14 DAY TRIAL // Sometimes you want to hand out a mobile device to another member of the family or just sell it, but before doing so you perform a factory reset that’s supposed to wipe out all your private data.
Well, according to BBC, the statement above applies only in theory. Research conducted in three distinct investigations to verify the validity of the Android data deleting system found that it was still possible to recover the “lost” information.
While experimenting with several Android devices, the people conducting the research noticed that Tesco’s budget Hudl tablet contained a flaw allowing attackers to access data saved to the onboard memory.
The trouble with Hudl lies at the heart of the Rockchip processor powering it. All mobile devices have a “flash mode” used to update the onboard firmware and to save data.
But there’s a flaw in the firmware which allows you not only to write but also to read from it. With the help of a free software tool, the researchers were able to recover and gain access to info from Tesco Hudl devices which had previously been factory reset.
The experimenters managed to retrieve sensitive information like Pin codes for unlocking the device, Wi-Fi keys, cookies and such – more than enough for possible attackers to “disguise” themselves as the true owner of the device.
The devices used in the study were all second-hand machines purchased from eBay. Google itself is aware of the risks and has a few guide lines for people selling their gadgets in order to help them maintain their privacy.
“If you sell or dispose of your device, we recommend you enable encryption on your device and apply a factory reset beforehand.”
Tesco itself is advising their customers to use a data wipe program before selling their device, but it doesn't give us an example of such a program.
But even if you take the necessary precautions and follow the instructions provided by Google and Tesco, you're still not safe. A number of studies have shown that retrieving the so-called “deleted” information off Android devices is quite easy.
Basically, the factory reset will only remove the index of where data lives, but does not actually remove the data per se. Comparatively, a secure wipe involves removing the index and overwriting the info onboard using zeros, so the information can’t be accessed anymore.
Some motivated fellows even found way to recover info from Apple devices. Apparently, there are gateways in the iOS platform which allows attackers to bypass data encryption and gain access to the previous owner’s information.