Related
I need to erase all data from my phone Sprint PPC 6700 (HTC Apache). How to do it to completly remove all my data from it?
I do not want to hear that there is "Clear Storage" procedure on device because you can retrive that kind of erased data. It brings device to factory state but you can still retrieve data.
Any program which will eg. 10 times write down in free memory space with 0's and then 1's.
I do not want any information to be recovered, info in device is strictly confidential like TaxIDs, SocialSecurityNumbers, passwords and other sensitive data.
It is like with computer format hard drive - normal user will not see data but user with knowledge can access it.
I do not post question in HTC Apache forum because maybe somebody have or may have similar problem with different device.
on wm2005 you format from inside the bootloader
There is no default secure way.
If you're that concerned about the sensitive data now, then really I am surprised it wasn't encrypted anyway.
If it was, simply use the same application to secure wipe those files, and then you have no problem.
If not, use something like http://www.pocketpcfreewares.com/en/index.php?soft=1694 to delete the files you are concerned about, and then simply wipe the storage as normal.
Also, possibly use wm5torage and write/rewrite until you are satisfied with the result.
Rudegar said:
on wm2005 you format from inside the bootloader
Click to expand...
Click to collapse
May you please give me magic commands to do it?
Thank you
Well, format it from the bootloader sounds just like a normal formatting. Anyway, if you do not have ultra secret important information, nobody with that amount of skill will want to hack and recover your data after a hardreset. If you were to ask the gurus here, they may not want to go through the trouble to recover them (if possible at all). If you were to ask me, you are just being paranoid. The chances that your phone will fall into a hand of a [1]hacker capable of recovering data from hardreset phone AND [2]person interested in your data, is very very slim. You will be more likely to have your information stolen surfing the web (wired), getting a trojan in your PC, stolen via wireless, etc.
Anyway, the US military standard of 12 times write on a hardisk ensures that no data can be recovered via physical means. That is to disassemble the hardisk, and using sophisticated electron scanning equipment to get the data. That's because normal reading via the usual way is not possible after just 1 write.
Anyway, having babbled the above, from what I experienced from retrieving data from a hardisk (the normal way), your data is relatively gone if you fill it up with stuff. SO, if you can just hardreset your device, copy some movies, mp3s over (eg via WM5Storage) until it is full, and then hardreset it again, it ought to do the job. If you are still worried, do this 12 times. Those that are good enough to retrieve your data will just get he movies/mp3s you use.
FYI:
On magentic storage, like hard drives, one pass of zeros is sufficient to write over the data such that not even an electron microscope could determine what the bits previously contained. It may have once been possible on 10-20 MB MFM hard drives in the early 80s, but is certainly not possible anymore.
The American military and intelligence agencies use the same clean-room data recovery procedures as do commercial data recovery houses, and in fact often contract out to those houses.
Flash memory I'm not so sure about, especially because a lot of flash memory uses redundant sectors to fill in when a given sector has exceeded the number of read-write cycles it's supposed to be capable of.
I would probably just fill the device up with files, delete and repeat like hanmin is suggesting. If your data is so important that someone would try to steal the device (or buy it from you) and then subject it to a military-grade inspection, you can probably afford to destroy the device physically or at least destroy the memory chips inside it and resell it for parts.
mikesol: Thanks for clarification.
Latelly I read article about guy who recovered average od 20k pages from PocketPC Phones after where were "Clean Storaged" and owners thought that data are safely deleted.
Maybe I am paranoid but if somebody gave me theirs personal/confidential data I try to protect them as much as possible.
Device will stay in one company, but probably next person will not have such vital information as I did. That is why I try to clean it as much as possible.
Now, I am satisfy with what I did.
FYI: I do not work with DoD or cooperating company but level of security is high, ie. old harddrive - 10 times write over + drill over and apply acid inside. Just to be safe
http://www.informit.com/guides/content.asp?g=security&seqNum=234&rl=1
good read
Haahaha, with our old hard drives at my company we just take them apart and then tack up the platters because they look cool.
From what I've been reading, wear-levelling may make it possible to recover "old" bits on a memory card, but there's no context for them - the FAT (or whatever filesystem you're using) won't retain any links to them and it's possible that the microcontroller built into the memory card simply won't allow access to sectors that have exceeded their read/write cycle count.
Regardless, all that would be left in those sectors would be some random bits, context-free and virtually impossible to recover from.
As of now, most of the data recovery techniques for flash rely on the ability to read bits off of the card, and then applying the same utilities to them that you'd use for a disk image of a hard drive. I haven't read about any advanced, dissection-based approaches to determine whether previous states for a given bit can be read even when a bit has been overwritten.
I'd think that there's probably no good way to do that without a massive expenditure in R&D, and you're probably safe filling the memory up once or twice with a format after each. Anyone that gets old data back after that won't be going after you, they'll be working for the NSA or something.
Hmm.. I never thought I will see this, such software do exist!
http://pocketpcapps.net/fileshredppc.aspx
Pawlisko, you may ask your company to get a few copies of this.
hanmin - I used exactly this program. I do not have Apache no more and I feel quite secure about wipe out.
Probably my company will use this software in future, but for now our major concern is case when somebody will lose device. Of course we will remotly wipe it out, but data will not be securly deleted.
Every employee knows that loosing device is not an option
You used this software before or after my post? You ought to let others know your discovery
Anyway, in what form your 'secret' information are in? I mean, text, recordings, pictures? There are some software out there that do encrypt these things. I mean, if they were to be encrypted at stage 1, you won't have to worried about it anymore. If you were to let us know in what form the information is, probably members here can think of a better idea
So, what are you using now?
when it is avaliable, ma i recommend that your company upgrades to wm6, it has built in encryption for everything (optional) it will even encrypt stuff on sd cards.
If by WM6 you mean Crossbow, the encryption option is for the SD card, not the internal memory.
It's so that if you remote wipe a device, the contents of the card can't be read on another device or system, unless you restore that device from ActiveSync.
If the company information is that sensitive, it should be stored encrypted with any one of the hundreds of applications aimed at corporate users.
If they aren't doing this, then their IT department simply is not providing the solution to the business that it should be, and someone should do something about it.
Something like this will encrypt all of the PIM, and for instance your My Documents folder so all files stored will also be encrypted.
http://www.safeboot.com/products/device-encryption/windows/
And this one is quite impressive, I saw a demo at IPSEC in London last time:
http://www.pointsec.com/products/smartphonepda/
hanmin - fileshredppc I used after your tip, thank you very much.
What is sensitive stuff - PIM, text, PDF files and photos. Do you know any good solution to encrypt it in Stage 1?
Midget_1980 - for now on there are no plans to go for WM6. But I am monitoring if WM6 would be worth to invest money in it.
AlanJC - I will investigate your links. Thanks in advance.
Hi,
My name is Chris, I work for a company called Mobile Genius.
We sell second hand mobile phones mainly on eBay, hoping to set up our own eCommerce site sooner rather than later. However this is not why I'm here. For a lot of issues with phones, from flashing to hard resetting a device, XDA has been great for me and really helped me out. So thanks to all the people who post here, and whoever takes the time to reply to me now.
We have a Z3X box and a piece of software called Chimera (only got Chimera 2 days ago). They save us a lot of money on unlocking devices. I've been looking into flashing all of our phones, as a lot come with passwords and data on already and they must be wiped before being sold. Does anyone know if it's possible to flash more than one phone at a time on the same computer?
Question 2:
Is there any kind of testing tool to test an Android device. For example, we must go through each device one by one, testing the speaker, ear piece speaker, microphone, buttons, touch screen, WiFi and other tests. This is a must, especially with second hand devices. We don't sell iPhones due to they seem to break easier than other phones (personal opinon, but I do have an iPhone myself ) So this would be needed for android devices only.
Question 3:
In regards to flashing devices. We are wondering whether it's possible to create your own branding, like how the networks add there branding so it is seen on the boot process and the wallpaper. How would one go in regards to adding this to each device. I was curious whether it's possible to make a file which can be flashed onto each device. For example when I use the Z3X box to change the network unlock code to 00000000 on an Ace 2 it requires me to root the device as it's unable to root the device automatically. The easiest way I found was to copy an update.zip file to the phones memory and then flash a pda file which is rooted and it then makes the device rooted) Is there a simple way I can have a pda file and flash it to the phone and it will keep the original software but just add branding with our logo? Or if anyone knows of a completely different way to do this but quickly I'd be very grateful for any advise.
If any of the above has been answered elsewhere, send me a link and call me a noob and I'll get the info from there.
Thanks
Chris
kimber015 said:
Hi,
My name is Chris, I work for a company called Mobile Genius.
We sell second hand mobile phones mainly on eBay, hoping to set up our own eCommerce site sooner rather than later. However this is not why I'm here. For a lot of issues with phones, from flashing to hard resetting a device, XDA has been great for me and really helped me out. So thanks to all the people who post here, and whoever takes the time to reply to me now.
We have a Z3X box and a piece of software called Chimera (only got Chimera 2 days ago). They save us a lot of money on unlocking devices. I've been looking into flashing all of our phones, as a lot come with passwords and data on already and they must be wiped before being sold. Does anyone know if it's possible to flash more than one phone at a time on the same computer?
Question 2:
Is there any kind of testing tool to test an Android device. For example, we must go through each device one by one, testing the speaker, ear piece speaker, microphone, buttons, touch screen, WiFi and other tests. This is a must, especially with second hand devices. We don't sell iPhones due to they seem to break easier than other phones (personal opinon, but I do have an iPhone myself ) So this would be needed for android devices only.
Question 3:
In regards to flashing devices. We are wondering whether it's possible to create your own branding, like how the networks add there branding so it is seen on the boot process and the wallpaper. How would one go in regards to adding this to each device. I was curious whether it's possible to make a file which can be flashed onto each device. For example when I use the Z3X box to change the network unlock code to 00000000 on an Ace 2 it requires me to root the device as it's unable to root the device automatically. The easiest way I found was to copy an update.zip file to the phones memory and then flash a pda file which is rooted and it then makes the device rooted) Is there a simple way I can have a pda file and flash it to the phone and it will keep the original software but just add branding with our logo? Or if anyone knows of a completely different way to do this but quickly I'd be very grateful for any advise.
If any of the above has been answered elsewhere, send me a link and call me a noob and I'll get the info from there.
Thanks
Chris
Click to expand...
Click to collapse
Yes, possibility exists for all three questions of yours.
Q1) You could make a wipe.bat file which wipes through adb, requires batch programming knowledge.
Or you could look under my signature. You will find an ultimate tool, it is basically a tool which can bend your Android in any way... It has wipe option factory reset
Q2)Yes, for MTK there's a built in function called engg. Mode which is used to detect errors, for other devices. Some bootloaders support factory mode. Which is also used for a complete checkup
Q3) Yes, your boot.img holds the Bootlogo (you can extract the boot.img from the tool in my signature and leave regards ) wallpaper also resides in system somewhere (forgot exact loc). And es EFS part can be reprogrammed but could be illegal (?)
HIT THANKS if you like my post
-------------------------------------------
My work:
[TOOL]Kernel/Boot.img (un)packer
So I'm selling my old Meizu M2 Note which is running Flyme OS that doesn't allow me to encrypt the whole phone. How can I ensure the data is actually gone before selling? Normal wiping doesn't erase everything.
That's a good but hard to answer question.
A good old fashioned hard drive can be single pass overwritten (debate about overwrite passes is still an open discussion) making it unrecoverable for anything but an MFT, Mobile devices use flash memory just like a USB drive or an SSD.
What is the difference? Wear leveling (https://en.wikipedia.org/wiki/Wear_leveling).
Because of that people came up with crypto-shredding or crypto erase which only truly works with Hardware Encryption because Software encryption can never, with 100% certainty, know how the wear leveling reacts on every device.
You already said this isn't an option so what can you do to be sure nothing can be recovered? The answer is unfortunately short, nothing.
However recent research showed that multi pass overwriting caught a lot of data but even the Gutmann method (35 passes) did not get rid of everything (I forgot the link to the Whitepapers).
That said, you aren't selling it to a forensic specialist.
My best suggestion is to use one of the higher rated wiping apps (Shreddit for example) to first destroy your files, then factory reset and download a few good recovery apps and again a wiping app. Make sure you can't recover your own files anymore (if you have very sensitive data you can connect it to a PC and use even better recovery or, if you are paranoid, forensic tools) then overwrite it with as many passes, rounds and algorithms you feel comfortable with. Check recovery tools again and call it a day when you feel satisfied.
This WILL eat at the wear level so keep that in mind when you want to start overdoing it.
Not everything will be gone but it's as good as it's going to get and I highly doubt the person you sell it to will be able to recover anything.
Good luck!
GU42 said:
So I'm selling my old Meizu M2 Note which is running Flyme OS that doesn't allow me to encrypt the whole phone. How can I ensure the data is actually gone before selling? Normal wiping doesn't erase everything.
Click to expand...
Click to collapse
#noob guide incoming
(potentially useless and harmful)
i just thought of it
shred memory
download custom rom and flash
fill memory with stuff
shred again
xD
TheMarchHare said:
That's a good but hard to answer question.
A good old fashioned hard drive can be single pass overwritten (debate about overwrite passes is still an open discussion) making it unrecoverable for anything but an MFT, Mobile devices use flash memory just like a USB drive or an SSD.
What is the difference? Wear leveling.
Because of that people came up with crypto-shredding or crypto erase which only truly works with Hardware Encryption because Software encryption can never, with 100% certainty, know how the wear leveling reacts on every device.
You already said this isn't an option so what can you do to be sure nothing can be recovered? The answer is unfortunately short, nothing.
However recent research showed that multi pass overwriting caught a lot of data but even the Gutmann method (35 passes) did not get rid of everything (I forgot the link to the Whitepapers).
That said, you aren't selling it to a forensic specialist.
My best suggestion is to use one of the higher rated wiping apps (Shreddit for example) to first destroy your files, then factory reset and download a few good recovery apps and again a wiping app. Make sure you can't recover your own files anymore (if you have very sensitive data you can connect it to a PC and use even better recovery or, if you are paranoid, forensic tools) then overwrite it with as many passes, rounds and algorithms you feel comfortable with. Check recovery tools again and call it a day when you feel satisfied.
This WILL eat at the wear level so keep that in mind when you want to start overdoing it.
Not everything will be gone but it's as good as it's going to get and I highly doubt the person you sell it to will be able to recover anything.
Good luck!
Click to expand...
Click to collapse
Thanks for your amazing reply!
I finally found the solution I was looking for: as Avast! support told me, you can still use Avast! Mobile Security to securely erase your phone (by overwriting data), it's just a hidden feature. You just have to deactivate the Device Administrators permission for the app.
Then you just use the "erase device."
Was that research about multi pass overwriting done on SSD, or HDD? I always thought that one pass is enough on a standart HDD.
Can you recommend me any good forensic tools to use to check if the data is truly erased, please? And does the phone need to be rooted in order to restore deleted data?
Thanks for all your insight and advice !
GU42 said:
Thanks for your amazing reply!
I finally found the solution I was looking for: as Avast! support told me, you can still use Avast! Mobile Security to securely erase your phone (by overwriting data), it's just a hidden feature. You just have to deactivate the Device Administrators permission for the app.
Then you just use the "erase device."
Was that research about multi pass overwriting done on SSD, or HDD? I always thought that one pass is enough on a standart HDD.
Can you recommend me any good forensic tools to use to check if the data is truly erased, please? And does the phone need to be rooted in order to restore deleted data?
Thanks for all your insight and advice !
Click to expand...
Click to collapse
Avasts shredder works but it's a single pass on flash memory so it doesn't clear everything with 100% certainty because of the wear leveling but no algorithm does. I'm pretty sure that's a feature they added after purchasing CCleaner.
They also added it as a module in their windows platform.
The multi pass research was done on Solid State Drives and I still can't find the link. Just from a research paper in 2011.
SSD's are still closest in comparison to the kind of memory used in Mobile devices.
As for HDD's it's an open debate. Forensics have claimed to be sble to read past 200 writes in the past but there is no research to support this. I believe that they showed that 1 pass PRNG is enough in 2005, however the DoD was still developing machines to perform 7 pass DoD standard wipes so, I have to say that I have no idea.
If you want serious forensic tools you're looking at these kind of distributions (infosec just made me laugh, SSL_ERR_CERT_COMMON_NAME_INVALID, it's infosec! ??).
http://resources.infosecinstitute.com/computer-forensics-tools/
But if anyone you sell it to would try something it would be more along the lines of Recuva and similar software.
On phones you can just download a bunch of high rated recovery tools and see if anything pops up.
You do not need root for most of them.
You could run fstrim which I'm pretty sure has no root requirements either. This would mark all blocks as invalid so Garbage Collection can pick it up as well. Even though GC has been show not to clean everything it doesn't hurt.
Good morning to all,
I would like to make a query, I put you in situation before.
After months, I have "recovered" photos and videos, what I could from an internal 3Tb disk, before my wife kills me.
There are more than 90,000 files with photos and videos for more than 15 years.
I have recovered them with various programs using Windows and MacOsX. Some programs like recuva, diskdrill, recoverit, ... but it is clear that each one does it in their own way. Not all are with the creation dates, ... a problem that they are not in .raw.
The problem is that after recovering I passed other programs to see if they were fine or if there was any corrupt and there were some videos that had been mounted on top of each other, different resolutions or a part of the video was fine and another was not.
I have tried to look at DUPLICATED or REPEATED files but of course I can't find good software. I have seen some payment that could be useful but I cannot pay the 100 euros they ask for, without any guarantee, since they only allow part of the program to be tested: Video Comparer is good.
I have tried more than 20 different mac and windows programs but I don't know how that algorithm works or those md5, sha, csc ... I don't know.
I want to be able to rule out bad or repeated ones but this has already become an EXTREME SITUATION.
CAN YOU PLEASE HELP ME.
Regards, and thank you very much.
Hello, I ask for help and assistance, please.
Sony M2 - D2305
The whole tutorial was read carefully and followed as is, it was achieved, used and tried to meet the objectives happily, it is not my first flash, nor the first device to die (another lg L80 d375ar) I have vague concepts thanks to the forum and booble, I understand something. I am not a developer but I would like to go deeper, without more, I will give a description with my best effort and in the end I will go to the problem in question. (which arose from layer 8 human error in an oversight)
-the bootloader was successfully unlocked;
-I don't remember which flashtool version to use, I have 0.9.18-6 as recommended; following 0.9.22-3 (I think I used this); 0.9.25-0; 0.9.33-0; 0.9.34-0;
-all those files in theory means that then, they work, it was used very well (congratulations to dev's, great job);
-woow!! What's that? Did you launch a new updated version of the lineage, good! I want to try that now! (telling me);
TROUBLE:
Between so many times that I have done it, after doing the format, and the corresponding wipes ... I realize that I never inserted the sd card.
I slide on off.
There is no system, it does not light its LED light under any combination, its battery was at 100%, there is no dfu, there is no recovery, there is no download, no adb, no fastboot, the battery was removed, I charged it with a source of experiments and its voltage is correct, it was allowed to drain and retry after several months assuming the kernel is the one who tried to charge the battery by auto-restarting, and correcting itself, it was tested with every program found in Windows and Linux, and not gave signs of nothing.
win32
semc_device
win64
somc_device
linux
qhsusb_bulk
DEAD!! x_X
*this reminded me of the other device mentioned, qhdloader9008 or something like that, in addition to the qhsusb_bulk, it died with its stock-rom forcing shutdown with buttons because it frozen, among the few possible solutions found and tried, it is mentioned about another possible ported solution, It consists of something like making a copypaste of a complete image of all internal sectors and taking it to the sd-card, and I remember that it almost revived although something was missing and I no longer remember, I could try again but it did not work.
**I have hopes that someone with a lot of knowledge appears, a better solution or someone's help, using their image or helping me create one in some way or another, I do not know what else to do, maybe someone with it same model to try to boot from sdcard.
(I have never done it, if someone wanted to confirm, detail, or know how to provide the complete process, it would also be of great help. But according to what I "don't understand" is that the most reliable thing is to do it from a Linux environment and it would be something like for example )
dd if = /dirInput | vp | dd of = /dirOutput
and share it compressed?)
(If there is any private data, it reserves its right)
***From ignorance, I want to ask according to how little I have learned until today...
what happened here?
Was the recovery installed by mounting in cache? and was the data saved as temporary in a sector that is volatile not persistent? Wrong indexes were formatted and inserted into wrong sectors, losing access to gpt / mbr of all complete? or what happened here?)
****Something extreme and crazy out of context that I wonder, is the result of mixing mcu microcontroller, needles, wires, spi, i2c, bidirectional ttl converter, vcc, gnd, dat + dat- but I still don't understand much, to Unless they make it very easy for me to understand with kiss principles, boxes, apples and kittens.