Avast Buys 20 Used Phones, Recovers 40,000 Deleted Photos 231
An anonymous reader writes: The used smartphone market is thriving, with many people selling their old devices on eBay or craigslist when it's time to upgrade. Unfortunately, it seems most people are really bad at wiping their phone of personal data before passing it on to a stranger. Antivirus company Avast bought 20 used Android phones off eBay, and used some basic data recovery software to reconstruct deleted files. From just those 20 phones, they pulled over 40,000 photographs, including 1,500 family pictures of children and over a thousand more.. personal pictures. They also recovered hundreds of emails and text messages, over a thousand Google searches, a completed loan application, and identity information for four of the previous owners. Only one of the phones had security software installed on it, but that phone turned out to provide the most information of all: "Hackers at Avast were able to identify the previous owner, access his Facebook page, plot his previous whereabouts through GPS coordinates, and find the names and numbers of more than a dozen of his closest contacts. What's more, the company discovered a lot about this guy's penchant for kink and a completed copy of a Sexual Harassment course — hopefully a preventative measure."
Where the fault lies? (Score:3, Insightful)
What kind of people sell sd cards along with phone. I thought everyone are misers.
Am tempted to know what kind of nudie pics where available
Who's at fault for this? (Score:4, Insightful)
Unfortunately, it seems most people are really bad at wiping their phone of personal data before passing it on to a stranger.
How many people actually have the ability to securely wipe data on their phone to start with, without rooting it? For lots of folks, the "factory reset" option is the only thing they can do on their own, and that likely only deletes prefs and network settings and erases file system directory info. It does not overwrite the bits in the phone's storage to make them unrecoverable.
Re:Who's at fault for this? (Score:5, Insightful)
As stated above this really should be an inbuilt OS feature - "Reset for resale"
It shouldn't take an understanding or knowledge of the intricacies of how the device works or how to properly erase data. It should be automatically done by the OS since most phone users do not know how to do it properly.
Garbage In (Score:1, Insightful)
Mobile industry is afoul with moral hazard. They simply don't care about their clients because they only want to get paid once and then milk the clients for information.
Google's Android phones flat out REFUSE to uninstall Facebook, for example.
Users do not have control because we're experiencing what Oligarchy feels like.
Some of us remember what it was once like when you wanted to buy something and they would kiss your ass and make you at home while you were shopping. If you had any problems they would bend over backwards to serve you. That mentality is dead in the goods & service industry.
We are approaching the dusk of the psychopathic corporation era. Nothing after that folks. Thanks for playing.
Re:Only Android? (Score:4, Insightful)
Re:Garbage In (Score:3, Insightful)
That's the carrier's doing
Can't we just say people took naked pics? (Score:5, Insightful)
Why do we still talk like we're in middle school? Why the code talking? "personal pictures", "manhood"? Can't we just say they found pictures of guys penises, and nude to semi-nude women?
People take nude photos of themselves, don't realize it's still on the phone, and sell the thing. The fault lies with the cell phone makers who aren't actually doing real deletes of pictures. That's just dumb. Back when storage medium was on a hard drive, and computers do a LOT of IO, deleting the reference to the file made sense to improve performance. But all phones use flash as storage, and there's simply not a lot of IO that's going on in your typical phone usage. The OS should be wiping the file, or at the very least remove the reference, and wipe the file at a later (but soon) time after (like perhaps while the user is typing something and is otherwise idle).
The reality is phones get stolen, and the data is far less secure than on a PC. The OS needs to keep up with that. Deleting data for good should mean actually deleting the data. The shortcuts that've been done in the past should be a thing of the past.
This post is an advert (Score:3, Insightful)
This article is good reading in itself but it wound up being an advert for the poster's product. I wonder how much Dice got paid to post this "story"? Is it any wonder I spend more time over at soylentnews.org, the name of which I was going to bury in a link but couldn't because the link gets replaced with "slashdot.org"?
Re:Where the fault lies? (Score:5, Insightful)
But it's so easy to do on iOS. You can do it on the phone - Settings->General->Reset
And it wipes the phone - the flash storage is encrypted. Resetting it wipes the key and generates a new one. It then reboots and reformats the user storage using the new key and mounts it. The old data is irrecoverable because the key is lost, and the new data is written using a new key.
Even prior to encrypted storage, iOS3 created the option to do it where it erases and wipes the storage - anything 3GS and newer wipes keys (so wiping takes a couple of minutes), older ones took a couple of hours.
No reason Android can't do the same - either by sending TRIM commands to the entire user storage area and then forcing a write-all-with-zeroes to be doubly sure.
Re:Who's at fault for this? (Score:1, Insightful)
Re:Where the fault lies? (Score:5, Insightful)
Re:"What to do before selling or giving away your. (Score:4, Insightful)
Re:Where the fault lies? (Score:5, Insightful)