Researchers at the University of Cambridge have discovered that not all sensitive user data will be deleted after a hard-reset an Android device. Among this information on contacts, access credentials, photo.
Half a billion Android devices does not guarantee the elimination of all data with the execution of the function of factory default reset. When you perform a system restore to factory, much sensitive data such as log-in credentials, text messages, e-mail or contact list, may still be recoverable. And this time there seems to be no conflict of interest: it is not a security company to present the news, but some computer scientists at the University of Cambridge.
In their experiments, they could recover data on a very broad range of devices on which it was performed a factory reset. The Reset to Factory is the most profound for the total cancellation of all sensitive data from the storage device, usually the one to which you rely before selling it or recycle it in some way. The study also discovered that enabling disk encryption can be retrieved at a later time data stored previously.
Based on the models analyzed in the tests, the researchers deduced that could be about 500 million devices in circulation that do not perform a full wipe partition of the flash drive, while about 630 million do not provide the ability to delete all data from the card of memory installed. Specifically, they were considered 21 Android smartphones, updated up to version 4.3 of the operating system (so nothing Lollipop). On all models the researchers could retrieve fragments of data from native apps, but also third parties.
Among the data collected we find contact information on Facebook or WhatsApp, images taken with the same devices, conversations by SMS and email applications. In 80% of the devices, in addition, the researchers could find the master token that Android uses for data access of proprietary applications, such as Gmail or Calendar. As a result, during a test could be accessed after restoring the previous Google Account, with all the implications of the case.
” After rebooting, your smartphone has re-synchronized contacts, email and so on, ” reads the report. ” We have recovered the token on all devices with the Factory Reset function ineffective, and the master token 80% of the time. The token for other applications such as Facebook can be recovered in a similar way. ” The researchers point out that they did not use the acquired credentials to access the account of third parties.
The inefficiency of the reset depends on the particular operation of the flash storage units designed for mobile devices. Usually, the chips are produced with a space slightly larger than those measured by the operating system to respond to any problems of production or to the loss of efficiency that occurs in the course of time. The ” fault ” may also be the producer of the same, which provides memory chips with inadequate driver to run the full cancellation of the data.
Erase all data on a flash memory is not a process so simple. What is worrying is the ineffectiveness of the methods of encryption of the previous versions of Android. This is because the key for encryption of a file is not deleted during the process of factory reset, and is protected by a PIN or a password you select. This discovery with any technical hack, the attacker can gain access to the data contained in the smartphone.
How to protect yourself, in case of sale of the Android smartphone? It would be advisable to use passwords for encryption: if one part is needed only a few hours for the deciphering of a PIN or password short, to find a long password with numbers and uppercase and lowercase characters, it could take months or even years. These should be included every time you unlock the smartphone, a request that seems prohibitive considering the number of times that you log into your phone every day.
It is more feasible instead the second solution offering researchers from the University of Cambridge, or perform a factory reset on a specific partition and then fill it with random file-byte, with the aim of course to fill all the unallocated space. In addition, the application that applies this procedure should be installed manually through .apk file, so as to prevent the token of Google resides after reset on the storage memory.
On the Beach? Destroy the device and do not sell it, but this is a drastic solution, and of course does not apply in case of loss or theft of the device. We must consider that with the latest versions of Android, the technical management of the encryption is changed and it is possible that this is more effective. Although researchers warn that even some of the newer devices may be ineffective techniques factory reset.