How to fully wipe phone before sale (Security) - General Questions and Answers

Hi all,
I know phone SD cards are generally very hard to recover once wiped, all the same, I wanted to make sure.
Wiped Data through custom recovery
Wiped Caches
Installed stock OS
Restored stock recovery
Wiped
Are these enough steps to sure the phone is secure and no data can be recovered? Thanks.

If you want to fully wipe phone before sale security, try phone data eraser tool. Such tool can help us wipe all information on phone without recovery and make it like a new one. Then there is no need to worry about data leaked. Just search it online and choose the one you like. Good luck to you.

The same zero out technique I use for hdds, with a 5 pound sledge; flatten completely and then some.
Sometimes a oxyacetylene cutting torch... a nice bonfire gets it too.
Zero chance of data recovery and fun to do

ph3n0m. said:
Hi all,
I know phone SD cards are generally very hard to recover once wiped, all the same, I wanted to make sure.
Wiped Data through custom recovery
Wiped Caches
Installed stock OS
Restored stock recovery
Wiped
Are these enough steps to sure the phone is secure and no data can be recovered? Thanks.
Click to expand...
Click to collapse
As @blackhawk mentioned: Overwriting Android's user-space several times with zeroes is fully enough. You even can do this by means of ADB.

I always just plug up to my laptop and do a: sudo fastboot -w
I've sold quite a few devices of mine over the years since Android began and t.ive always just did a format data using fastboot.
If you had some super top secret information on there maybe use some type of cleaner software program like another user here already mentioned. I've never used anything like that but I've read about them over the years online. I think a ./flash-all.sh and and not removing the fastboot -w flag is enough though, but that's just me. There are things you can purchase that will supposedly wipe it to where three is no possible way of anything ever being retrieved.

One of the most thorough ways to wipe the Android device is the factory reset.
The f actory reset deletes the complete relevant data - both the system settings data and the user settings and user data. The system applications are reset to the delivery state.
The factory reset deletes all subfolders of data (only lost+found remains) and deletes cache/dalvik-cache.

Related

Android encryption incredible bug!!

I can't believe what I've seen!
A few days ago I encrypted my galaxy s3 running the old 4.1.2 with this guide to avoid having to enter an alphanumeric password each time I unlock the screen. Yesterday I installed an app called "Locker" that is supposed to reboot and wipe the device after a specified number of wrong lockscreen pin attemps.
When I woke up this morning I had a nandroid on the microsd (online nandroid backup app) performed overnight plus the internal storage backed up too and I decided to try that app. After 10 wrong attemps it actually rebooted to recovery but didn't wipe anything, probably cause I'm running a custom recovery (TWRP). No bad, after reboot you are prompted to enter the alphanumeric cryptopassword (different from the lockscrenn pin) so that method would be safe, I think. After entering the cryptopassword it forced reboot again, again stating I entered 10 wrong pin previously. At this point I was stuck so I tried restoring the nandroid, rebooted but guess what?? My cryptopassword was not recognized!!! I tried another time wiping everything, included internal storage, no good. I tried restoring a previous unencrypted image, incredibly it still asks me the cryptopassword and still doesn't recognize it!!
I was stuck and didn't know what to do, I said I'll try flashing a stock rom with odin, I started downloading it but I reflashed stock recovery back for another try. Wipe data/factory reset, then reflashed TWRP restored the overnight nandroid back again and guess what???
MY DEVICE ISN'T ENCRYPTED ANYMORE!!! It only asks the lockscreen pin, but if I go to settings => Security it shows itself as unencrypted!!
Such an incredible bug, yes, you'll lose your internal storage in the process and you need a nandroid to restore the /data partition. I can't believe it!!
Probably I understand what happened. The online nandroid backup is performed after the cryptokey has been entered, so it saves the data partition unencrypted.
The proof would be making a nandroid from recovery and seeing if this trick works the same
FDE on Android 4.x is already known as vulnerably and can be decrypt by various tools (not telling the name here - and don't ask me for it). Just saying, so no matter if you use it or not if an attacker have physical access to your device it's very easy to get your stuff and the fact you use a custom recovery makes it very easy (not that a stock recovery is not affected but needs some more steps to get the tools working..).
CHEF-KOCH said:
FDE on Android 4.x is already known as vulnerably and can be decrypt by various tools (not telling the name here - and don't ask me for it). Just saying, so no matter if you use it or not if an attacker have physical access to your device it's very easy to get your stuff and the fact you use a custom recovery makes it very easy (not that a stock recovery is not affected but needs some more steps to get the tools working..).
Click to expand...
Click to collapse
With other experiences I had with PCs, if you clone a bitlocker encrypted partition online, the resulting copy will be unencrypted, if you clone it booting from a live cd the resulting copy will be encrypted as well.
What I did was backing up my phone online, so the backup was of an unencrypted system. I'm sure if I restore a nandroid made in recovery environment, it will restore an encrypted system as well
I think the only way to get around it is brute forcing it, a 128 bit key is safe as long as you don't choose a short password

clearing dalvik cache without root.

Is it safe to clear the dalvik cache, & what exactly is cleared when I clear it? I know it can be cleared with the stock recovery, because I just helped a friend factory reset their phone who has the same phone as me (both unrooted Galaxy On5 with stock ROM) & I saw an option in the list in recovery.
tsaxda said:
Is it safe to clear the dalvik cache, & what exactly is cleared when I clear it? I know it can be cleared with the stock recovery, because I just helped a friend factory reset their phone who has the same phone as me (both unrooted Galaxy On5 with stock ROM) & I saw an option in the list in recovery.
Click to expand...
Click to collapse
Only cached data gets cleared, more specifically, cached data used by your system apps and services. This cached data will automatically be rebuilt when you reboot the device, you may or may not see a message saying "optimizing apps" while the device is rebuilding dalvik/ART cache during the boot process.
Sent from my SM-S767VL using Tapatalk
What I mean is do I lose anything important like settings/data within apps etc;. & is there any risk of my phone not booting properly? I have backed up what data I could. I've seen posts on quora, asking about different problems they had after clearing dalvik, including one who seemed to think their phone had died, but they all seem to involve rooted phones, because the solution given is always to flash another ROM/reboot to TWRP recovery. I was tempted to do it because I'm running out of space, & somebody online said there dalvik folder was 300MB.
tsaxda said:
What I mean is do I lose anything important like settings/data within apps etc;. & is there any risk of my phone not booting properly? I have backed up what data I could. I've seen posts on quora, asking about different problems they had after clearing dalvik, including one who seemed to think their phone had died, but they all seem to involve rooted phones, because the solution given is always to flash another ROM/reboot to TWRP recovery. I was tempted to do it because I'm running out of space, & somebody online said there dalvik folder was 300MB.
Click to expand...
Click to collapse
No, you won't lose anything, as I said, it is only a type of temporary data, data that is used in the background while the device is running, temporary in a similar kind of way as RAM data with the exception that RAM data doesn't necessarily persist from one reboot to the other whereas cached data does persist after reboot, unless wiped, in which case, that cached data will automatically be rebuilt exactly as it Is needed when each app loads at startup on the next reboot after the wipe.
As long as you aren't wiping the system partition or the data partition, you won't lose anything. Wiping cache is nothing to sweat over, it is a very common and necessary process when making changes to your device.
Failing to wipe when making changes to the system are what causes problems, wiping is necessary to avoid having bugs and issues caused by cached data from before the changes conflicting with the changes that you made. Wiping cache then rebooting allows the device to build the cached data the way it needs to incorporate the new changes that you made.
I called samsung to ask whether they recommended clearing it & she very sternly said "we are not clearing dalvik". It made me wonder whether she simply didn't know what dalvik is, because she asked how to spell it as though she was looking it up, or if there was some other reason.
tsaxda said:
I called samsung to ask whether they recommended clearing it & she very sternly said "we are not clearing dalvik". It made me wonder whether she simply didn't know what dalvik is, because she asked how to spell it as though she was looking it up, or if there was some other reason.
Click to expand...
Click to collapse
The option to wipe dalvik cache is not an option in stock recovery or any other stock or non-root, non-custom option. It is typically only an option if you have a custom recovery such as TWRP.
Only a developer or someone that is familiar with root and custom android software would be familiar with wiping dalvik cache. A standard employee of a manufacturer or customer support agent would not be familiar with wiping dalvik cache.
Sent from my SM-S767VL using Tapatalk
i flashed twrp and majisk yesterday but my apps was playing up so i did a delvick cache wipe and now my phone is no longer rooted and no longer has majisk do i need to install twrp and majisk again or just flash majisk again
When you reboot, bóth the Dalvik ( correct: ART ) cache and the System Cache are re-created. So no benefits at all.

Permanently erase files/photos that have been deleted

I deleted some files from my Xiaomi phone & out of curiosity I wanted to see if they could be recovered. Unsurprisingly, I can recover the files using apps like 'Files Recovery'
However, I want to erase these files permanently. I've tried apps like 'Shreddit' that can erase empty space but the files are still showing up as recoverable.
Without having to full wipe my phone, its there a method that can remove these files permanently?
Ta
I think I've answered my own question.
It seems like 'Erase full storage' option within Shreddit did the trick. I didn't try that originally as I thought this would factory reset my phone & wipe everything.
Or you can ask help from phone data eraser software. Such software can help you wipe all personal information from your xiaomi phone without recovery. There is a lot of such software online. Most of them are not free. You can search the details online and choose the one you like. Please remember to take backup of your xiaomi phone before using such software. Hope this will be your help.
Sign out Mi account and remove Google account, boot into TWRP, get into Wipe menu and press format data, type when asked. Then flash a stock rom from MiFlash using clean all option.
A 5 pound sledge hammer provides a complete zero fill in seconds.
Works every time... for when data absolutely, positively must be deleted

REGARDING FACTORY RESET

Hello Everyone.
So I have an unused phone that i wanted to sell, so I Factory reset it.
But then i look at some article and found out that Factory Reset doesn't completely wipe the Data, and it could be recovered by 3rd party program.
So the question is, if I Flash my phone to a stock firmware, would all the previous data be completely erased?
I just want to make sure that my data is completely lost before selling it, since it contain lots of sensitive information.
My Phone is Sony Xperia X Performance.
Thanks in advance.
A Factory Reset wipes ALL user-data and restores system apps to the state when phone was delivered.
BTW:
Wiping and Erasing data although can sound similar refer to different things data security business.​
In short, Erase command erases or overwrites all of the data on the targeted drive, while Wipe command marks disk space as deleted / re-useable that is not being used by the Android OS ( unallocated space ). Wiped data theoreticaly can get recovered.
My recommendation: Do a Full Wipe
Code:
fastboot devices
fastboot erase userdata

Stuck in recovery after rom update

Hello,
I just updated the rom Evolution X 11 on my Xiaomi Mi 9T Pro after using an older version for about half a year.
Now my phone does not boot anymore, its stuck in recovery (TWRP). Also all data seems to be encrypted and TWRP is not asking for a password.
Is there a way to get my phone to boot again or at least backup my data before I do a full wipe?
You should always do a full twrp backup before messing with roms.
The best solution would be to backup the "Data" and "Internal Storage" partitions. Data contains all apps, their appdata and settings, while internal storage contains all of your own files (photos, videos etc.). After you back these up, wipe your phone (system, data, cache, dalvik) and flash the version of evolution x you were using previously. Now restore data and internal storage and your device should be back to normal.
If you get a bootloop while booting after restoring data and internal storage, then wipe the device again and this time flash evolution x, but only restore internal storage. This way, it should boot and you will be able to recover your files, though your apps will be gone.
If you only restore internal storage then it will no doubt boot up and you will have access to your files, but since you'll have already backed up the important stuff (data + internal storage), you might as well try restoring data as well, as there is no harm, and if the phone boots correctly after restoring both partitions, your phone will be as it was before your updated your rom.
This happened a while back to me with my J5, the issue was that I made a full TWRP backup, then began to test other roms. After I was done, I tried to restore my backup, but it would constantly fail. I sat down for a while, confused and sad about how my TWRP backup had failed me. I tried every solution I could think of, eventually this solution I've mentioned in the above paragraph came to my mind. Thank god for putting it into my mind, otherwise I would've lost a lot of stuff (mainly whatsapp chats which werent backed up, and a lot of apps which I took the time to pain-stakingly configure in the best way for my device).
Anyways, enough of my story, hope this helps you out! If it does, message back here and let us know, and also mark my post as the solution if it was able to help you, so that anyone else who stumbles upon this thread can be saved too!
Cheers!
PhotonIce said:
You should always do a full twrp backup before messing with roms.
The best solution would be to backup the "Data" and "Internal Storage" partitions. Data contains all apps, their appdata and settings, while internal storage contains all of your own files (photos, videos etc.). After you back these up, wipe your phone (system, data, cache, dalvik) and flash the version of evolution x you were using previously. Now restore data and internal storage and your device should be back to normal.
If you get a bootloop while booting after restoring data and internal storage, then wipe the device again and this time flash evolution x, but only restore internal storage. This way, it should boot and you will be able to recover your files, though your apps will be gone.
If you only restore internal storage then it will no doubt boot up and you will have access to your files, but since you'll have already backed up the important stuff (data + internal storage), you might as well try restoring data as well, as there is no harm, and if the phone boots correctly after restoring both partitions, your phone will be as it was before your updated your rom.
This happened a while back to me with my J5, the issue was that I made a full TWRP backup, then began to test other roms. After I was done, I tried to restore my backup, but it would constantly fail. I sat down for a while, confused and sad about how my TWRP backup had failed me. I tried every solution I could think of, eventually this solution I've mentioned in the above paragraph came to my mind. Thank god for putting it into my mind, otherwise I would've lost a lot of stuff (mainly whatsapp chats which werent backed up, and a lot of apps which I took the time to pain-stakingly configure in the best way for my device).
Anyways, enough of my story, hope this helps you out! If it does, message back here and let us know, and also mark my post as the solution if it was able to help you, so that anyone else who stumbles upon this thread can be saved too!
Cheers!
Click to expand...
Click to collapse
Thank you for your help but backing up the data and internal storage doesnt seem possible right now because all the data is encrypted in TWRP...
If you can't backup anything, then wipe system, cache and dalvik, and flash the version of evolutionx you were previously using. Then boot, it should be fine. If it wont boot (give it some time, it will take the time of a fresh install), then this time wipe system+data+cache+dalvik, then flash whichever rom you like and you'll be able to access the files.
You can also try using platform tools and fastboot or adb ( i dont remember exactly which one) to copy the filess from your phone onto your pc.
Sorry if this doesn't apply to your situation, I've never used a phone which has been encrypted, as such I have no experience with them.
PhotonIce said:
If you can't backup anything, then wipe system, cache and dalvik, and flash the version of evolutionx you were previously using. Then boot, it should be fine. If it wont boot (give it some time, it will take the time of a fresh install), then this time wipe system+data+cache+dalvik, then flash whichever rom you like and you'll be able to access the files.
You can also try using platform tools and fastboot or adb ( i dont remember exactly which one) to copy the filess from your phone onto your pc.
Sorry if this doesn't apply to your situation, I've never used a phone which has been encrypted, as such I have no experience with them.
Click to expand...
Click to collapse
That sounds like a good idea. I found the old version on my PC.
Now I just need a way to install it... because twrp cant read the file. I tried with adb sideload but that results in an error for some reason. Flashing Magisk for example with adb sideload is possible.
Edit: Got it to work by using a tool called "Large Address Aware". Now waiting for the results...
PhotonIce said:
If you can't backup anything, then wipe system, cache and dalvik, and flash the version of evolutionx you were previously using. Then boot, it should be fine. If it wont boot (give it some time, it will take the time of a fresh install), then this time wipe system+data+cache+dalvik, then flash whichever rom you like and you'll be able to access the files.
You can also try using platform tools and fastboot or adb ( i dont remember exactly which one) to copy the filess from your phone onto your pc.
Sorry if this doesn't apply to your situation, I've never used a phone which has been encrypted, as such I have no experience with them.
Click to expand...
Click to collapse
This did not help unfortunately... Im still in the same recovery-bootloop and my data is still encrypted.
It's probably still bootlooping as the data partition got modified when you flashed the newer version of evolutionx, and now it will not work with the old one. You can try wiping system+data+cach+dalvik and then flashing any rom of your choice. This will give you access to your internal storage (photos, media etc), but it will remove your apps and their settings. Whatsapp images are stored in the internal storage so you won't need to worry about those.
Again, this is risky, as it may not work (I don't know much about encryption), or you might still not be able to access your files after flashing the new rom. Proceed at your own risk.
PhotonIce said:
It's probably still bootlooping as the data partition got modified when you flashed the newer version of evolutionx, and now it will not work with the old one. You can try wiping system+data+cach+dalvik and then flashing any rom of your choice. This will give you access to your internal storage (photos, media etc), but it will remove your apps and their settings. Whatsapp images are stored in the internal storage so you won't need to worry about those.
Again, this is risky, as it may not work (I don't know much about encryption), or you might still not be able to access your files after flashing the new rom. Proceed at your own risk.
Click to expand...
Click to collapse
Thank you for still helping me out but I already did a full reset yesterday. I did not lose much except for the time setting it all up again.
I still dont really get the point of encrypting all your data if you cant decrypt it even if you know the password...

Categories

Resources