of Huntingtown take a group selfie June 20 after the World’s Largest
Swim Lesson at Chesapeake Beach Water Park. (Darwin Weigel/The Calvert
Recorder)
online auction site, you could be giving away rather more than you
intend to, according to a recent investigation by anti-malware company Avast.
Going through phones that had supposedly been “factory reset,” the company’s researchers were able to view photos
taken by the phone’s original owners. In addition to the usual harmless
photos of the family cat were naked selfies that the original owners
would never have wanted anyone to see.
What’s more, the
researchers were able to do this simply by using a range of free
smartphone forensic tools that are easy to use by technical enthusiasts
as well as professional forensics experts.
How it works
Electronic
data, stored either on a solid state drive or a traditional hard disk,
persist even when we think we have wiped the storage device. Many
readers will naturally assume that when you delete a file, it has been
removed from your phone or computer.
The way it actually works is
that the link (or reference) to the file is deleted, but the original
file is still there – so that inappropriate selfie is still in your
phone’s storage even if you can no longer see it in the photo browser.
What’s worse is that, unless the file is fully overwritten, you may find
that the dodgy pictures remain for some considerable time.
The
issue spotted by Avast is that the “factory settings” feature of some
older Android phones does not overwrite every “bit” of data; instead, it
simply removes the file references.
Which phones are affected?
Based
on their research, it is only Android devices that are affected.
iPhones encrypt their storage, which adds a layer of strong security. So
even if you could see that the data existed, you couldn’t see what it
was as you won’t have access to the original security keys.
It
would seem that Windows and Blackberry phones are not affected either.
Researchers may yet discover issues, but as it stands there are no
concerns.
How to protect your data
The
best advice I can give if you intend to sell your Android phone is to
first consider carefully how you may have used the device. If there are –
or were – any pictures or data on the phone that you do not want to
fall into the hands of others, then keep the phone, and do not sell or
give it away.
There are also ways that you can encrypt your Android, and this is a technique worth considering.
But the only truly secure way to destroy the data is to smash the phone into little pieces, then throw it into a fire.
Personally,
I prefer to store only impersonal and chaste data on my phone. Best not
to take pictures of your cat unless you really want others to see your
kitty.
No comments:
Post a Comment