In their blog post earlier this month, Avast published some very interesting and somewhat worrying information. According to the blog, they bought 20 used Android phones from eBay and using easily available standard forensic tools, were able to extract personal data of previous owners. They apparently found around 40,000 stored photos including, and as expected, hundreds of naked selfies of women and men. They also found emails, text messages, phone logs, contacts and even google searches.
They claim they found all that data despite a ‘Factory Reset’ done on those phones by their previous owners. While there were no specific details as to which of those phones were reset, they did bring to light some important facts about how data is stored and deleted on most data storage devices.
So essentially when you delete anything on your phone, what you are really deleting is the link to that piece of information on the storage drive. The information remains there until new data is written on top of that. So when you do a factory reset you’re only deleting the index of links to all your data and not the data itself. Therefore using basic data retrieval techniques one can retrieve pretty much most of the information on that phone just before the factory reset.
Before we start worrying though, do note that the phones were all old and Android based. When asked, Google responded by point out that Android version 4.0 and above, used by 85% of the users, did not have the security flaws of the previous versions.
The new versions have an option to encrypt all data on the phone with a cryptographic key that is generated based on the passcode provided by the user. But this option is not turned on by default therefore making new users as vulnerable.
Depending on the exact version and make of your smartphone, the steps to turn on the encryption feature will slightly vary but the following should be a good guide.
Charge Your Phone
Depending on the amount of data on your phone, encryption process can take at least an hour. So make sure your phone is fully charged and for complete peace of mind leave it plugged in. Losing power midway will most likely result in catastrophic data loss.
It is the golden rule of all IT. Before you do anything and often when you do nothing it is imperative that you always back up all your data. In this case, a backup of all your photos, messages, contacts, emails etc. will save you a lot of time and heartache if thing do hit that fan.
This is where things could be different based on versions, makes and models. Generally speaking on your phone,
- Go to Settings
- If there are tabs on top, go to either ‘More’ or ‘General’ and find Security
- If there are no tabs scroll down and find Security
- Tap Security
- Tap ‘Encrypt Phone’ or ‘Encrypt Device’
- From here on carefully read and follow on-screen prompts
Once the process is complete, you can rest assured all your data and photos no matter what kind are all safely encrypted.
The preceding steps will certainly keep your data safe but encryption in Android has its own drawbacks.
- Slower Performance – Encryption will reduce the performance of your phone. Depending on the version, model and make this effect will vary.
- Irreversible – Once encrypted, the device cannot be reversed back to unencrypted state. The only way back is factory reset.
- Time consuming – This one’s a one-time issue. It does take a long time to encrypt, especially if you have a lot of data.
We recommend, if you have the latest whiz bang mobile, a tendency to take photos in front of your mirror, about an hour to kill or simply want everything super secure, certainly go ahead and encrypt you phone. On the other hand if your phone is a bit old or performance is important, encryption is not advisable. In any case before you decide to discard your device for a new one be sure to first encrypt it and then perform a full factory reset before you let that phone go.
Apple iPhone and iPad run on iOS which uses AES 256 algorithm with a software key generated by the information users provide. This is a default setting and is always on and cannot be turned off. When an ‘erase all content and settings’ is done on the phone, the data index and the encryption key is deleted and without the key all the encrypted data is effectively rendered unrecoverable.
Now before all you Apple users start to feel smug and relax, a forensic scientist Jonathan Zdziarski presented a very revealing paper at a conference earlier this month. He indicated Apple devices ran up to 44 undisclosed services in the background which cannot be turned off. While previously denied, Apple did later acknowledge their existence and insisted they exist for diagnostic purposes alone. True as that may be, these services which can be broadly classified as backdoors can pose potential threats.
In conclusion, smartphones in general are amazing at what they do but there are always pitfalls. Growing use of technology does come with its own set of risks. The right way to mitigate these risks is not shunning the technologies themselves but by better understanding the way they work.
We invite you to share with us any experience you have had relating to encrypting your Android device or your opinions on Apple security. If you liked this article please share it with your network. You can also subscribe to our monthly newsletter by emailing us at firstname.lastname@example.org.