Most Android handsets offer no easily accessible way of deleting user data including access tokens, messages, images and other content, according to a study released on Thursday.
The study by Cambridge researchers, the first in-depth look at this issue, confirms a problem that industry observers have warned of for some time – that the mobile devices so widespread today are extraordinarily difficult to clear of user data.
Up to 630 million do not properly wipe multimedia files, according to the paper, titled Security Analysis of Android Factory Resets.
The study examined 21 second-hand devices running Android versions 2.3.x to 4.3 from five manufacturers that had been wiped using the operating system’s built-in factory reset feature, but they said problems also exist with third-party data deletion applications, such as those offered by antivirus vendors. The researchers said similar problems are likely to persist in newer versions of Android.
The team was able to recover data including multimedia files and login credentials from wiped phones, and many of the handsets yielded the master token used to access Google account data, such as Gmail and Google Calendar. Such data can be recovered even from handsets protected by full-disk encryption, they said.
“With hundreds of millions of devices expected to be traded by 2018, flaws in smartphone sanitisation functions could be a serious problem,” reads the paper.
Google did not immediately respond to a request for comment.
The problem results from multiple issues, including the inherent difficulty of fully deleting data from the flash memory used in smartphones, something due to the physical nature of such memory chips, according to the research. Other issues include vendors’ failure to include necessary drivers or failures introduced by their modifications of Android for individual devices.
“Tokens for other apps such as Facebook can be recovered similarly. We stress that we have never attempted to use those tokens to access anyone’s account.”
Devices protected with encryption can still be accessed, because the file storing the decryption key isn’t erased, making it accessible to cracking, something that would take a few seconds up to a day or so for typical PINs or passwords. A complex, randomly generated password might take an unfeasible long time to crack, but such a password would be difficult to enter each time a device was unlocked.
“Full-disk encryption has the potential to mitigate the problem, but we found that a flawed factory reset leaves behind enough data for the encryption key to be recovered,” the researchers added.
The most reliable option for making data inaccessible would be to wipe the device, and then use a third-party app to fill its memory with random data, the researchers said, adding that the app would have to be installed manually in order to avoid leaving a Google account credential. This option, however, wouldn’t be available to users who have lost a device and wish to perform a remote wipe.
The researchers said the best solution for most users would be an improvement in built-in factory reset mechanisms, something that they said would largely depend upon vendors reducing slip-ups in the way they implement Android.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…