Using the factory reset is common when giving away / selling an old smartphone or tablet, clearing out personal information so the new owner can start afresh, and the previous owner can rest assured that all personal information is wiped.
But.. what if the data is not wiped properly? A study from Cambridge University has raised doubts about the reliability of this function across Android hardware. It focused on tests performed on 21 devices from five manufacturers, running different versions of the popular operating system.
Unfortunately, the researchers could successfully recover partial data after the factory reset was carried out. Even with Full Disk Encryption, some data recovery was still achieved.
In 80 percent of the devices, the researchers could recover the master token required to access Google services. They could also recover login information for other services, as well as images, videos, contacts and so on.
There are a variety of reasons for the problem, with one being manufacturers failing to include adequate drivers that would be needed to properly erase the internal memory, or removable flash memory of a device.
This flaw could affect more than half a billion devices.
Sources and Recommended Reading:
Security Analysis of Android Factory Resets (PDF): www.cl.cam.ac.uk
Written by: James Delahunty @ 24 May 2015 17:13
