how old, or what version the operating system is on the devices. We reached out to AVAST to see if there were any other variables worth noting in their findings. Taking those issues aside, where is the factory reset falling short? The reset in these instances seems to be focused more on the application layer, and not much more.
AVAST noted that its anti-theft app, free on Google Play, has the ability to delete and overwrite these personal files along with a host of other features. That app, avast! Anti-Theft, and dozens of others may be worth considering before putting your former device, a veritable digital life-wallet up for sale.
UPDATE: We sent a few questions to AVAST to get some idea of what they were working with when the embarked on this little project. We heard back from Jaromír Hořejší, malware analyst, and Tomas Zeman, Mobile Product Manager at AVAST.
Q: Were there any indications that any of the devices were not properly "factory reset?"
A: The majority of the phones were factory reset, however there were some that our virus lab started and went via default setup tutorial.
Q: What version of the operating system was installed on the devices?
A: All different android versions were present, most of the phones had Android version 4 (different versions), some others had Android version 2.3.x called Gingerbread.
Q: Was AVAST able to replicate the results? - meaning, re-wiping a device and still finding data?
A: Yes, we did proper factory reset on some phones (in case the owner had not done this) and were still able to find data. Therefore, we were able to replicate our experiments.
Q: Aside from the "application layer" being wiped, is there any explanation from AVAST's point-of-view as to how and why the factory reset is so ineffective?
A: It depends on the manufacturer's implementation. If the implementation of factory reset was correct, nothing was recovered. If the implementation is incorrect, we were able to recover some data.
As for the 20 devices AVAST bought on the secondary market to take on this project, the breakdown is as follows:
HTC EVO V 4G
HTC One X
HTC Sensation 4G
Motorola Droid RAZR (4)
Motorola ATRIX 4G
Samsung Galaxy S2 (2)
Samsung Galaxy S3 (3)
Samsung Galaxy S4 (2)
Samsung Galaxy Stratosphere
LG Optimus (2)
Based on the answers, where implementation "was correct," and nothing was recovered, if nothing else, this serves as a handy reminder to take care in properly preparing your devices before you part ways with them.
sources: AVAST via CNET
Posts: 2349; Member since: Apr 18, 2011
posted on Jul 08, 2014, 3:03 PM 3
These kinds of claims need independent verification from a third party with nothing to gain from this report to be 'legit' imho. Of course I won't be surprised if it's true, when ALL hard drives or digital file storage solutions probably have this inherent flaw. Only very sophisticated 'wiping' and rewriting/overwriting the data really makes it non recoverable. Or least recoverable.
posted on Jul 08, 2014, 6:06 PM 1
Posts: 1888; Member since: Mar 30, 2011
Glad I didn't sell my old Nexus 4 then. Displaying it on my bookshelf.
posted on Jul 08, 2014, 3:08 PM 0
Posts: 251; Member since: Dec 24, 2012
lol Nexus 4 isn't even old :D
posted on Jul 08, 2014, 3:36 PM 6
Posts: 52; Member since: Jul 07, 2014
Sounds like a marketing ploy to me. I usually sell my old phones preloaded with weiner pics for the new owner to enjoy.
posted on Jul 08, 2014, 3:12 PM 20
Posts: 6330; Member since: Mar 31, 2010
Well, it is like if you did a factory reset on your PC - guess what? The stuff is still there for myself or someone in police forensics to find - you have to do a secure wipe to completely wipe a hard drive - same thing with Android, I suppose, and with Android it is better to do a system wipe than just a factory reset...
posted on Jul 08, 2014, 3:18 PM 8
Posts: 1188; Member since: Mar 20, 2012
The Po Po's use a Cellebrite machine that can retrieve ALL lost data. The machine is like $10,000.
posted on Jul 08, 2014, 5:15 PM 0
Posts: 1021; Member since: Nov 02, 2013
That's Android, gentlemen.
posted on Jul 08, 2014, 5:35 PM 2
Posts: 1442; Member since: Nov 19, 2012
It's the same on your PC… that's why there are tools that completely erase your deleted files on the hard disk by writing random patterns multiple times over them (up to 30 times on everu file) so that they can't be recovered. It's normal, unless you encrypt your hard disk (you can do it in linux, and even in android, the option is in the preferences), so why something that is perfectly known (and has always been like this since when computers were invented) has suddendly become an android's issue?
posted on Jul 08, 2014, 6:13 PM 3
Posts: 3576; Member since: Jul 06, 2013
Do you really trust that iOS, and WindowsPhone, erase everything permanently?.... I doubt it. .............. You can't be 100% sure if you didn't code it... Not even WP team members are 100% sure, because no one developer coded the OS.... Please don't troll.. There's some good Android fans here... We love WP, but we don't have to defend it, and we definitely shouldn't stoop to the rock bottom low level of trolls... Remember that!
posted on Jul 08, 2014, 6:23 PM 2
Posts: 3576; Member since: Jul 06, 2013
That's nice... Maybe one day MS will let up on access to WP so that it'll enable, and attract, developers to make these kinds of apps for the platform... ............... But, how do we know they work?
posted on Jul 08, 2014, 6:32 PM 0
Posts: 2236; Member since: Jun 14, 2013
The source article actually states that the iOS devices are clean because iOS overwrites the data partition with 1's, and the newest models remove the encryption keys rendering anything left behind unreadable.
posted on Jul 08, 2014, 8:35 PM 1
Lol I fee sorry for these virus app to be making bogus claim so people can buy then... been using Android since 2009 no problem here
posted on Jul 08, 2014, 6:23 PM 3
Posts: 1021; Member since: Nov 02, 2013
No problem you are aware of. And that's the real problem when it comes to security.
posted on Jul 08, 2014, 6:59 PM 0
Posts: 111; Member since: Sep 16, 2013
The real problem to security comes from user itself. One can have a super strong antivirus, that updates definitions almost instantly, as they become available, and that too on a super locked OS, where the potential for hacking is quite less, but still be at a security risk if the user just goes on around without knowing anything and writes random, corrupted data or spyware on that OS and also gives permission to it for running and data collection. In today's world, one needs to be smart himself/herself, rather than just sit and enjoy browsing stuff and downloading unknown things. If one has to worry so much about things needing to be super secure just out of the box, then he/she may wear a tinfoil and go to the period when mobiles didn't exist. And to be very frank, I myself have been running windows 7 home basic on my old laptop, without any antivirus, but haven't got even one issue or virus/malware/adware/spyware on it, and I browse many sites daily, and even if things did sneak in I myself know how to remove things and where they can be located. Hope this contributes to the dense brains of many fanbabies here.
posted on Jul 09, 2014, 6:55 AM 1
Send a warning to post author
Send a warning to Selected user.
The user has 0 warnings currently.
Next warning will result in ban!
Ban user and delete all posts
Message to PhoneArena moderator (optional):