Secure Deletion

Search This thread
By:
Advanced…
M

mike_1983

Senior Member
Aug 21, 2011
55
1
A few weeks ago there was something on the UK news about smart phone data and how when you sell/recycle your phone most people leave accessible data on the phone after a factory reset. There was lots of trying to shock people (reading out text messages and browser history) but the solutions were barely discussed, all that was said was something like "There are programs that can overwrite your data"

So what do people do when they sell their android phone? I've seen an app in the play store called nuke my device, it basically overwrites the internal SD card then does a factory reset, I'm still not sure that would totally erase all data though?
 
Veeshush

Veeshush

Member
Feb 6, 2014
31
6
I know all about methods for PC hard drives, but I too wouldn't mind knowing how android systems should be handled.
 
M

mike_1983

Senior Member
Aug 21, 2011
55
1
Yeah I know about PC Hard drives too. I have bought the nuke my device app from the play store, its cheap, I haven't used it yet!
 
R

Ryccardo

Senior Member
Nov 12, 2013
509
171
28
Imola
To block undeleters it's sufficient to fill space with "generic" data then delete the file :)

As for removing the chip and using an external programmers, some indeed expose raw memory over the pins (MTD chips) and there's no reasonable way to wipe the hidden areas (well, assuming you want a device that still works - otherwise there's the Cobra 6 method), others have on-chip mappers (all SD cards including eMMC) which can have a TRIM command -- which however has historically been a major cause of bricks on some controller firmwares...
 
  • Like
Reactions: Veeshush
M

mike_1983

Senior Member
Aug 21, 2011
55
1
When I posted I was looking at some similar threads, someone made a program that deleted everything on the phone except the recovery (then you could flash another rom - I don't know if it overwrote or just deleted) I think it was for an Asus transformer tablet.

Whenever I've sold something before I have just connected it to my computer and written large files to all the available space. I don't have any sensitive data but I like to make sure everything is deleted before I sell something.

I'm surprised there's not more information/apps or whatever on this subject (wiping android) there's lots of programs for PC's to securely wipe drives. Some sites mention about encrypting the phone then wiping it, I guess that's the way to go.
 
R

repat

Member
Jul 13, 2010
10
2
Hamburg
repat.de
My first thought was too, that it must be different from hard drives.

My initial idea would be to encrypt everything. Luckily since Honeycomb, Android supports this out of the box(but it's not hardware based) So even if data can be restored, it'd be nonsense(if the manufactorer implemented it correctly). You could choose a strong password, because you won't need to remember it anyway since you wipe the phone afterwards.

I found this article that agrees with me:) androidcentral.com/securely-wiping-your-android-phone-makes-it-just-fine-sell-fud

Then there is this article on lifehacker: lifehacker.com/5808280/what-should-i-do-with-my-phone-before-i-sell-it

Money quote:

Alternatively, there's the ultimate security tool if you're worried about someone pulling data from your phone: don't sell it.
Click to expand...
Click to collapse

:D

A little off topic: Another solution would be to just store sensitive data on a SD card and remove it before selling. Plus you could use tools like EDS(Lite) to store sensitive data in container. Sync them via a cloud service and open them on your computer with TrueCrypt.
 
R

Ryccardo

Senior Member
Nov 12, 2013
509
171
28
Imola
Boot into recovery and dd /dev/urandom over the /data, /cache and /sdcard partitions, then from the GUI reformat them...

Not perfect but well enough to prevent someone imaging from those partitions to their PC and running an undeleter (or hex editor) on the partition images!
 
  • Like
Reactions: CHEF-KOCH
You must log in or register to reply here.

Similar threads

U
[TUTO] How To Secure Your Phone
Replies
366
Views
97K
OldNoobOne
OldNoobOne
sancho_panzer
  • Locked
[SECURITY] Android Security for Conscious Mind
Replies
254
Views
40K
jcase
jcase
jcase
[CVE-2013-3685][Root]Multiple LG Android devices, Sprite Software Backup
Replies
81
Views
133K
C
c0k3r
C
[SECURITY] Multiple Android Superuser vulnerabilities
Replies
10
Views
36K
D
diabolicalprophecy
jcase
  • Sticky
Android (and other) Security resources - Get your learning on
Replies
15
Views
37K
galaxys
galaxys

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 1
    R
    Ryccardo
    To block undeleters it's sufficient to fill space with "generic" data then delete the file :)

    As for removing the chip and using an external programmers, some indeed expose raw memory over the pins (MTD chips) and there's no reasonable way to wipe the hidden areas (well, assuming you want a device that still works - otherwise there's the Cobra 6 method), others have on-chip mappers (all SD cards including eMMC) which can have a TRIM command -- which however has historically been a major cause of bricks on some controller firmwares...
    View
    1
    R
    Ryccardo
    Boot into recovery and dd /dev/urandom over the /data, /cache and /sdcard partitions, then from the GUI reformat them...

    Not perfect but well enough to prevent someone imaging from those partitions to their PC and running an undeleter (or hex editor) on the partition images!
    View

New posts