Jump to content


Photo

Secure Erase an Android Device?


  • Please log in to reply
8 replies to this topic

#1 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,099 posts
  • Location:QLD

Posted 09 August 2017 - 11:21 AM

Hello everyone, Just some advice if you'd be so kind :)

I'll bold my question, if you'd like to skip the backstory.

 

So my friend and I both own TCL-Blackberry KeyONE's (and both love them to death).

This phone had its teething issues with build quality, but she was unlucky enough to hit a once-off problem!

The USB-C connector shorted out internally and melted the end of the phone.

Well damn!

Anyway!

 

Since we're lucky enough to have consumer laws that let us just swap the phone, Question is:

 

How do we securely wipe an Android phone?

 

BBOS10 had a "5 pass wipe" option, but I can't find anything in Android.

 

Are there apps?

 

Being Android Nougat, I heard about "the whole phone is Encrypted"....?

.... does this mean a factory reset makes it unrecoverable ANYWAY?

 

What's the go here?

 

Thanks guys!

 


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#2 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,011 posts

Posted 09 August 2017 - 11:47 AM

"Zero fill" in Google Play comes up with a fair number of hits.

As to whether user data is encrypted, NFI.  The problem I foresee there is that there's probably a remnant key left somewhere.

A z-fill type process would IMO potentially leave a little user data since it's hard to properly wipe the entire user portion of a volume from an active OS but still, better than nothing.

 

If you were really worried, I'd do something like:

Factory reset, then uninstall some default apps if possible.  Run z-fill process with "random" then 00.

Factory reset again, unistall etc. then install a file mgr if not already present and an FTP client.

Upload some files of exponentially different sizes, e.g. 100K, 1 Meg, 10 Meg, 100 Meg.

Use file manager to just fill up the phone by replicating the large file then each smaller sized file.

Factory reset again.



#3 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,099 posts
  • Location:QLD

Posted 09 August 2017 - 02:14 PM

zfill, huh?

 

I'll look into it. we probably have about 2 hours of battery left, since it cant charge.

 

As for filling it, we should just be able to record a few 4K videos and fill that 32GB in no time.


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#4 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,011 posts

Posted 09 August 2017 - 04:21 PM

Yeah... it might be the case that the quickest way of generating lots of dummy data is to just record a HD video for a while.

 

Though if it's a 1-shot deal on battery then maybe a quick/dirty app download that does a z-fill would be easiest and less demanding on power.



#5 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,099 posts
  • Location:QLD

Posted 10 August 2017 - 09:17 AM

Well thankfully it's a KeyONE, so 20% battery ended up meaning about 6 hours of screen on time without radios.

So we erased it, started it back up, zero filled it, "secure 2 pass" shredded the zero fill file (that's one way to ensure flash memory gets fully rewritten!)

Repeated this twice.

Then secure erased the "freespace" which was an option in Shredder.

 

About 4 factory resets later, my friends boobs are hopefully now successfully encrypted\erased\hidden' hooray! (actually.... wait a minute! BOOOO!!!!)


Edited by Master_Scythe, 10 August 2017 - 09:18 AM.

Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#6 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,011 posts

Posted 10 August 2017 - 11:05 AM

I have to wonder with flash though if it's even worth bothering writing more than once.

Likely there's 4K blocking and probably some local caching so that sequential writes don't involve read and writeback for all sectors in a single block, rather do the whole thing at once.

With magnetic storage there's residual flux which can supposedly be forensically investigated to sometimes get old data back.

Would there be something similar with flash?  Maybe if direct reads are done as an analog process the voltage level returned gives that logic 0/1 but can also indicate the previous bit state?



#7 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,099 posts
  • Location:QLD

Posted 10 August 2017 - 11:10 AM

I have to wonder with flash though if it's even worth bothering writing more than once.

Likely there's 4K blocking and probably some local caching so that sequential writes don't involve read and writeback for all sectors in a single block, rather do the whole thing at once.

With magnetic storage there's residual flux which can supposedly be forensically investigated to sometimes get old data back.

Would there be something similar with flash?  Maybe if direct reads are done as an analog process the voltage level returned gives that logic 0/1 but can also indicate the previous bit state?

 

Apparently it is, but I'm only regurgitating reports I've read, also.

Your logic makes sense, since flash memory is literally gates being flipped, how can it possibly know what position they were in before?

Magnetic media has a 'shadow', how does a gate?

 

Ah well, I feel better knowing the phone was encrypted thrice, wiped 4 times, and zero filled twice......

I'm sure I wore the memory a little, but who cares, it's being sent back.

 

It literally sets USB cables on fire!


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#8 Jeruselem

Jeruselem

    Guru

  • Atomican
  • 13,881 posts
  • Location:Not Trump-Land

Posted 10 August 2017 - 11:35 AM

Hope the replacement isn't a lemon like this one.


Is your Android and iOS WiFi on KRACK?


#9 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,099 posts
  • Location:QLD

Posted 10 August 2017 - 12:05 PM

Hope the replacement isn't a lemon like this one.

 

 

The Australian release has been nearly flawless.

We got extra glue on the screen, we had (nearly) even keyboard lighting, so on and so forth.

 

This isn't a common issue, it's a freak once off.

 

So yeah, I don't see reason to worry about the next one :)


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users