Factory Reset On Millions of Android Devices Doesn't Wipe Storage

Bismillah writes: Ross Anderson and Laurent Simon of Cambridge University studied a range of Android devices and found that even though a "factory reset" is supposed to fully wipe storage, it often doesn't. Interestingly enough, full-device encryption could be compromised by the incomplete wiping too. ITnews reports: "The researchers estimated that 500 million Android devices may not fully wipe device disk partitions. As many as 630 million phones may not wipe internal SD cards. Five 'critical failures' were outlined in the researchers' Security Analysis of Android Factory Resets paper.

That's why you use encrypted storage.

That's why you use encrypted storage.

If you aren't able to use encrypted storage, then you destroy the device.

Re:That's why you use encrypted storage.

" Interestingly enough, full-device encryption could be compromised by the incomplete wiping too. "

All using ancient devices

[brunes69]

"fragile full-disk encryption up to Android v4.4 (KitKat)."

"Twenty-six second-hand Android phones running versions 2.3 to 4.3 of the operating system, sold by five handset makers, were tested."

This paper did not look at Android 4.4 or above, IE, the only versions of Android that actually properly supported and advertised full disk encryption in the first place. Full disk encryption on any device prior to 4.4 was basically something the manufacturer cooked up.

If this paper shows anything to me, it is not so much about Android, it is more about how we have to force carriers to stop requiring this goddamn nonsense useless "carrier certification" so that Google can push device manufacturers to allow more direct and timely software updates.

Re:All using ancient devices

[thegarbz]

Doesn't change much unless full disk encryption is enabled by default. In most cases it isn't. It still relies on a user doing something they typically won't do.

The real problem is that factory reset functions in the bootloader don't actually factory reset the phones. Factory reset means one thing and one thing only, a clean slate. There should be no scenario at all where a factory reset will preserve user data. Give the user the option to do a different form of reset, but don't ever preserve data and "claim" that the result is a "factory reset".

Re:All using ancient devices

[gstoddart]

Yes, and how many of those devices are supposed to support the factory reset which wipes all the storage?

What's that? All of them?

Full disk encryption is one of 5 problems they found, but not the main one.

the researchers found that all retained at least partial amounts of data from contacts information, images and video, SMS, email, and data from third-party apps like Facebook.

They were able to recover Google authentication tokens in all devices with flawed factory reset, and were able to access master tokens in 80 percent of cases.

To test their findings, they used one of the recovered master tokens from a reset to restore the credential file.

Disk encryption, in theory, should make the factory reset more robust. But the sense I get is that the factory reset is complete garbage independent of encryption on some of these devices.

Which mostly reaffirms that I have no interest in anything but the stock Google Android. Because by the time another entity has gotten their hands on it and tweaked it to advance their own commercial interests , you really have no idea of what holes they've introduced, and you have no idea how long before they'll drop support for it.

Carrier certification is shorthand for "all of our crapware needs to be checked if we get around it". The shit carriers put on phones is for their benefit, not ours. Because it's intended to drive traffic to their garbage.

Re:All using ancient devices

[jandrese]

So the lesson is that if you have a pre-Android 4.3 phone, you definitely need to upgrade it to 4.4 or later. No problem.

Re:All using ancient devices

[caseih]

Meh. Android 4.4 broke SD cards completely. My phone runs android 4.2, and it works, so I don't want to mess with it. I think that's how a lot of people are, despite security bug risks. I like Android in general but there's a lot I don't like. One of them is that updates are dependent on the vendor. The other is the murky world of semi-legal firmware distributions that rely on crappy forums for developer interaction with no public version control, no nice spots for download. Who knows what's in Joe's firmware posted on some random forum post? Leaves a bad taste in my mouth the way most android development is done.

Re:All using ancient devices

Chances are you will want to do a full wipe of your old phone before you upgrade to a new phone, since you might want to sell your old one for a few dollars, or just don't want to give the data to whoever might pick it out of the trash/recycling.

If the data wipe doesn't work on older devices, it's more of a problem than it not working on brand new devices, since chances are high that people will want to keep those for a while longer and the problem can be fixed. In the meantime, if you have an older Android device and plan on upgrading, don't upgrade until the bug is fixed, or you're willing not to make any money from your old phone (you could use a sledge hammer).

Re:All using ancient devices

[Imazalil]

While it is not so much about Android, it is bout Google. Apple managed to keep carriers out of their phones all together. Google could have as well, but they didn't. Everyone knew what a mess carriers were even back then (buy a ringtone from us for $4.99!), but Google went along with it.

Re:All using ancient devices

[CastrTroy]

If this paper shows anything to me, it is not so much about Android, it is more about how we have to force carriers to stop requiring this goddamn nonsense useless "carrier certification" so that Google can push device manufacturers to allow more direct and timely software updates.

This is basically the reason the new phone I got it not Android. They have a long track record of not being able to get updates onto phones. It is simply unacceptable to not receive any updates on a phone that I paid good money for.

Re:All using ancient devices

[the_B0fh]

What's the definition for abuse? Keep coming back because the next time, it'll be better, I promise!

Re:All using ancient devices

[mlts]

The good news is that there are apps (which require root) which will modify SELinux so that the SD card is usable. Since most SD cards are using FAT32, there isn't any real way to enforce permissions, so for security reasons, the card wound up being locked from most apps completely.

Of course, it would be nice if the SD card could be formatted with ext4, so permissions could be enforced.

Another option, which was part of Linux, but pulled out a long time ago, was the UMSDOS filesystem. What this did was put Linux permissions and ACLs atop of FAT/FAT32. Yes, this was a kludge... but it worked without having any changes to the filesystem (other than the marker files) in place. This might be a way to go, since it would allow the phone to enforce app permissions on a filesystem that normally doesn't support it.

Re:All using ancient devices

[mlts]

Newer phones respond to fstrim/blkdiscard, so one can use those tools to fire off TRIM commands, zeroing all data. For example, if one wants to ensure /data isn't available, one could do a blkdiscard of /data's device, or run fstrim on the mounted /data partition to have the SSD zero out all free pages. Similar with /system. Delete all extraneous data, mount it read-write, fstrim it.

Re:All using ancient devices

>This paper did not look at Android 4.4 or above

You mean they didn't test it on all 219 android versions with significant user base?

Re:All using ancient devices

[jandrese]

Why can't Android devices mount EXT4 formatted SD cards? Or better yet, format them if they're FAT32? Granted you won't be able to plug your SD card into your camera or Windows box, but I don't think that's a common use case for cards stuffed in phones.

Re:All using ancient devices

[Shirley+Marquez]

On early phones, taking the SD card out of your phone and putting it in your computer was a common use case. It was usually a much faster way to get files onto it than tethering the phone by USB was. And those old phones had card slots that were right on the side of the device so the card was easy to remove and replace.

I remember doing that for my first smartphone (Sprint Evo 4G); the SD card was a pain to get to (you had to take off the back cover and remove the battery) but the phone's SD data transfer was very slow so you still came out ahead if you wanted to fill the entire card. And on that old version of Android, tethering the phone and mounting the SD card on your computer unmounted the card from the phone, which made my phone nearly useless because I had transferred as many apps as possible to SD, something you could still do back in the days of Gingerbread. So turning off the phone to do the SD transfer wasn't a major imposition.

Modern Android devices don't actually mount as a file system on your computer; they instead use MTP (media transfer protocol) to make files visible over USB. (The computer's OS may display the MTP device in a way that LOOKS like a mounted file system, but that doesn't change the fact that a different mechanism is used under the hood.) That eliminates the problem of having to unmount the SD card from the phone. It's not in theory any faster, but new devices usually have much faster USB implementations so there is no real speed advantage to taking the card out. And the cards are usually still buried in some location where they are hard to take out, unlike tablets and media players that typically have them accessible from the outside.

Re:All using ancient devices

[Neil+Boekend]

Side slots suck because people tend to forget to unmount the card, with data integrity issues as a result. With the card behind the battery this is not an issue.

New news about Old software

[gavron]

The analysis paper starts out by saying "With hundreds of millions of devices expected to be traded by 2018, flaws...could be a serious problem." Unfortunately that same analysis focused on Android operating systems PRIOR to v4.4 (KitKat), which was released in October 2013 (https://en.wikipedia.org/wiki/Android_version_history).

Since then, Android has released major versions (4.4 Kitkat, 5.0 Lollipop) and various major updates within those families (4.4.2, 4.4.4, 5.1). To put this in perspective, they're talking about risks in 2018 from software no newer than 2013 while writing and publishing in 2015. That's a classic case of picking your data to fit your conclusion, or cherry picking (https://en.wikipedia.org/wiki/Cherry_picking_%28fallacy%29).

There were many fixes in Android security systems in 4.4 and also in 5.0. 5.0 now supports hardware encryption on e.g. HTC and OnePlusOne platforms among others. To apply "anyone can get the key and brute-force a password"[paraphrased] is to deny that no, you can't.

It's often more convenient for "researchers" to provide something with glitz and hype to catch the media's attention, but in this case the hype cherry-picks data that ignores two years of active open-source development and many security updates.

Poor science and hyperbolic headlines make for brain-free reading.

Ehud Gavron
Tucson AZ
CPL-H

Re:New news about Old software

I think what trading means is second hand trading. In a few years all those old phones are upgraded and sold, and the owner wants them clean.

Re:New news about Old software

[DaveM753]

It sounds to me as though you think nobody is affected by this. The study refers to phones that are already in service and at an age where many people are considering trading up to newer devices -- potentially falling victim to a huge privacy and security issue. I have an Android device right beside me that falls into this category. It never occured to me -- until now -- that the factory reset function could potentially fail to sanitize its data storage. T-Mobile is my carrier and there have been exactly zero operating system updates available to my device since 2013, so I don't get any of the fancy, new factory reset functionality that newer Android versions have.

This study's authors have done a terrific job in warning me of a privacy/security issue. Kudos.

Re:New news about Old software

[thegarbz]

Since then, Android has released major versions (4.4 Kitkat, 5.0 Lollipop) and various major updates within those families (4.4.2, 4.4.4, 5.1). To put this in perspective, they're talking about risks in 2018 from software no newer than 2013 while writing and publishing in 2015.

More than half of current devices in the hands of people have the versions which they tested.

There were many fixes in Android security systems in 4.4 and also in 5.0.

Which has nothing to do with factory reset, a function implemented by the manufacturer and not a function of Android itself. Unless the manufacturers have picked up on it, 5.0 devices are just as likely to preserve user data as previous devices.

5.0 now supports hardware encryption on e.g. HTC and OnePlusOne platforms among others.

Supports means nothing. No actually it means a lot. Hardware encryption is currently supported by a tiny TINY portion of the handsets out there. But here's a fun fact for you, supported doesn't mean the end user will use it. 5.0 does not mandate encryption by default. It's not an opt out process. I don't even need to guess how many users went out of their way to turn this feature on.

but in this case the hype cherry-picks data that ignores two years of active open-source development and many security updates

All which mean diddleysquat in practical terms if the updates haven't filtered down to the population, and the updates mandate proper security practices. Neither of which has occurred in the past 2 years.

Re:New news about Old software

[fateblossom]

In a few years all those old phones are upgraded and sold, and the owner wants them clean.

Android 4.4 The newest version that they did not test. Is from October 2013. And I know that OME's takes some time to switch to new versions of Android.
But lets say that the last was switch one year later. So October 2014. That makes the phone 8 month old by now. And it was not a High End device.

So in a few years. Then it's a really old device. So how would buy it?

I can understand people want to sell there old phone. But a old Smartphone is OLD!!! And you can get new low/mid range devices pretty cheap

Re:New news about Old software

So, any person who bought a phone or tablet more than 7 months ago should have no security updates for major issues? I have a phone I got 4 Christmas that was originally released about 1.5 years ago and a tablet I bought 1 year ago. The phone runs Android 4.2 and the tablet Android 4.1. Next time I need to wipe the tablet, I believe I will try cyanogen but the phone requires special voip software issued by the service provider and anyway is not a model cyanogen supports--so what should I do? Yes, I could buy a new, just released top of the line phone every time a security breach is discovered in android but a) I don't really have the money or patience for that and b) that's an environmentally-friendly business model. I think google messed up badly and won't take responsibility for their issues (and yes, carriers and hardware suppliers should also be dealing with these problems). I can understand that at some point stuff is just too old to support but I don't think anything that was released as an Android 4-something should be at that point and possibly nothing android 3 or later.

Re:New news about Old software

They're extremely clear that they picked older devices (although they weren't all that old when they actually did the experiement) and explain exactly why they did so, so I'm not sure why you are so eager to throw the "bad science" accusation at them. They picked phones that were representative of the second hand market *at the time they were doing the work*. It takes time to perform experiments and write papers. Sometimes scientific research lags as a result. What they have done seems perfectly valid and they make no claims that their study is anything other than an analysis of the security of factory resets from a specified range of android versions. Yes, modern android versions are different but they make no claims about that. Plus, given that one of the reasons to use factory reset is when selling a device it makes sense to consider devices that are now "getting on a bit"---they're the ones that people sell, and lots of people are still running these devices on older android versions (because carriers won't update them).

Direct quote from the paper:

"Between January and May 2014, we bought secondhand Android phones from eBay and from phone recycling companies in the UK, randomly selecting devices based on availability... ...We studied 26 different devices (list provided in Appendices) from 5 vendors, running Android versions ranging from v2.2 (Froyo) to v4.3 (Jelly Bean). These Android versions are resold more frequently and are being traded today. Fig. 4 shows the distribution of Android versions for our samples, compared to active devices in June 2013 and in March 2014, as reported by Google’s Dashboard5.

Our samples are not representative of the OS version distribution at the time of acquisition, but are similar to the world-wide distribution 6 months earlier, in June 2013 (as one might expect from the time taken for new phones to enter the secondhand market). In September 2013, Google announced that one billion devices had been activated6. This represents 340M Gingerbread (GB, v2.3.x) devices, 230M Ice Cream Sandwich (ICS, v4.0.x) devices and 380M Jelly Bean (JB, v4.[1-3]) devices. Our samples are representative of the second-hand market at the time of acquisition."

Re:New news about Old software

[Overzeetop]

I'll remember this when selling my device which I store TS-SCI rated data on.

FTFA, "Individuals buying devices on auction websites such as
eBay are possible attackers. They need to spend a nonnegligible
time to bid and follow up on auctions. Furthermore,
they have to pay a few dollars for commission
and shipping fees for each device. So low-value data
like contacts and email addresses do not seem profitable.
Recovery and analysis of conversations and images (to
blackmail victims) would generally require human intervention
or more advanced tools..."

So you're looking at someone putting finds an time into low level analysis of your phone in hopes of gleaning some data which would either allow them to compromise your financial resources or offer blackmail opportunities. I'm sorry, but the intersection of buyer and financially valuable data which has a payback rate greater than that of acquisition and recovery is small enough that I'm really having a hard time worrying about it.

Re:New news about Old software

[the_B0fh]

And what do you call a person who continues to support this business model?

If that's possible, then it isn't encryption.

No shit, you can get the encrypted data if it isn't wiped.

If the "encrypted" data can still be compromised, then it isn't truly encrypted, so encrypted storage isn't being used, and thus the "destroy the device" part applies.

Truly encrypted data is indistinguishable from random data to an attacker. In fact, that's even better than a reset device's storage being zeroed or oned out, since it doesn't indicate that the device had been obviously reset.

Besides, the summary is wrong. If you actually read the article, it says (emphasis added)

For Android users wanting to ensure their data is completely wiped from their device, the researchers suggested turning on full-disk encryption where it is offered

Re:If that's possible, then it isn't encryption.

[ledow]

Indeed - the whole point of full-disk encryption is that "reset" really consists of "zero the place where the master key was stored, which was encrypted by the user passphrase".

Do that, and do that effectively, and you don't have to touch ANYTHING else - it all becomes random gibberish without a valid key. It could literally mean just keeping a couple of hundred bytes of RAM in an EEPROM and then destroying it on "factory reset".

For convenience of detection, however, you may want to zero the first few sectors of the storage so that filesystem probes see it as "no filesystem" rather than as random gibberish. But that's got zero impact on the data that WAS within it.

There's a reason that everything before 4.4 was third-party encryption and untrusted. There's a reason that proper, system-level full storage encryption (including SD card encryption) required changes to the OS. Since then, however, you just need to make sure nobody has your passphrase to stop them getting into your device. Then make sure that nobody has the passphrase-encrypted key blocks at the beginning of the disk (usually) and the data is nothing more than random gibberish.

About the only thing needing a complete wipe of all data is really if you're put into duress to provide a key (which would obviously then provide the data) or if a key is discovered and someone wishes to prove that you DID hold the key / data (by provably decrypting with that key to show that it must have been the right one and, maybe, therefore that you had knowledge of it).

Wipe the key-block, and the encrypted data is basically undecryptable. Same way TrueCrypt etc. work. And even though your passphrase may only be 10 characters, the key block might well be hundreds of bytes long and THAT's what actually has to be decrypted first in order to get the real key to decrypt the rest of the data.

Re:If that's possible, then it isn't encryption.

[mlts]

The Windows format command does this. If one uses it on a BitLocker encrypted volume, it will go and zero the parts on the volume that hold the BitLocker master key, so even if someone later has a recovery password, the data is still completely gone. Same with secure erase on a number of SSDs.

Since Android is sitting on a SSD, it might be wise to move to a smarter wiping system. One that would wipe the dm-crypt data, core places of the filesystem, and after that, TRIM the entire data partition before formatting and rebuilding it. The TRIM command helps ensure that the data present isn't recoverable at the drive level, and likely will get utterly destroyed when the drive erases the TRIMmed pages.

I read about some newer phones using a chip to store the encryption key for /data, similar to how iOS does it, but when hardware starts getting involved, it becomes harder to deal with a potential backdoor.

Maybe the ideal is a small bit of storage that is used, and if it is erased, the erasure is guarenteed (where there is no way to recover previously stored data.) Then, the master key is stored there. On initial bootup, the phone prompts the user for the PIN, decrypts the key stored on that small bit of storage for the master key to /data, and proceeds from there. On an erase, /data gets force unmounted, the small storage is erased, and a blkdiscard is issued for the /data's device. Not 100%, but it will pretty much ensure anything stashed in /data is gone.

Then there is the external SD card. Unlike /data, there isn't a real standard to encrypt that storage partition. Usually it winds up being encrypted on a file by file basis with some EncFS offshot. The key for this is stored in /data, so if the phone is wiped, there isn't any way to retrieve the SD card's data. What might be an idea would be to offer the file based mechanism, but also offer the ability to format the SD card and encrypt the entire card on a device level, not just on a file by file basis.

Of course, something like phonebookfs could be used so that someone looking at the encrypted file stash on the SD card can't tell between real data and randomly generated chaff, but that may not be something for mainstream phones.

Re:If that's possible, then it isn't encryption.

If key block is on SSD, YHAL. This is why Chromebooks involve the TPM in the disk encryption. If you have a Macbook with no TPM, YHAL forever.

It is even worse on Android because the disk comes pre-encrpyted, then you set a passphrase by rewriting only the key block, so there's an old version of the keyblock inside the SSD with no passphrase that the NSA could possibly access with eMMC firmware hacks. And we already know they have hard drive firmware hacks.

Android. The "PC" of mobile devices

[DigiShaman]

See, this is why I'm a convert to Apple iOS. Yes, there are a few reputable hardware vendors for Android like Samsung and LG; and in many cases, superior hardware specs for the latest device. The problem is the hardware/software permutation and lack of post-sales support and upgrades. THIS is why I abhor the Android platform. Yes, it's open source, but it's also chaotic in quality control when comparing and contrasting between not just vendors, but the year in which the vendor brought to market! Love it or hate it, Android is pretty much anarchy wild-wild-west while Apple is, well, Apple.

I can only speak for myself, but I like consistent, stable, and well throughout platforms; even if that renders me very little control. It all comes down to trust. Burn my trust, and I walk.

Re:Android. The "PC" of mobile devices

[jones_supa]

I know exactly what you mean, but I actually like the wild west of PC and Android. Lots of interesting devices to pick from, and low prices. It's more fun.

Re:Android. The "PC" of mobile devices

I don't understand your logic. If for example, Samsung and LG make decent Android devices and provide support for them, you could buy from them and get a decent consistant Android device and support. Your logic implies you will avoid the whole platform because somehow a chinese company Hawichezza can make a crappy Android device and that makes Samsung and LG products and support for their products less desirable? I don't follow.

Do you drink wine or beer? The top quality products of beer and wine are in no way shape or form degraded by the fact there are thousands of other crappy ones around.

Re:Android. The "PC" of mobile devices

>See, this is why I'm a convert to Apple iOS.

If you really wanted full device wipe, you would be a BlackBerry convert. It's only been available since before iOS even supported copy and paste.

Re:Android. The "PC" of mobile devices

No don't you see? He's saying that he would rather just always drink Budweiser, where he knows he's got the programming of decades of advertising, and a multibillion dollar ongoing marketing campaign to brainwash him into loving it more than any other beer, without even having to go to the trouble of tasting it (which probably wouldn't work out for the best anyway)

Re:Android. The "PC" of mobile devices

I can only speak for myself, but I like consistent, stable, and well throughout platforms; even if that renders me very little control.

So what you're saying is that you want companies to do your thinking for you?

Re:Android. The "PC" of mobile devices

[DigiShaman]

So what you're saying is that you want companies to do your thinking for you?

If you mean "innovation", then yes. Make a product that I like and conforms with my life, and I'll be inclined to make a purchase. Life is too short. I don't have time to think of everything.

Re:Android. The "PC" of mobile devices

Samsung and LG reputable? LOL, I will never buy anything again from them, because of Vietnamese, Asian, whatever crap quality.

Re:Android. The "PC" of mobile devices

Yes. I have my own issues to think about that are a little more important than fiddling with a phone trying to understand why one app is constantly notifying me, but another one isn't. If someone else has time to do that, and considers that an enjoyable task--more power to them. Yeah--I'm frustrated with the lack of control on apple sometimes. I'm far from an Apple fanboy.

I was android in the early days, but switched to iOS about 3.5 years ago due mostly to a lot of problems with a particular handset and I was curious why so many people seemed to be iOS zealots. My assessment at that time was that the platforms were generally equivalent--android took more time to set up, but Apple was "easier" due to lack of control.

Well, after 3.5 years of having an iPhone, I finally got tired of the niggly little things that I didn't have quite as much control over. Also, I had to synch my iphone with iTunes which was a horribly frustrating experience that caused me days of problems. iTunes on Windows is something I would pay to NEVER have to use again. So...I decided to switch back to Android and bought a top of the line phone.

I spent a week setting up the phone, fiddling with settings & notifications and in the end returned it. My assessment is that iOS has made phenomenal leaps & strides int he past 3.5 years making the device easy to use and intuitive. Android is still the wild west--there's little consistency between how applications behave. I download between 6-12 versions of different applications for the functions I use every day, and i could not find a set of applications that all behaved in a coherent way. Notifications on android are a bloody nightmare. Handling content (messages, mails, calls, etc) is completely inconsistent because each application decides what it wants to do. Even the applications which have cross-platform versions require more steps and are more finicky to use on android than in their iOS incarnation.

So I went back to the store and traded in for a new apple device. I still wish I had a little more control over a few things, but after spending many hours with an up to date Android device, I'm very happy to give up a little control to have a device that just works in a highly efficient way.

Re:Android. The "PC" of mobile devices

He pretty clearly didn't mean innovation. You yourself said you prefer a platform that renders you very little control, and then you call that innovation. Incredible.

Re:Android. The "PC" of mobile devices

[Alan+Shutko]

If for example, Samsung and LG make decent Android devices and provide support for them, you could buy from them and get a decent consistant Android device and support.

If that were the case, you'd be safe. I don't know of a manufacturer that consistently provides bug-free devices and support for them for, say, 2 years back.

You are generally safe with Nexus devices, since you have the best chance of upgrading to the latest OS. This helps with vulnerabilities which won't be fixed in older versions of Android. But because Nexus devices shuffle between different manufacturers, you lack consistency from a hardware standpoint.

Re:Android. The "PC" of mobile devices

Pretty much all cell phones, the computer you're typing on, the monitor it's being displayed on, almost every piece of electronics in your house is from "Vietnam, Asia, whatever".

I honestly expected nothing less from someone who is befuddled at the difference between Vietnam and Asia.

Re:Android. The "PC" of mobile devices

[Slashdot+Parent]

If that were the case, you'd be safe. I don't know of a manufacturer that consistently provides bug-free devices and support for them for, say, 2 years back.

I don't know of any manufacturer, Apple included, that consistently provides bug-free devices. But if 2 years of updates is your benchmark, Samsung meets it. They have Android Lollipop (5.0.1) running on their Galaxy S4 (released April 29, 2013, so it's just over 2 years old). Granted, 5.1.1 is the true latest and greatest Android version, but it was only released on April 21, 2015, so it's a unrealistic to expect Samsung to push that out to a 2 year old device so quickly.

Re:Android. The "PC" of mobile devices

Android OS assumes you're not a dumb ass. IOS assumes you're a numbskull who has no business navigating an open OS environment.

Re:Android. The "PC" of mobile devices

[AndyCanfield]

My lenovo laptop runs Ubuntu Linux. I like to make my own choices.

Re:Android. The "PC" of mobile devices

So, the numbskull can ensure a more secure erase??

Re:Android. The "PC" of mobile devices

[ncc74656]

You are generally safe with Nexus devices, since you have the best chance of upgrading to the latest OS.

A device with an unlocked bootloader is also more likely to be more future-proof. I have a newer version of KitKat running on my Galaxy Tab 2 7.0 (4.4.4) than on my considerably newer Moto X (4.4). The tablet's running Cyanogenmod...have no idea if Samsung ever got around to spinning a KitKat build for it, and don't particularly care at this point as the only thing that doesn't work under Cyanogenmod is the IR blaster. My phone, OTOH? Motorola has pushed newer versions (maybe even Lollipop now), but the bootloader is locked and you can't even root newer firmware versions (rooting 4.4.4 requires an unlocked bootloader first).

That new phone that Asus introduced earlier this week sounds interesting, and there's already an unlock for it. The only downside is the ginormous, almost tablet-sized screen. The Moto X is barely larger than the iPhone 4 it replaced, but it seems hardly anybody wants to build a full-powered phone that'll still fit in your pocket anymore.

Re:Android. The "PC" of mobile devices

[CastrTroy]

Similarly here. Except I switched to Windows Phone. Apple phones, while well supported and good quality, are just a little too pricey for me. Samsung and LG are not without their faults either. Maybe on a few select flagship phones they have updates but the majority of their handsets have just as few updates as all the other manufacturers. My previous LG phone was released 6 months before Android 4 came out, and I never saw a single software update to that phone, so I was stuck with Android 2.3

On a side note, I'm loving my Windows Phone. The interface is great. And the battery life was amazing. Been off the charger since I woke up 5 hours ago and the battery still reads 97%. granted, it's a low use day for my phone, but I'm often left with 70% of my battery by the end of the day. Even recording bike rides using the GPS seems to have little-to-no effect on battery usage. There's not quite as many apps as Android and iOS, but it does everything I want a phone to do, and more.

Re:Android. The "PC" of mobile devices

[mlts]

I like Android's customizability and the ability to replace things. For example, I toss the launcher and go with Nova's. The keyboard app gets replaced, and I use a custom texting app that supports encryption.

Plus, I have more privacy on Android with XPrivacy. For example, a lot of apps pull your ad info, IMEI, hardware serial number, and anything they can find for behavioral tracking. With XPrivacy, the app will happily get a number... but it will be a random one. I can also ad block on the IP level.

Re:Android. The "PC" of mobile devices

[danbob999]

No single company will always make the product that conforms the most with your life, and which you like the most (if you take the time to compare with alternatives, of course). That's why it's important not to be vendor locked-in, so that you can move the best vendor easily.

Re:Android. The "PC" of mobile devices

[danbob999]

See, this is why I'm a convert to Apple iOS. Yes, there are a few reputable hardware vendors for Android like Samsung and LG; and in many cases, superior hardware specs for the latest device. The problem is the hardware/software permutation and lack of post-sales support and upgrades. THIS is why I abhor the Android platform.

I get your point about lack of post-sales support and upgrades. However, I don't understand how hardware/software permutation is a problem. You only need one good device. Why would I care if a cheap device I didn't buy from one of these chinese vendors is buggy and lacks support?

Re:Android. The "PC" of mobile devices

[CastrTroy]

The nice thing about PCs is that you can update the software yourself. I like the selection that you get with Android, but 99.9% of the handsets are a terrible choice. When I get a laptop or desktop, I can put Windows, Linux, or even BSD on it if I want to, and nobody tries to stop me. I can update the software whenever I want. I've been running the same desktop for 9 years, and it still works fine because I control the software that runs on it.

Re:Android. The "PC" of mobile devices

[CastrTroy]

The Samsung Galaxy S4 is a single handset among many that they offer. My Wife as the Samsung Galaxy Core LTE, which is much newer than the S4 (November 2014) and still doesn't have an update to Lollipop. So, while some handsets from some manufacturers get updates, I haven't seen an Android handset manufacturer that updates all their devices in a timely manner for 2 years.

Re:Android. The "PC" of mobile devices

[Holi]

I don't know, I've wiped a few iPhones to find my pictures still on them. Was on of the reasons I left Apple.

Re:Android. The "PC" of mobile devices

[Holi]

I've wiped iphones before and found all my photos still on the phone. So I not sure that's more secure.

Re:Android. The "PC" of mobile devices

[the_B0fh]

Apparently you are unable to grasp the concept of "they've given up".

Re:Android. The "PC" of mobile devices

Samsung and LG reputable? LOL, I will never buy anything again from them, because of Vietnamese, Asian, whatever crap quality.

We live in a global marketplace. If a phone is made in Vietnam, the customer (Samsung or LG) probably just got the best manufacturing deal from there. It does not tell anything about quality. Cheap crap is always cheap crap, no matter where it is made. There is shitload of professional electronics manufacturing expertise in the Asia Pacific area, you should give those guys some respect.

Re:Android. The "PC" of mobile devices

[John+Bokma]

People seem to migrate from iOS to Android and vice versa so I think you're "lock in" is a non-issue. I would almost say that moving between Linux distributions or even upgrading to a more recent distribution of the same vendor is more problematic.

Re:Android. The "PC" of mobile devices

[DigiShaman]

I can only speak of iPhone5 and above, but that's simply not possible if done properly.

Settings --> General --> Reset --> Erase All Content and Setting. That will clear it back to factory settings. Perhaps you only chose the "Reset all Settings" option which left the content in place. That, or iCloud synced photos back to the phone when you signed in with your iCloud account with the iPhone.

Re:Android. The "PC" of mobile devices

[Slashdot+Parent]

Well, I guess it's flagships only or something. I dunno. Looks like the Galaxy Core LTE hasn't been out long, so maybe that's why? I wouldn't even want to speculate.

Re:Android. The "PC" of mobile devices

What were the other reasons?

Re:Android. The "PC" of mobile devices

[danbob999]

Having just an iPhone is not enough to be locked-in. But if you purchased a lot of applications, are relying on iCould and iTunes, have an Apple TV and an iPad, tons of Apple-only accessories such as cables, chances that your next phone will be an Android are close to 0. The cost of switching would be too high.

Re:Android. The "PC" of mobile devices

[John+Bokma]

I don't know about you but I doubt all the apps I bought add up to 50 USD. As for cables, etc. Apple hardware has a great second-hand value. I sold my iPad 4th gen some time ago and averaged over the 18 months I used I paid like 2 visits to Starbucks a month for each month of usage. Most apps I use are available for Android as well and it wouldn't bother me if I had to pay again for those, we're talking about a few bucks each.

Re: Android. The "PC" of mobile devices

[DigiShaman]

Application experience can vary widely between the different phones, OS, and UI version combinations. It's ultimately up to the developer to iron out the kinks, but can be such a PITA that depending on user-base, "good enough" is all that's needed. In some cases, it's just plain crappy.

I found iOS app experience to be at least consistent and more polished. I'm not sure it's so much of the OS as it is lack of Apple models and iOS versions to test against. That, and Apple is picky on who and what gets publish in the App Store. Though I will concede that limits consumer choice, but honestly I don't miss it. There are more iOS apps than I know what to do with anyways.

Is it supposed to?

Or is that just something the researcher expected, like people expect "format" to erase all data? IMHO it's worse that third party recovery firmwares only create new filesystems even though their menus call it "wipe partition".

Hanlon's Razor

[pr0t0]

My guess is this isn't a case of cherry-picking, it's just that it took them 2-3 years to complete and publish the research. I wouldn't think it takes that long to acquire and study 21 phones, but looking at some of the dates in their paper, maybe it took *them* that long.

I don't think of this as ground-breaking research, it's more like archaeology. Better editorial surrounding the research could have been done in a "See how far we've come since 2013" type of way.

This is why

This is why you should rely on the more secure iOS operating system.

Re:This is why

[DaveM753]

This is why you should rely on the more secure iOS operating system.

I tried this, but it wouldn't run my Android apps.

Re:This is why

[Ol+Olsoc]

This is why you should rely on the more secure iOS operating system.

I tried this, but it wouldn't run my Android apps.

You say that like it is a bad thing.

Re:This is why

No, you should use the most secure OS... Windows.

Old bug is old.

[buckfeta2014]

Affects Android 2.3, aka Gingerbread. Does anyone even use Gingerbread anymore? Ice Cream Sandwich was released in 2011.

Re:Old bug is old.

[Ol+Olsoc]

Affects Android 2.3, aka Gingerbread. Does anyone even use Gingerbread anymore?

Yes.

Re:Old bug is old.

[the_B0fh]

You are unaware that a lot of cheapo phones, currently on the market, especially those for 3rd world countries, run 2.3?

Second shocker: formatting your HD

[Overzeetop]

Bad news: formatting your hard drive or reinstalling your OS (any consumer OS) doesn't, by default, actually erase your data either.

Why are we surprised?

Re:Second shocker: formatting your HD

[Ol+Olsoc]

Bad news: formatting your hard drive or reinstalling your OS (any consumer OS) doesn't, by default, actually erase your data either.

Why are we surprised?

But we do have options. The fact that people are willing to store so much personal data on their smartphones is just showing us how dumb they are. Why would they not think a factory reset wouldn't wipe their data. If the thought even crossed their mind.

If they even thought to do a factory reset in the first place.

And this incrypton thing, sounds like a lot of work - Swamp people is on, and I can't miss that! Many of us are doing well to get our shoes tied in the morning.

Re:Second shocker: formatting your HD

[the_B0fh]

Bad news: formatting your hard drive or reinstalling your OS (any consumer OS) doesn't, by default, actually erase your data either.

Why are we surprised?

But we do have options. The fact that people are willing to store so much personal data on their smartphones is just showing us how dumb they are. Why would they not think a factory reset wouldn't wipe their data. If the thought even crossed their mind.

Probably because of the pop up that says all your information will be wiped?

Re:Second shocker: formatting your HD

[Ol+Olsoc]

Probably because of the pop up that says all your information will be wiped?

All you have to do is believe it.

Best secure wipe is 25 pounds of thermite. It does void the warranty however.

Well, duh

[mrbester]

That's why products like Cerberus can tell you where the scumbag who nicked your phone is, even if said scumbag deletes apps and data via factory reset.

For some, a straightjacket is high fashion

[Overzeetop]

There's nothing wrong with that, but it doesn't really apply to everyone. And the cost of data security is dimissively low. For the typical Android handset, the simple blow of a hammer instead of trying to recover less than $100 on ebay or craigslist will guarantee security of your old data. Heck, that $100 is less than the differential between an android handset and an equivalent iOS device in most cases.

By Design

As long as I've used Android, which is a while, factory reset isn't supposed to touch the internal storage..... Not sure what the issue here is other than people being ignorant on how to use technology.

NSA?

So was this just bad programming, or was it in response to government pressure.

why should it?

[NostalgiaForInfinity]

I wouldn't expect it to "wipe storage", nor would I want it to. Flash storage has a limited number of write cycles, and people do factory resets much more frequently during the lifetime of a product than wiping the device in order to recycle it. If you want to erase storage, use the "erase storage" function.

I noticed that on my own phone

[bobjr94]

I did a wipe/reset on my samsung before, I was surprised it still had the pictures, downloads and some bits of old apps in various folders. But I can see why, Im sure some people do unnecessary resets when they think something is wrong with their phone and they dont want to deal with people complaining they lost all their important photos. That they never backed up of course.

Re:that's why i use a bidet

[Holi]

I hope your not defecating in a urinal. That's really gross, you should really use a toilet.

Old news

Anti-virus company Avast! bought a bunch of phones and published their findings last year on the same subject

http://yro.slashdot.org/story/14/07/09/0034244/avast-buys-20-used-phones-recovers-40000-deleted-photos

Pull the SD card

[ITRambo]

Internal SD cards aren't fully wiped during a reset. Why not just pull the card, put it in a computer card reader, format and then do an advanced wipe (I use ccleaner for wipes)? That's what I plan to do when I need to factory reset my phone. Prior to reading this I wouldn't have pulled the SD card before a reset. Now I will. Thanks for the tip.

Yep

[MichaelSmith]

I bought a cheap tablet for 35 AUD from officeworks. The normal price was 45 AUD but this device was pink (for kids) and had been returned. I took it home, and when I experimented with the gallery I found selfies taken by a child. I ran the factory reset but the pictures were still there so I just deleted the photos.

You really don't get this security thing

While your suggestion of "it all becomes random gibberish without a valid key" may be acceptable in principle, for strong security you do not stop there!

"Real" security means defense in depth. You never take just one step and think, "well, if all my assumptions and pre-requisites hold, I am safe." That's lazy and dangerous thinking.

You want to secure the data on an Android device you are disposing of? Without taking the easy way out?

1). Ensure the mass storage is encrypted. If it wasn't already, then do so now;
2). Wipe the volume, using the maximum security settings (if offered);
3). Remove the SIM card and physically destroy it;

Now for someone to break through your defenses, they have to be lucky, talented, patient and well-resourced. They have to take multiple steps to retrieve data and be successful at each step. Ideally you want to wear them down and discourage them from even trying. If they do try you want them to fail early and fail hard.

Oh, and part of security is clarity about what means what. Therefore, "reset" means reset. "Zero the master key" means zero the master key. They do not mean the same thing, and you suggesting they do only lowers overall security by confusion and obfuscation for the user. Doing that to an attacker is OK, but doing that to the user is super not OK!