A simple example, firm Avast, engaged in the development of antivirus software, was ordered on eBay 20 used phones. With the help of readily available software information recovery, she gained access to 40 000 pictures, 1000 searches, hundreds of emails and even credit card data. One can only imagine what I can do with these hackers data remaining after the reset of the smartphone.
The reset: why not working?
About the problem in resetting the smartphone to factory settings reported during the first major study of Android security. Scientists from Cambridge gave a detailed report to Google. However, the company did nothing to resolve the situation. Researchers have tested a number of used Android smartphones. In each case, they managed to retrieve a piece of data from the previous account. In particular, in 80% of cases they were able to extract information about the master tokens from major networks, Google, Facebook and WhatsApp.
Master-token a kind of key to the entrance. This can be compared with installing a reliable security system on the house and put the key under the Mat. Immediately after recovery of the master-token can be brought back to life all synchronized with the machine data: access e-mail, photos on the cloud, contacts, calendar, etc.
Why private data can be recovered even after a factory reset?
There are a couple of reasons. Much of the blame is on the producers, not providing a complete cleaning of the memory. As you know, flash storage is difficult to erase. The greater responsibility is on Google, not providing users with a more reliable option. Today there are antivirus and other specialized software for the task, but the real solution should come from manufacturers.
Important! Even devices with encrypted data are not fully protected from this vulnerability. The decryption key is not changed after reset. Even though its encryption to password hackers can just will it take them a couple of days.
How to restore factory settings, erasing all data
One of the first tips improve privacy and security – use encryption phone. The function is built into all new versions of Android (6.0), although it may be located in different places of the settings each smartphone manufacturer. Traditionally, the desired option is located in “Settings” under “Security”.
The second point concerns the same encryption, you should use a strong password, generated randomly. Safe enough can be considered a code using letters of different case, numbers, symbols and a long of 11 elements. Here only to type each time the password is very inconvenient. In the most users are tempted to simply not use encryption or put a simple key combination.
The next step after restoring to factory settings is to mess up the past data by overwriting. If the place of master-token and cryptographic keys are received other information, the previous data will disappear. The easiest way to achieve the goal – to upload a couple of large video files or applications. Even now there are special utilities like Secure Erase with iShredder 6. However, better utility to install not using Google Play, or at least use a new profile. This will protect the account .
To use the above methods will not work for those users who have deleted their own data remotely after a theft or loss of your device. They can only help the decision from the official manufacturer, which now does not exist.
You also thought that protection of their data reset to factory condition? Leave your thoughts in the comments.