Before you resell or donate your device, the first thing that you probably do is wipe your device via the built-in factory reset, right? After all, there is a lot of personal information stored on our smartphones. But what if wiping your Android device isn’t really getting rid of all of that personal information?
Researchers at the University of Cambridge recently
published a study that reveals that login credentials and other personal information can still be recovered after a phone has been wiped, even with a full-disc encryption switched on. In the study, the researchers tested 21 second phones running Android builds between 2.3 and 4.3 from a variety of manufacturers, and Google account connectivity (which has more than enough personal information to be worrrying) was restored on 80% of the devices.
“The reasons for failure are complex,” Anderson
said in a blog post. “However, the vendors need to do a fair bit of work, and users need to take a fair amount of care.”
The Verge suggests that consumers encrypt devices prior to wiping in order to scramble any data that might still be left over. The CITA has an extensive list of
steps users need to take in to wipe their devices and protect personal information, although if you’re really concerned it might be a better idea to just hang on to your device.
Researcher Ross Anderson did note that newer phones were slightly better than the older models, and that Google’s devices–such as the Nexus line–were more secure than other devices.
Read the full blog post here or check out the study on factory resets
here.
]]>
