The results of a study performed in the UK by University of Cambridge researchers entitled Security Analysis of Android Factory Resets, however, now show that emails, text messages, Google access tokens and other sensitive data can be recovered from Android phones even after a Factory data reset is performed...even when users have turned on full-disk encryption.
Cambridge researchers Laurent Simon and Ross Anderson performed their study on 21 used Android smartphones, all purchased on eBay between January and May 2014. The phones — running versions of the operating system ranging from 2.3.x (Gingerbread) to 4.3 (Jelly Bean) — were manufactured by the likes of Samsung, HTC, LG Electronics, Motorola, and Google.
All of the phones tested preserved at least fragments of previous-owner data previously believed to be obliterated, including not only native phone app information (contacts, photos and videos, SMS), but also data tied to such third-party apps as Facebook and WhatsApp. In fact, in 80 percent of the phones tested the researchers were able to recover the Google master token, with which a device can be re-synchronized to the Google account of its previous owner. Thus, the supposedly-wiped phones were able to offer access to a bevy of data previously backed up to that Google account, including emails in Gmail, contacts, Wi-Fi passwords, Google Calendar details, and Internet browsing records. And if that isn't chilling enough, as an experiment the researchers attempted with success to restore the credential file from a reset phone.
"After the reboot, the phone successfully re-synchronized contacts, emails, and so on.", the researchers reported, going on to say, "We recovered Google tokens in all devices with flawed Factory Reset, and the master token 80% of the time. Tokens for other apps such as Facebook can be recovered similarly. We stress that we have never attempted to use those tokens to access anyone's account."
In broad terms, what this means is that an estimated 630 million Android phones are potential gateways to personal data attack.
One aspect of the findings of the Cambridge study that is especially sobering is that in many cases the data of susceptible Android phones can be recovered and accessed even in the event that the previous owner protected the phone with full-disk encryption (this because the decryption key is not erased during a Factory data reset).
At this point, avid HotHardware readers wielding Android phones are no doubt hoping to read of an easy alternate to Android's Factory reset function, as suggested by the researchers or interested other parties. Or perhaps there is an app that can be installed on the phone that can do the job that Android cannot? Unfortunately, such hopes are not in the offing at this time.
In the case of newer Android phones that offer full-disk encryption users can turn it on and configure a randomly-generated password of eleven or more characters, however, the practicality of such a solution dissolves in the face of the frequency with which smartphone passwords are input and the potential frustrations inherent in entering such passwords using tiny virtual keyboards.
At this time, sad to say, the results of the Cambridge study offer a significant problem without a workable solution.