Selling a smartphone may leak private information: what you need to do
If you are a regular here on Ghacks you know that one needs to be careful when it comes to giving away or selling old devices that were used for storage (read used hard drives still haven for identity theft from 2008 for example)
This can be an external hard drive, an old PC or laptop, or a smartphone or tablet. As long as there is permanent storage, there is the chance that data may be recovered even if you have deleted it or used a reset option to restore a factory state.
The reason why is simple: deleting files does not really remove the files from the storage device it only deletes the pointer to it. The occupied storage space gets overwritten with new data eventually which is the reason why the chance of data recovery drops with age.
Avast ran an experiment recently that came to alarming results. Well, if you are a reader here you know what is coming. The company bought 20 used Android smartphones on eBay and used file recovery software to restore deleted data on those phones.
The result? More than 40,000 photos of which 1500 were of families and children, 750 of woman undressing or naked, and 250 of men photographing their manhood.
In addition, Avast was able to recover 750 emails and text messages, 1000 Google searches, four identities, a completed loan application and more than 250 contact names and email addresses.
How did Avast recover the data?
Avast used the forensic tool FTK Imager by Access Data to mount an storage image to analyze it using the forensic tool.
Avast did use three main methods to recover user data:
- Just mount the device if the owner did not delete any of the data or made no attempt to delete it.
- Logical analysis to backup the entire data and go through it later on.
- Low level analysis which looked at an exact, bit by bit, copy of the userdata partition.
Avast did not reveal on how many devices the data was not deleted at all by its pre
What you do about it
The best defense against the attack form is to keep your devices or destroy them properly instead of giving them away or selling them.
This may however not always be possible. If the device supports external storage, you may want to add extra storage to it and save all important databases, files, and other data to the extra storage and not the internal one.
Before you sell the device you'd simply remove the extra storage card from it and with it all the data that you stored on it.
Any data that you stored on internal storage can be deleted using secure deletion software or apps. The following is just a selection of applications that you may use for that purpose.
- Secure Erase with iShredder supports several file overwrite algorithms to delete files so that they cannot be recovered.
- Secure Wipe will overwrite free space to make any deleted data un-restorable.
Avast Anti-Theftsupports a wipe feature that can erase the phone's memory so that it cannot be recovered by data recovery software. Secure Deletion for Android (â‚¬2.20)makes sure that deleted data is erased in a way on the phone that it cannot be stored anymore.
- iShredder is also available for iOS.
- According to some sources, selecting Settings > General > Reset > Erase all Content and Settings is enough on iOS to securely delete all data.
You may want to test how well the wiping went. This usually comes down to connecting the device to a computer, enabling USB debugging, and running data recovery on the computer on the connected storage cards of the mobile device.
Check out this guide for Android for example which walks you through the steps. You can also read Avast's guide on how the company investigated the Android devices that it purchased on eBay here.
For Android, instead of an App, I guess you could just encrypt your phone, then wipe it and sell it. Though, I am not sure if the encryption on android automatically encrypts “free” space.
The rate is low that someone would try to recover data instead of just wanting to use your old phone, but it’s better safe than sorry.
Don’t smartphones use solid-state memory? If so, surely secure deletion software will be useless due to wear-levelling?
The only real solution is full device encryption that encrypts the entire storage space, so that any recovered data will be useless without decryption key.
Selling an ANDROID smartphone….. iOS smartphones are encrypted and you can’t restore data from wiped iPhone/iPad.