![]() “As for the platform, different Android versions were present, most of the phones had Android version 4 (different versions), others had Android version 2.3.x (Gingerbread),” added Ziegler. The strength of the factory reset does, however, also depend on the phone’s chip manufacturer.” It’s a mix out of different aspects: The factory reset is implemented by Google. Avast analysts explained, “It’s not a question about the carriers, whether the factory reset works well or not. The blame for Androids not deleting this data starts with Google. “The phones were from AT&T, Verizon and T-Mobile,” Marina Ziegler, Avast Software Global Communications Manager told me.īut don’t be silly like me and get hung up on what phones from what carriers revealed the most personal info even after previous owners had performed a factory reset or a “delete all” operation. ![]() What were those 20 Android phones full of factory-reset fail? They included the HTC One X, HTC EVO 4G, HTC ThunderBolt ADR6400L, HTC Sensation 4G, Samsung Galaxy S2, Samsung Galaxy S3, Samsung Galaxy S4, LG Optimus L9 P769, and Motorola Droid RAZR MAXX XT912. ![]() In most cases, we got to the low-level analysis, which helped us recover SMS and chat messages. Although at first glance the phones appeared thoroughly erased, we quickly retrieved a lot of private data. The combination of the methods mentioned above helped us to discover a lot of personal data, and also helped us to reconstruct several personal stories. After several steps including rooting the device, the researchers extracted Facebook chats, photos and Google search keywords. If those two methods failed to recover “wiped” data, the researchers used low level analysis to create a “bit-to-bit copy” of the user’s data. The following example was personal data left behind after a factory reset and then snagged from a Samsung Galaxy S4: “The Db directory (if it exists) contains SQLite database files, which may be viewed for example by SQLite viewer,” Avast said of this logical analysis approach. That archive contains a directory structure with all currently installed applications and may also contain directories. tar archive with Android Backup Extractor. However, a smartphone does not need to be unlocked or rooted before backing up data using Android Debug Bridge. If the phone doesn’t support mass storage mounting, Avast said it could be rooted, a mass storage app installed, and then use Media Transfer Protocol to pull off the personal data and transfer it to another portable device. “The seller of this HTC Sensation smartphone thought that his personal data was removed,” wrote the researchers, but “we managed to dump 251 blocks of unallocated data and to recover ‘deleted’ messages from a Facebook chat.” ![]() In the following example, Avast used “FTK Imager to mount the image of a partition containing user data.” Since some of the previous owners did not store their data on removable micro SD cards or internal storage devices, simply attaching the smartphone via USB cable to a computer was enough to mount “Removable Storage.” One mass-storage mount example was a Motorola Droid Razr XT912, from which about 11 GB of personal data was recovered. How did Avast recover the “deleted” personal data?Īvast’s forensic analysis report covers the three main methods the researchers used to recover deleted data: mass-storage mount, logical analysis, and low-level analysis. “The take-away is that even deleted data on your used phone can be recovered unless you completely overwrite it.” We found everything from a filled-out loan form to more than 250 selfies of what appear to be the previous owner's manhood,” McColgan stated. “The amount of personal data we retrieved from the phones was astounding. Yet Avast researchers also recovered over 750 emails and text messages, more than 250 contact names and email addresses, and four previous owners’ identities. “Everybody who sold their phone, thought that they had cleaned their data completely," stated Jude McColgan, president of Avast Mobile. Mixed in with those non-G-rated photos were over 1,500 family photos of children in total, more than 40,000 photos were recovered. From only 20 Android phones, Avast found 750 selfies of women in various stages of undress and 250 male nude selfies. Avast PR manager Caroline James remarked that one “guy was really into anime porn.” But that “secret” might be less embarrassing for the previous owner than for the people featured in risqué selfies.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |