Slashdot Mirror

← Back to Stories (view on slashdot.org)

Factory Reset On Millions of Android Devices Doesn't Wipe Storage

Posted by samzenpus on from the stucking-around dept.

Bismillah writes: Ross Anderson and Laurent Simon of Cambridge University studied a range of Android devices and found that even though a "factory reset" is supposed to fully wipe storage, it often doesn't. Interestingly enough, full-device encryption could be compromised by the incomplete wiping too. ITnews reports: "The researchers estimated that 500 million Android devices may not fully wipe device disk partitions. As many as 630 million phones may not wipe internal SD cards. Five 'critical failures' were outlined in the researchers' Security Analysis of Android Factory Resets paper.

4 of 92 comments (clear)

  1. All using ancient devices by brunes69 · · Score: 5, Informative

    "fragile full-disk encryption up to Android v4.4 (KitKat)."

    "Twenty-six second-hand Android phones running versions 2.3 to 4.3 of the operating system, sold by five handset makers, were tested."

    This paper did not look at Android 4.4 or above, IE, the only versions of Android that actually properly supported and advertised full disk encryption in the first place. Full disk encryption on any device prior to 4.4 was basically something the manufacturer cooked up.

    If this paper shows anything to me, it is not so much about Android, it is more about how we have to force carriers to stop requiring this goddamn nonsense useless "carrier certification" so that Google can push device manufacturers to allow more direct and timely software updates.

  2. New news about Old software by gavron · · Score: 2, Informative

    The analysis paper starts out by saying "With hundreds of millions of devices expected to be traded by 2018, flaws...could be a serious problem." Unfortunately that same analysis focused on Android operating systems PRIOR to v4.4 (KitKat), which was released in October 2013 (https://en.wikipedia.org/wiki/Android_version_history).

    Since then, Android has released major versions (4.4 Kitkat, 5.0 Lollipop) and various major updates within those families (4.4.2, 4.4.4, 5.1). To put this in perspective, they're talking about risks in 2018 from software no newer than 2013 while writing and publishing in 2015. That's a classic case of picking your data to fit your conclusion, or cherry picking (https://en.wikipedia.org/wiki/Cherry_picking_%28fallacy%29).

    There were many fixes in Android security systems in 4.4 and also in 5.0. 5.0 now supports hardware encryption on e.g. HTC and OnePlusOne platforms among others. To apply "anyone can get the key and brute-force a password"[paraphrased] is to deny that no, you can't.

    It's often more convenient for "researchers" to provide something with glitz and hype to catch the media's attention, but in this case the hype cherry-picks data that ignores two years of active open-source development and many security updates.

    Poor science and hyperbolic headlines make for brain-free reading.

    Ehud Gavron
    Tucson AZ
    CPL-H

  3. If that's possible, then it isn't encryption. by Anonymous Coward · · Score: 5, Informative

    No shit, you can get the encrypted data if it isn't wiped.

    If the "encrypted" data can still be compromised, then it isn't truly encrypted, so encrypted storage isn't being used, and thus the "destroy the device" part applies.

    Truly encrypted data is indistinguishable from random data to an attacker. In fact, that's even better than a reset device's storage being zeroed or oned out, since it doesn't indicate that the device had been obviously reset.

    Besides, the summary is wrong. If you actually read the article, it says (emphasis added)

    For Android users wanting to ensure their data is completely wiped from their device, the researchers suggested turning on full-disk encryption where it is offered

    1. Re:If that's possible, then it isn't encryption. by ledow · · Score: 4, Informative

      Indeed - the whole point of full-disk encryption is that "reset" really consists of "zero the place where the master key was stored, which was encrypted by the user passphrase".

      Do that, and do that effectively, and you don't have to touch ANYTHING else - it all becomes random gibberish without a valid key. It could literally mean just keeping a couple of hundred bytes of RAM in an EEPROM and then destroying it on "factory reset".

      For convenience of detection, however, you may want to zero the first few sectors of the storage so that filesystem probes see it as "no filesystem" rather than as random gibberish. But that's got zero impact on the data that WAS within it.

      There's a reason that everything before 4.4 was third-party encryption and untrusted. There's a reason that proper, system-level full storage encryption (including SD card encryption) required changes to the OS. Since then, however, you just need to make sure nobody has your passphrase to stop them getting into your device. Then make sure that nobody has the passphrase-encrypted key blocks at the beginning of the disk (usually) and the data is nothing more than random gibberish.

      About the only thing needing a complete wipe of all data is really if you're put into duress to provide a key (which would obviously then provide the data) or if a key is discovered and someone wishes to prove that you DID hold the key / data (by provably decrypting with that key to show that it must have been the right one and, maybe, therefore that you had knowledge of it).

      Wipe the key-block, and the encrypted data is basically undecryptable. Same way TrueCrypt etc. work. And even though your passphrase may only be 10 characters, the key block might well be hundreds of bytes long and THAT's what actually has to be decrypted first in order to get the real key to decrypt the rest of the data.