Android’s Default Phone Wipe Leaves a lot to be Desired

by Matt Klassen on July 11, 2014

While recycling and other safe disposal programs exist to help keep our old smartphones out of landfills the popular choice for many looking to divest themselves of that antiquated piece of technology is to resell or donate it, allowing others who are looking for a deal or might otherwise not be able to afford such a device to finally get the phone they’ve always wanted.

But before any of that can happen there is the task of wiping one’s smartphone clear of one’s personal information, a necessary step particularly given the copious amounts of sensitive information that now resides on those small handheld devices. Most phones feature a factory default option, one that most of us use as a way to wipe the device clean, making it ready for its next user. The only problem is that after using the default factory reset option, much of your information is still there.

In a recent study security software vendor Avast demonstrated the ineffectiveness of Android’s factory reset option, showing that with a little know-how—using off-the-shelf generic forensic software and very little effort—that it could restore copious amounts of personal information, even those embarrassing selfies you thought no one else would ever see.

In the study Avast purchased 20 random Android smartphones from eBay, which usually features around 80,000 used smartphones at any given time. From those phones, all of which were wiped clear with the default reset button, Avast employees were able to recover more than 40,000 photos—including 250 nude male selfies the company notes—along with 750 emails and text messages, 250 personal contacts, the identities of four of the twenty previous owners, and one completed loan application.

The problem, Avast mobile division president Jude McColgan told CNET in a recent interview, is that neither users nor Android’s factory reset functionality consider the “implications of all the personal data stored on a smartphone.”

Users thought they were doing a clean wipe and factory reinstall,” he said, but the factory reinstall is cleaning phones “only at the application layer.” By utilizing some generic forensic tools Avast was able to extract the information from deeper layers of the phones programming, layers untouched by the factory wipe.

Given that a recent court decision found that smartphones act as the “entryway to our virtual home,” holding the “privacies of life” that should be protected under the Fourth Amendment, it speaks volumes to just how intimate our relationship with our smartphone has become, and just how important it is to make sure its wiped clean before you ship it off to its next lover err… user.

It should, of course, come as no surprise to hear that Avast has you covered though, as the company noted that its own branded Android security application comes with a deletion tool that is said to do a better job of clearing personal data than the default factory reset. While I can’t say if Avast’s software is really the way to go, the study should at least make us aware that before we sell our old phone that we truly make sure its clean of all our personal data…particularly those embarrassing pictures.

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Previous post:

Next post: