It has been discovered that approximately half billion Android devices have a problem with data reset feature which plays a great role in recovery of data. This is according to a report prepared by Cambridge University researchers.
This group of researchers conducted several tests which proved that about half billion Android smartphones do not completely eliminate partitions with sensitive data. This makes it possible to restore data such as contacts and text messages from different applications. Researchers confirmed this by extracting a token of Google master. This enabled them to have access to both Calendar and Gmail data.
In addition, they estimated that approximately 630 million Android devices do not erase storage media such as SD cards where files are stored during the process of factory reset. This information is very important especially for people who like selling or giving away their used Android smartphones thinking that their sensitive data has been wiped out. The truth of the matter is that such data can still be accessed by the new user.
Researchers learnt that the flaw in reset factory of Android devices enables users to recover data even when disk encryption is activated. They added that when factory reset process is taking place, the key for decyrption is not removed. Therefore, when a user recovers ‘ crypto footer’ together with decryption key, he can crack the encryption function even when not connected to the internet.
The research experiments were based on 21 Android smartphone devices operating on version 2.3 xs to version 4.3.
Despite the fact that researchers did not test Android version 4.4, there is also a possibility that devices with this and newer versions of Android operating system are vulnerable to the same problem.
Researchers gave an explanation on why reset functions on Android devices do not work well. They said that the major reason is absence of drivers that can enable complete removal of NAND chips.
According to the report, removing all the data from flash storage is not easy. For this reason, manufacturers of Android devices have been making efforts to improve the working of factory reset function.
Consequently, they came up with recommendations on a number of changes that need to be made in order to improve the effectiveness of factory reset function.
Users can now prevent data recovery from Android devices by doing a number of things. One of them is filling up NAND on their Android devices with files selected at random. This should be done after carrying out factory reset. It helps to overwrite any free space available. However, the perfect way to ensure that your sensitive data is safe is to destroy your smartphone completely.