Jump to content

Android's faulty factory reset tool leaves 500 million users open to attack

Recommended Posts


Researchers have revealed that Android's 'factory reset' feature doesn't remove all data from devices, leaving up to 500 million users open to attack.

The University of Cambridge has revealed that, even with full-disk encryption in play, performing a factory reset on Android smartphones leaves sensitive information up for grabs on the majority of devices.

The university examined 21 phones, running Android versions 2.3 to 4.3, and found could up to 500 million Android devices might be at risk of leaving personal data available to attackers after being 'reset.'

For example, the researchers found that they were easily able to access the previous owners Gmail account on 80 percent of the devices it tested.

"We were able to retrieve the Google master cookie from the great majority of phones, which means that we could have logged on to the previous owner’s gmail account," the researchers said.

All of the 21 phones left some sensitive data behind, including information generated by Facebook and WhatsApp, images, videos and text messages.

They researchers noted Google's own-brand Nexus firms fared better than those from the likes of HTC and Samsung, but said that all vendors need to do more to protect user data.

"The reasons for failure are complex; new phones are generally better than old ones, and Google’s own brand phones are better than the OEM offerings. However the vendors need to do a fair bit of work, and users need to take a fair amount of care."

This research follows an investigation carried out back in 2014 which revealed that CEX and Cash Converters have been selling second-hand mobile phones containing sensitive information from their previous owners, despite promising these customers that the phones would be fully wiped before being sold on.

In a seperate report, the Cambridge researchers note that such companies could carry out large-scale attacks given the sensitive data they are able to access, made easier by third-party remote wiping service that also fail to clear information from devices.

"Antivirus software that relies on a faulty factory reset can only go so far, and there’s only so much you can do with a user process," the researchers said.

"These failings mean that staff at firms which handle lots of second-hand phones (whether lost, stolen, sold or given to charity) could launch some truly industrial-scale attacks."

These findings could spell bad news for businesses, with Good Technology revealing earlier this month that Android accounted for 26 percent of enterprise smartphone activiations in the first quarter of 2015.


Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...