Please select which Amazon store you would like to purchase from:


Doing a Factory Reset on Android Handsets is Not Secure

    What to do with an old handset? Most people, especially on this site, either sell their old handsets, or give them to someone they know. Google and the manufacturers have told us to do factory resets before doing so, to make sure that your personal information is wiped from the phone, and your details are secure. Turns out, that's not quite true.


Researchers at Cambridge University have written a paper showing how flawed factory reset is in wiping personal data from Android handsets using versions 2.3-4.3. (They didn't use any handsets later than 4.3). To make things worse, if you fully encrypted all the data, you may have in fact exposed yourself even more as the key to decrypt the data isn't deleted properly by the reset.


Researchers were able to recover SMS, emails, contacts, photos, videos, Facebook, Whatsapp, and even your personal Google token, which gives access to all your Google information. The flaw seems to be in the way flash drives in mobile handsets are designed to have a certain element of failure and errors. This does mean that other mobile devices may also be prone to such security, although it's unknown at present.

The best solution is to encrypt your phone when you first get it, and use an impossibly long password with letters, numbers and symbols to unlock your phone each time you use it. Most hackers will just give up as it could take years!

The researchers did make some recommendations to manufacturers, so lets hope they take up the advice.

Sign in to follow this  
Sign in to follow this  

User Feedback

There are no comments to display.