Android’s reset function leaves user data behind

Security researchers at the University of Cambridge have exposed vulnerabilities in the system in two papers to wipe Android devices of personal data, both by means of a ‘factory reset’ and a ‘wipe’ via external programs.

The university researchers bought a number of second-hand Android phones to verify that factory resets did indeed result in a completely clean phone. That does not go well in all cases, the researchers write on their weblog: in any case, all mobile phones leave behind fragments of old data and it was even possible to retrieve the master token with 80 percent of the telephones, which means that you can log in to the Google account. account of the former owner becomes possible.

The other research focused on software provided by third parties, such as antivirus companies that provide apps to remotely block or wipe a phone. Antivirus software that uses Android’s built-in factory reset method fails for understandable reasons, which is why this third-party software doesn’t solve the problem.

To test the quality of the factory reset function, the researchers looked at 21 Android phones from five different manufacturers. The phones ran on various Android versions ranging from 2.3 to 4.3. Based on the results found, the researchers estimate that up to 500 million Android devices do not properly wipe the data partition and up to 630 million devices do not properly clean the internal SD storage. Users who secured their storage with encryption are also out of luck: enough information is left behind after a factory reset to eventually retrieve the encryption key.

The problem with mobile anti-theft apps is a poor wipe implementation and limitations of the Android API, and adjustments made to the operating system by the builder of the affected devices. “Sorry, but a mobile anti-theft app doesn’t offer a better wipe function or replace the built-in factory reset,” the researchers write in the other paper. According to them, the only viable option at the moment is for the manufacturers themselves to provide good software to restore factory settings.

The problem isn’t entirely on Android’s side; Flash memory is also part of the problem. The available storage capacity of the flash memory is larger than stated due to error correction and the way of data storage. New emmcs support better data cleaning methods. Furthermore, according to the researchers, manufacturers must use the entire flash capacity and show it completely in the bootloader and the recovery and Android kernels.

Users can also provide better security for their devices themselves, namely by securing their devices with encryption and choosing a long PIN code with both letters and numbers for their own login. To find out the encryption key, the normal password or PIN still has to be cracked. It is not known what the situation is with Android versions of 4.4 and higher, but the researchers suspect that a similar problem is at play.

Android 4.x under 4.4 is still running on almost 45 percent of Android devices, according to data from Google itself from May 4, 2015. Six percent of mobiles still make contact with the Play Store with a 2.2 or 2.3.x device.