Securely Erase User Content - General Questions and Answers

Is there a way to securely delete any user data either before or after a factory reset on a stock Android tablet (ICS or above)? I'm working with a local computer shop who's had a couple returns because of user inexperience, but I want to make 100% sure their data is securely deleted, minimum of one pass wipe, before I give it the OK to resell
Can this be done via a Google Play app?
Sorry for the inexperience, I'm very new to Android.
Thanks.

rysal said:
Is there a way to securely delete any user data either before or after a factory reset on a stock Android tablet (ICS or above)? I'm working with a local computer shop who's had a couple returns because of user inexperience, but I want to make 100% sure their data is securely deleted, minimum of one pass wipe, before I give it the OK to resell
Can this be done via a Google Play app?
Sorry for the inexperience, I'm very new to Android.
Thanks.
Click to expand...
Click to collapse
There is an app called 'Shredroid' on the Play Store that wipes deleted data, but without actually testing it by running and then attempting a forensic analysis on the phone it is impossible to state if it works or not.
It is, however, the only thing out there unless you are happy to access your device's internal storage and run "dd=" commands on the relevant partitions, which carries a serious risk of screwing your device beyond recovery.

Related

[Q] cloning the transformer setup & content

Hi,
Tomorrow I'll receive a new transformer (thanks, Amazon ) and I need to clone my current transformer to the new one before returning it.
I suppose that configuring the new tablet with the same google account will bring almost all the setup.
What should I care about more specifically?
I also suppose market may remember applications installed, and run a global update on the tablet...
Do you think it is enough copying data from sdcard to removable/microsd (just my data, not everything)?
Then, for erasing personal data on the tablet to return, is it enough a system restore, or should I need following any particolar procedure?
Thanks
wis38 said:
Tomorrow I'll receive a new transformer (thanks, Amazon ) and I need to clone my current transformer to the new one before returning it.
Click to expand...
Click to collapse
When you say 'clone' to what extent do you mean that? Are you just wanting to transfer your files in /sdcard (e.g. music, images, video etc) over to the new unit, or are you also wanting to retrieve your favoured apps and their data?
wis38 said:
I suppose that configuring the new tablet with the same google account will bring almost all the setup.
Click to expand...
Click to collapse
Sort of. In my experience Android in general will only backup certain parts of your device. If you were to setup the new Google account as soon as you turn it on - and by that I mean during the first-use setup, not after you've booted into Android itself - then it would give you the option to retrieve any data already backed up from your chosen Google account once you've logged into it, which can sometimes include the list of apps you had installed from the last time your device synced with Google's servers. Whether this would also recover the respective apps' data is another matter, I don't know for sure whether it does and I don't know if that's what you're hoping will happen.
wis38 said:
What should I care about more specifically?
Click to expand...
Click to collapse
Up to you - how much data do you really want to retrieve from the current device? Just the files? Apps together with their saved data (e.g. Angry Birds progress)?
wis38 said:
I also suppose market may remember applications installed, and run a global update on the tablet...
Click to expand...
Click to collapse
See earlier answer about Google accounts.
wis38 said:
Do you think it is enough copying data from sdcard to removable/microsd (just my data, not everything)?
Click to expand...
Click to collapse
Again, up to you.
wis38 said:
Then, for erasing personal data on the tablet to return, is it enough a system restore, or should I need following any particolar procedure?
Click to expand...
Click to collapse
System restore should be fine, but I'd check the contents of /sdcard once you've performed a restore, just to be sure your data is actually gone.
Could you please provide a bit more information about your particular setup? Is your device rooted (and if so what ROM/kernel have you installed), or are you running the same stuff you had in the box?

Backing up apps and data

I notice that if you want to backup an app and it's data, the apps that do this require root.
This has largely never been of concern to me as usually within a week of a new phone I've rooted and installed a custom ROM.
But now I need Good for Enterprise on this phone so rooting is not an option. But this inability to now backup data is beginning to annoy. It seems to me as a lay person that this should be a basic feature especially if you want people to have a good experience when they upgrade their phone.
Does Google have a good reason for having designed the OS in this manner?
Sent from my ONEPLUS A3010 using Tapatalk
milomak said:
I notice that if you want to backup an app and it's data, the apps that do this require root.
This has largely never been of concern to me as usually within a week of a new phone I've rooted and installed a custom ROM.
But now I need Good for Enterprise on this phone so rooting is not an option. But this inability to now backup data is beginning to annoy. It seems to me as a lay person that this should be a basic feature especially if you want people to have a good experience when they upgrade their phone.
Does Google have a good reason for having designed the OS in this manner?
Click to expand...
Click to collapse
Its mainly for security purposes. If apps were able to read the data of other apps just like that (without acquiring root access from the user) then it'd be quite easy for a malicious app you installed on accident to read the data from that banking app you have installed. And you wouldn't even know until its way too late.
I suppose one could argue that Google could implement it in such a way the backup apps would need to seek permission from the user before reading the data from other apps, but seeing that most users barely pay attention to what it is that they're granting permission to....its probably better to leave it out altogether.
On a final note though, maybe Google would rather have you store your precious & valuable data on their servers instead. As they do offer backup options for your contacts, calendar, passwords, and even certain app's data.
So how does iOS get around this or does the vulnerability you talk about exist?
Sent from my ONEPLUS A3010 using Tapatalk
milomak said:
So how does iOS get around this or does the vulnerability you talk about exist?
Click to expand...
Click to collapse
I've not used iOS in a while so I really don't know. I sincerely doubt iOS has apps that can backup data though. Seeing that they're only just getting a file manager in iOS 11.
milomak said:
I notice that if you want to backup an app and it's data, the apps that do this require root.
This has largely never been of concern to me as usually within a week of a new phone I've rooted and installed a custom ROM.
But now I need Good for Enterprise on this phone so rooting is not an option. But this inability to now backup data is beginning to annoy. It seems to me as a lay person that this should be a basic feature especially if you want people to have a good experience when they upgrade their phone.
Does Google have a good reason for having designed the OS in this manner?
Sent from my ONEPLUS A3010 using Tapatalk
Click to expand...
Click to collapse
Try the Helium app, it's worked for others but as always, your mileage may vary.
Also, the built-in Google backup feature in system settings should backup apps and data then after updating the device(s), during setup wizard, it should prompt asking if you want to restore apps, data and settings from the Google backup.
But....
If you leave the devices on stock firmware and un-rooted, then during stock updates you should only have to wipe the cache partition. Factory reset shouldn't be necessary if you're only updating stock, wiping only the cache partition during/after flashing/updating should be all that you need to do. This should update your device(s) system and leave all your settings and other data intact.
You can also try using a file manager such as ES File Explorer on android to create backups of the apps you installed (this will not work with system apps), in ES File Explorer, the backed up apps will be in sdcard/backups or storage/emulated/0/backups, or something similar. You can copy those apk backups to PC then look in internal for storage/emulated/0/Android/data folder, this folder contains folders for all of your installed apps that store app data, the names of the individual folders should correspond with the app it stores data for. You can copy these folders to PC.
To restore these apps and their data, copy the backed up apk files to your internal to the folder of your choice, then go to system settings>security>unknown sources and turn it on so you can install your apps from the apk files you backed up instead of from Google or PlayStore. Then using a file manager on android, go to the folder you copied the apk files to and click on them to install them from there, then copy the folders containing your app data to your storage/emulated/0/Android/data folder then reboot, you may have to boot to recovery and wipe the cache partition (do not factory reset, only wipe cache). This method may or may not work depending on the app being restored.
I'm not an iOS user but as far as I know, iOS is strictly dependant on Apple/iTunes, you just about can't do anything with iOS that doesn't involve iTunes, including backups probably.
Sent from my SM-S903VL using Tapatalk

How to securely erase Android phone that I can't encrypt?

So I'm selling my old Meizu M2 Note which is running Flyme OS that doesn't allow me to encrypt the whole phone. How can I ensure the data is actually gone before selling? Normal wiping doesn't erase everything.
That's a good but hard to answer question.
A good old fashioned hard drive can be single pass overwritten (debate about overwrite passes is still an open discussion) making it unrecoverable for anything but an MFT, Mobile devices use flash memory just like a USB drive or an SSD.
What is the difference? Wear leveling (https://en.wikipedia.org/wiki/Wear_leveling).
Because of that people came up with crypto-shredding or crypto erase which only truly works with Hardware Encryption because Software encryption can never, with 100% certainty, know how the wear leveling reacts on every device.
You already said this isn't an option so what can you do to be sure nothing can be recovered? The answer is unfortunately short, nothing.
However recent research showed that multi pass overwriting caught a lot of data but even the Gutmann method (35 passes) did not get rid of everything (I forgot the link to the Whitepapers).
That said, you aren't selling it to a forensic specialist.
My best suggestion is to use one of the higher rated wiping apps (Shreddit for example) to first destroy your files, then factory reset and download a few good recovery apps and again a wiping app. Make sure you can't recover your own files anymore (if you have very sensitive data you can connect it to a PC and use even better recovery or, if you are paranoid, forensic tools) then overwrite it with as many passes, rounds and algorithms you feel comfortable with. Check recovery tools again and call it a day when you feel satisfied.
This WILL eat at the wear level so keep that in mind when you want to start overdoing it.
Not everything will be gone but it's as good as it's going to get and I highly doubt the person you sell it to will be able to recover anything.
Good luck!
GU42 said:
So I'm selling my old Meizu M2 Note which is running Flyme OS that doesn't allow me to encrypt the whole phone. How can I ensure the data is actually gone before selling? Normal wiping doesn't erase everything.
Click to expand...
Click to collapse
#noob guide incoming
(potentially useless and harmful)
i just thought of it
shred memory
download custom rom and flash
fill memory with stuff
shred again
xD
TheMarchHare said:
That's a good but hard to answer question.
A good old fashioned hard drive can be single pass overwritten (debate about overwrite passes is still an open discussion) making it unrecoverable for anything but an MFT, Mobile devices use flash memory just like a USB drive or an SSD.
What is the difference? Wear leveling.
Because of that people came up with crypto-shredding or crypto erase which only truly works with Hardware Encryption because Software encryption can never, with 100% certainty, know how the wear leveling reacts on every device.
You already said this isn't an option so what can you do to be sure nothing can be recovered? The answer is unfortunately short, nothing.
However recent research showed that multi pass overwriting caught a lot of data but even the Gutmann method (35 passes) did not get rid of everything (I forgot the link to the Whitepapers).
That said, you aren't selling it to a forensic specialist.
My best suggestion is to use one of the higher rated wiping apps (Shreddit for example) to first destroy your files, then factory reset and download a few good recovery apps and again a wiping app. Make sure you can't recover your own files anymore (if you have very sensitive data you can connect it to a PC and use even better recovery or, if you are paranoid, forensic tools) then overwrite it with as many passes, rounds and algorithms you feel comfortable with. Check recovery tools again and call it a day when you feel satisfied.
This WILL eat at the wear level so keep that in mind when you want to start overdoing it.
Not everything will be gone but it's as good as it's going to get and I highly doubt the person you sell it to will be able to recover anything.
Good luck!
Click to expand...
Click to collapse
Thanks for your amazing reply!
I finally found the solution I was looking for: as Avast! support told me, you can still use Avast! Mobile Security to securely erase your phone (by overwriting data), it's just a hidden feature. You just have to deactivate the Device Administrators permission for the app.
Then you just use the "erase device."
Was that research about multi pass overwriting done on SSD, or HDD? I always thought that one pass is enough on a standart HDD.
Can you recommend me any good forensic tools to use to check if the data is truly erased, please? And does the phone need to be rooted in order to restore deleted data?
Thanks for all your insight and advice !
GU42 said:
Thanks for your amazing reply!
I finally found the solution I was looking for: as Avast! support told me, you can still use Avast! Mobile Security to securely erase your phone (by overwriting data), it's just a hidden feature. You just have to deactivate the Device Administrators permission for the app.
Then you just use the "erase device."
Was that research about multi pass overwriting done on SSD, or HDD? I always thought that one pass is enough on a standart HDD.
Can you recommend me any good forensic tools to use to check if the data is truly erased, please? And does the phone need to be rooted in order to restore deleted data?
Thanks for all your insight and advice !
Click to expand...
Click to collapse
Avasts shredder works but it's a single pass on flash memory so it doesn't clear everything with 100% certainty because of the wear leveling but no algorithm does. I'm pretty sure that's a feature they added after purchasing CCleaner.
They also added it as a module in their windows platform.
The multi pass research was done on Solid State Drives and I still can't find the link. Just from a research paper in 2011.
SSD's are still closest in comparison to the kind of memory used in Mobile devices.
As for HDD's it's an open debate. Forensics have claimed to be sble to read past 200 writes in the past but there is no research to support this. I believe that they showed that 1 pass PRNG is enough in 2005, however the DoD was still developing machines to perform 7 pass DoD standard wipes so, I have to say that I have no idea.
If you want serious forensic tools you're looking at these kind of distributions (infosec just made me laugh, SSL_ERR_CERT_COMMON_NAME_INVALID, it's infosec! ??).
http://resources.infosecinstitute.com/computer-forensics-tools/
But if anyone you sell it to would try something it would be more along the lines of Recuva and similar software.
On phones you can just download a bunch of high rated recovery tools and see if anything pops up.
You do not need root for most of them.
You could run fstrim which I'm pretty sure has no root requirements either. This would mark all blocks as invalid so Garbage Collection can pick it up as well. Even though GC has been show not to clean everything it doesn't hurt.

Backup app data on non rooted devices?

Hey guys,
I want to update to Android 12 on my S21 Ultra. But since I'm not rooted, I can't use my lovely TitaniumBackup from back in the time.
Last time I made a backup, some people said not to use SmartSwitch because it's causing problems on the newer OS and may slow down recovered apps.
I also want to know if SmartSwitch saves all the app data such as settings inside of apps etc.
Are there any better options on backing up app data without root?
Greez,
skrippi
skrippi said:
Hey guys,
I want to update to Android 12 on my S21 Ultra. But since I'm not rooted, I can't use my lovely TitaniumBackup from back in the time.
Last time I made a backup, some people said not to use SmartSwitch because it's causing problems on the newer OS and may slow down recovered apps.
I also want to know if SmartSwitch saves all the app data such as settings inside of apps etc.
Are there any better options on backing up app data without root?
Greez,
skrippi
Click to expand...
Click to collapse
There are ways to backup app data for user apps without root but not ways to backup system data. Also, if you're switching from one device to another, backing up system app data would not be useful because restoring system app data from one device to another would probably cause issues. In this case, backing up only your user app data is what you need.
Here are two relatively simple methods.
1) You can connect the device to your PC, then use Windows file explorer to open the device's storage, find the Android/data folder, inside that folder you will find a folder in which each user app stores its data. Make a copy of all the folders that contain app data that you want to keep and dave them on your PC. Then connect the new device and use Windows file explorer to transfer those copied folders to the Android/data folder on the new device then reboot the device. This will transfer all data for each user app, including its internal app settings.
2) You can use the adb backup method, using the proper command to backup only user app data then use adb commands to transfer that data to the new device.
[GUIDE] Full Phone Backup without Unlock or Root
Like a lot of you, I have been putting off unlocking the bootloader on my Nexus because I didn't want to have to go through the hassle of backing up everything manually and restoring individual application data; logging back into apps; saving...
forum.xda-developers.com
You can likely safely use SmartSwitch to backup at least your homepage settings.
Apps it may or may not work when going between different devices or OS versions.
On my new N10+ running on 10 I inadvertently backed up the apps to be copied from my other N10+ running on 9. It worked, including the Goodlock physical navigation buttons migrated as well.
So if you're having issues after using SmartSwitch*, do another factory reset without it.
Otherwise it may work fine even with the apps going from 11 to 12.
I would go from the full tour...
Another Adroid mad scientist experiment
*always backup critical data redundantly to at least two hdds that are physically and electronically isolated from each other and the PC. SmartSwitch can fail miserably. Backup all critical data separately from SmartSwitch backup!!!
@skrippi
SmartSwitch is a tool provided by Samsung to transfer virtually all data you can think of from one Samsung phone to another Samsung phone via Wi-Fi.
Personally don't think it doesn't properly work: Samsung cannot afford such a disgrace.
xXx yYy said:
@skrippi
SmartSwitch is a tool provided by Samsung to transfer virtually all data you can think of from one Samsung phone to another Samsung phone via Wi-Fi.
Personally don't think it doesn't properly work: Samsung cannot afford such a disgrace.
Click to expand...
Click to collapse
Last time I used SmartSwitch it copied all my apps, but not the settings I made inside those apps which makes this program totally useless for me.
xXx yYy said:
@skrippi
SmartSwitch is a tool provided by Samsung to transfer virtually all data you can think of from one Samsung phone to another Samsung phone via Wi-Fi.
Personally don't think it doesn't properly work: Samsung cannot afford such a disgrace.
Click to expand...
Click to collapse
Lol, you never used Samsung Kies, it was much worse
skrippi said:
Last time I used SmartSwitch it copied all my apps, but not the settings I made inside those apps which makes this program totally useless for me.
Click to expand...
Click to collapse
Bare in mind the reason one is doing a factory reset is they lost control of the situation and can't troubleshoot the device effectively. It's meant to be a full nuke of user data.
Most app data isn't critical. Some of that data may be the root cause of the problem requiring the reset.
All critical data should already be backed up. Apps that don't support backup for their critical data shouldn't be used in the first place. Quality apps like PowerAmp, DIGI Clock and Color Note offer full offline backup support. Going through your other apps as you're setting them up refamilarizes you with them and allows you to correct setup mistakes made previously.
The goal of factory reset is to iron out the mistakes you made on previous loads.
This N10+ running on Pie has been factory reset 3 times (2 of those where boot loops). The last load was finally a clean one, after 22 months it remains fast, stable and fulfilling its mission with minimal maintenance. Any occasional problems since the reload were solved without a reset.
Stock Androids can be very stable and secure if you are careful what you load, and do regular maintenance as needed. I use Device Care, SD Maid, Karma Firewall, Package Disabler to do maintenance along with clearing the system cache. I never update the firmware and rarely update apps. I also keep installable copies of all apps and app updates (multiple versions) for repairs and reloading. I can do a full reload from my SD card with no internet access with no critical data loss. Intial setup with a full app load up takes about an hour.
If you put some thought into it a stock Android can be one of the best PCs on the planet. If you do a factory reset, be prepared and think it out beforehand.
Always redundantly backup critical data to at least two hdds that are physically and electronically isolated from each other and the PC. Verify the data is readable and all there. Never encrypt or clone data drives*!!!
Go for the clean load you missed on previous loads... that's the goal of a factory reset.
*If you use SmartSwitch make sure all critical data is backed up independently of SmartSwitch; folder by folder cut/paste.

Why is Android not providing backup of app data?

Hello community!
I think this is the best place to ask this question as this is a forum of default for all developers.
Why is Android not providing backup of app data?
On iOS, factory reset and restore is a breeze. The process is extremely simple, and there is absolutely no user intervention required after a factory reset. iOS simply puts everything in its place as if nothing happened. Same is true for macOS, WatchOS & iPadOS. This is just a wonderful implementation. The only limitation is if an existing app is no longer available on the Apple AppStore. In that case, the app data would still remain in the cloud (or iTunes backup), and can be easily restored if the app (.ipa file) is backed up using iTunes (or similar 3rd party software).
Can someone answer why the same is not available on Android, despite it being the more versatile software?
As far as I know, backup over ADB isn't reliable. And more importantly, ADB isn't for everyone.
Thanks.
android is google. there exist native backup option to backup app data in google drive. adb backup is androids native backup option. it will save apps data to PC and can restored even to other devices.
so your question should be, why android provides solution to app developers protecting their app data from backup.
aIecxs said:
android is google. there exist native backup option to backup app data in google drive. adb backup is androids native backup option. it will save apps data to PC and can restored even to other devices.
so your question should be, why android provides solution to app developers protecting their app data from backup.
Click to expand...
Click to collapse
The native backup solution doesn't backup most of the apps data. As a result, most things must be setup from scratch after a factory reset. The process isn't automatic and requires plenty of manual work. This is clear from the numbers below:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Size of actual backup:
It is clear that most apps are not backed up, and only a very few apps' data is included, which I believe is mostly Google stuff.
That said, why does Android allow developers to prevent their apps' data from being backed up? This doesn't make sense because the data belongs to the user, not the developer of the app.
what you don't understand app data can be perfectly backed up. it's just the app developers they decide whether it's allowed or not. It's controlled in AndroidManifest.xml
android:allowBackup="true" API level < 30
android:debuggable="true" API level > 30
https://developer.android.com/about/versions/12/behavior-changes-12#adb-backup-restrictions
btw your screenshots refer to EXTERNAL_STORAGE
https://developer.android.com/training/data-storage
aIecxs said:
what you don't understand app data can be perfectly backed up. it's just the app developers they decide whether it's allowed or not. It's controlled in AndroidManifest.xml
android:allowBackup="true" API level < 30
android:debuggable="true" API level > 30
https://developer.android.com/about/versions/12/behavior-changes-12#adb-backup-restrictions
btw your screenshots refer to EXTERNAL_STORAGE
https://developer.android.com/training/data-storage
Click to expand...
Click to collapse
On iOS, the backup doesn't include apps' own data (those that are required for the app to run properly), instead only the data that the app has collected from the user, such as settings, login credentials, etc. So that when the user restores a backup, everything simply works like nothing happened. And this includes crucial apps like Banking apps too.
During the restore process, the system downloads the apps automatically from the Store that comes with the entire database, libraries and other files that the app needs to run properly, which isn't part of the backup. The user doesn't have to worry about any of these things as the system handles EVERYTHING automatically.
I don't understand why App Developers should have a say in whether the user specific data that they collect and store in their working directories should be part of the backups. That data belongs to the user and as such only the user should decide whether it needs to be backed up or not, just how it is in iOS.
On Android, where does the app save all of user configurations and files?
I think we can track it down to simple rule.
if you wanna have control and responsibility about your phone in your hands, use android.
if you don't care a f** about what's stored in cloud - buy iPhone
aIecxs said:
I think we can track it down to simple rule.
if you wanna have control and responsibility about your phone in your hands, use android.
if you don't care a f** about what's stored in cloud - buy iPhone
Click to expand...
Click to collapse
You missed an important point: on iOS, user decides whether his data that is collected by an app should be backed up to the cloud or not. You get to control what to backup, and what not to backup. If user chooses to save in the cloud, Apple is pretty good in keeping that data secure. Most cases of breach are users' own stupidity.
With Android, it is absurd that the app developers make this decision for the users. And you are saying one should use Android if he wants to take control of this. I don't see a simple or reliable way to do that.
Yes because Android is highly customizeable. I know how to backup my data. There exist TWRP, Migrate, Titanium, and I never used any cloud. Btw the last thing I would backup is /storage/emulated/0/Android this is the first directory I always delete, and I never lost any app data (although I don't know what obb really contains as I never played games, used WhatsApp or any other memory wasting stuff)
It's okay if it is absurd to you, but sure it's not a technical reason. I have linked the documents explaining. To me it would scare me to dead if my device would re-install everything and becomes in the exact same state as before factory reset
TheMystic said:
The native backup solution doesn't backup most of the apps data.
Click to expand...
Click to collapse
can you give example app please, let's do reality check
It's simple, main reason is GDPR, cmiiw
Data needs to be separated between application data (config, everything that is not stored any customer/user/client information) and user's data (login sessions, anything that might compromise customer/user/client information).
For most application data, it can be safely assumed, google, huawei, or any third party software, can back it up, stores it in any kind of their backup storage (cloud, ftp, you name it), and restores it as they wished. However, as the user's data, they cannot. At least without user's consent. And it's because of GDPR.
And @Alecxs is correct. Imagine if someone can restore your data in their phone, and then they were identified as you, imagine the horror. If you think no it's impossible, think again. If you think Apple is secure and that's not possible, think again.
And now, why many backup apps exist in play store that can do that? Simple, they don't provide any kind of agreement that they will store your data in their storage, it's always in your local storage or your own cloud storage (dropbox, drive, you name it). And because there isn't any clear protocol from android to do so (separated backup between application or user data), most of them needs to be operated under root.
aIecxs said:
Yes because Android is highly customizeable. I know how to backup my data. There exist TWRP, Migrate, Titanium, and I never used any cloud. Btw the last thing I would backup is /storage/emulated/0/Android this is the first directory I always delete, and I never lost any app data (although I don't know what obb really contains as I never played games, used WhatsApp or any other memory wasting stuff)
It's okay if it is absurd to you, but sure it's not a technical reason. I have linked the documents explaining. To me it would scare me to dead if my device would re-install everything and becomes in the exact same state as before factory reset
Click to expand...
Click to collapse
Less than 2% of Android users install a custom recovery and/ or root their device. And a much smaller number use ADB to take care of a few things on their non-rooted device. I'm talking about backup solution for the remaining over 98% users.
Pretty much everyone knows how to backup their stuff. It's just that there is a lot of work to do and requires patience. An automated backup solution helps in saving plenty of time and unnecessary work for the user.
There are, however, some situations where the user is helpless. I was playing a game for a long time, spent a good amount of money on in-app purchases, and when I bought a new phone, there was no way to transfer all that stuff. That game provided no means (either using Google Play Games or Social Media integration) to backup the user account. I wrote to the developer several times, but never got any response. I even complained to Google, but nothing happened for a pretty long time. I stopped buying stuff in that game. Many months later, the developer finally allowed saving game data to Google Play Games. Although I could now move my stuff to my new device, it was just too late. I lost interest in that game. In my case, I still had the old device with me, and working fine. So I could save all my details to Google Play Games. Imagine if someone lost their device, or broke it, or sold it...for them all that money spent in that game would be gone.
'As with your scare me to death' statement, I think you haven't understood how backup & restore works on iOS. iOS will wipe everything on your phone, do a fresh installation of the OS, download all your apps again, and then restore user settings, login credentials, etc, which pretty much takes care of EVERYTHING. The user has no work to do here. But the system is fresh, and all the junk built up over time by both the system and the apps are now gone! It is NOT a system image and restore that will bring everything back, including the unwanted stuff. So your device isn't actually in the exact state like before. It is much leaner, cleaner and much more efficient. The exact same thing happens when you migrate to a new device. Only the things that matter are migrated, the rest are not.
Do note that the user has full control over which apps to backup, and therefore, which ones will be restored/ migrated.
aIecxs said:
can you give example app please, let's do reality check
Click to expand...
Click to collapse
If I factory reset my Android phone, the backup will only restore call logs, sms, contacts, and a few basic stuff. It will also download all my apps from the Google Play Store. But here ends the similarity. Beyond this, the user has to setup every app from scratch, with the exception of a few like Google's and Microsoft's cloud based apps. User also has to setup all the permissions for apps from scratch. There is a lot of work involved, which can be easily avoided if Android provided an automated way of getting this done.
User configuration files and login credentials belong to the user. You haven't explained why app developers can choose whether this information can be backed up or not. To me, it seems like Android has a big limitation in the way it is designed, and so is unable to provide a simple backup solution that takes care of these things like in iOS.
x3r0.13urn said:
It's simple, main reason is GDPR, cmiiw
Data needs to be separated between application data (config, everything that is not stored any customer/user/client information) and user's data (login sessions, anything that might compromise customer/user/client information).
For most application data, it can be safely assumed, google, huawei, or any third party software, can back it up, stores it in any kind of their backup storage (cloud, ftp, you name it), and restores it as they wished. However, as the user's data, they cannot. At least without user's consent. And it's because of GDPR.
And @Alecxs is correct. Imagine if someone can restore your data in their phone, and then they were identified as you, imagine the horror. If you think no it's impossible, think again. If you think Apple is secure and that's not possible, think again.
And now, why many backup apps exist in play store that can do that? Simple, they don't provide any kind of agreement that they will store your data in their storage, it's always in your local storage or your own cloud storage (dropbox, drive, you name it). And because there isn't any clear protocol from android to do so (separated backup between application or user data), most of them needs to be operated under root.
Click to expand...
Click to collapse
GDPR? Seriously?
Is GDPR not applicable to Apple?
And GDPR is not about backup and restore. It is about collecting user data without authorization AND using it for purposes that benefit someone else.
For the purposes of backup, all data remains with the user account and not used for any purpose other than to restore the same to the user's device(s), subject to credentials verification.
By your logic, there cannot be any cloud based solution either, including emails!
As mentioned before, Apple is pretty good in taking care of their cloud services. And so is Google. Most cases of breach have been found to be a fault at the users' end. Someone keyed in their credentials in the wrong place and then complained that their account is compromised, their photos have been leaked - not Apple's fault.
TheMystic said:
it seems like Android has a big limitation in the way it is designed, and so is unable to provide a simple backup solution that takes care of these things
Click to expand...
Click to collapse
please give me example app pkgname so I can double check
aIecxs said:
please give me example app pkgname so I can double check
Click to expand...
Click to collapse
You can take any app on your phone which isn't cloud based. Take the file manager app for example. I have set up several remote connections on my file manager. There is no way this information will be restored from the stock Android backup. I will have to setup all remote connections again if I were to uninstall this app and reinstall it. Same holds true if I factory reset my phone or migrate my information to a new device. Android will only reinstall the app for me automatically. I will have to setup all remote connections manually, AND also setup all the custom configurations for the app that I have setup in System Settings.
Only if the app itself provides a built-in way to export all the configurations, will I be able to export them and import it back after a factory reset/ migration. Even then, the configurations (or permissions, etc) for the app under System Settings must be redone manually on Android.
can you please provide pkgname (or google play link) of your file manager, so I can double check?
aIecxs said:
can you please provide pkgname (or google play link) of your file manager, so I can double check?
Click to expand...
Click to collapse
Because this is applicable for all non-cloud based apps which are the majority, I don't have to be specific.
But, since you asked, here are a couple :
1. https://play.google.com/store/apps/details?id=com.alphainventor.filemanager&hl=en
2. https://play.google.com/store/apps/details?id=com.teslacoilsw.launcher&hl=en
okay I am not going to test crappy google one backup on my daily driver, as I don't want to safe my phone to cloud for reason.
Haven't checked Nova Launcher but for File Manager I can say android:allowBackup="true" is allowed in AndroidManifest.xml, so adb backup and restore of app data will work (I can test it later)
Not sure what you mean with non-cloud based apps, are you trying to say these apps can't backed up from google drive? If so, who decides if an app is "cloud based" or not?
aIecxs said:
okay I am not going to test crappy google one backup on my daily driver, as I don't want to safe my phone to cloud for reason.
Haven't checked Nova Launcher but for File Manager I can say android:allowBackup="true" is allowed in AndroidManifest.xml, so adb backup and restore of app data will work (I can test it later)
Not sure what you mean with non-cloud based apps, are you trying to say these apps can't backed up from google drive? If so, who decides if an app is "cloud based" or not?
Click to expand...
Click to collapse
Most of the important/ critical information are already in the cloud for almost everyone. This includes emails, photos & videos, documents, etc. for those who use Cloud Storage (which is pretty much everyone, with an exception of an insignificant minority, insignificant being purely in terms of numbers).
Which also means that all login credentials are already with the service providers in encrypted form, in the cloud. So there isn't really anything critical in the app backups that isn't already there in the cloud. App specific configurations don't come under critical information, and as such all that data should never leave the device, unless it is part of the system backup. More importantly, that data belongs to the user, and there is no reason app developers should have a say in whether that should be available for backup or not. It simply shows that Android is most likely limited by its flawed design on this issue.
Pretty much everyone uses the built-in Backup feature provided by Google, and it makes sense to use that over others like Samsung Cloud because a Google backup is available on all brands of Android devices. I haven't used Samsung Backup or other OEM specific backups, but I guess they are pretty much the exact same like Google Backup, the only difference being the service provider.
By cloud based apps, I mean apps that save all data in the cloud, e.g. Gmail, Outlook, Google Keep, Microsoft OneNote, Google Drive, OneDrive, etc. Apps like file managers, launchers, clipboard managers that don't use a cloud, firewall apps, etc that work locally are the apps whose data must be backed up to the cloud. Again, by app data I mean the user configurations (e.g. remote/ cloud connections set up in a file manager) and login credentials that belong to the user, and not the app or its maker.
user configurations (e.g. remote/ cloud connections set up in a file manager) and login credentials for com.alphainventor.filemanager can backed up, I don't see a problem here besides the fact the app developer seems to agree with your opinion and does allow it (there are good reasons for app developers to deny, I can give you example if you want)
lets stay at facts, regardless of your opinion post #2 applies. Android is providing backup of app data
aIecxs said:
user configurations (e.g. remote/ cloud connections set up in a file manager) and login credentials for com.alphainventor.filemanager can backed up, I don't see a problem here besides the fact the app developer seems to agree with your opinion and does allow it (there are good reasons for app developers to deny, I can give you example if you want)
lets stay at facts, regardless of your opinion post #2 applies. Android is providing backup of app data
Click to expand...
Click to collapse
Please, adb doesn't come under official backup feature provided on phones. ADB, root, custom recovery, etc. are for a niche of users who are an insignificant minority of the user base.
So, Android needs to provide a way or redesign itself where it's Backup & Restore function is just as seamless and effortless, as it is on iOS.
Do let me know what 'good reasons' app developers have to opt out of data backups. Hope they do realise that no one is interested in the app specific stuff, they only care for their own configuration files. And those who do, they know how to root and extract all app data.

Categories

Resources