Related
I need to erase all data from my phone Sprint PPC 6700 (HTC Apache). How to do it to completly remove all my data from it?
I do not want to hear that there is "Clear Storage" procedure on device because you can retrive that kind of erased data. It brings device to factory state but you can still retrieve data.
Any program which will eg. 10 times write down in free memory space with 0's and then 1's.
I do not want any information to be recovered, info in device is strictly confidential like TaxIDs, SocialSecurityNumbers, passwords and other sensitive data.
It is like with computer format hard drive - normal user will not see data but user with knowledge can access it.
I do not post question in HTC Apache forum because maybe somebody have or may have similar problem with different device.
on wm2005 you format from inside the bootloader
There is no default secure way.
If you're that concerned about the sensitive data now, then really I am surprised it wasn't encrypted anyway.
If it was, simply use the same application to secure wipe those files, and then you have no problem.
If not, use something like http://www.pocketpcfreewares.com/en/index.php?soft=1694 to delete the files you are concerned about, and then simply wipe the storage as normal.
Also, possibly use wm5torage and write/rewrite until you are satisfied with the result.
Rudegar said:
on wm2005 you format from inside the bootloader
Click to expand...
Click to collapse
May you please give me magic commands to do it?
Thank you
Well, format it from the bootloader sounds just like a normal formatting. Anyway, if you do not have ultra secret important information, nobody with that amount of skill will want to hack and recover your data after a hardreset. If you were to ask the gurus here, they may not want to go through the trouble to recover them (if possible at all). If you were to ask me, you are just being paranoid. The chances that your phone will fall into a hand of a [1]hacker capable of recovering data from hardreset phone AND [2]person interested in your data, is very very slim. You will be more likely to have your information stolen surfing the web (wired), getting a trojan in your PC, stolen via wireless, etc.
Anyway, the US military standard of 12 times write on a hardisk ensures that no data can be recovered via physical means. That is to disassemble the hardisk, and using sophisticated electron scanning equipment to get the data. That's because normal reading via the usual way is not possible after just 1 write.
Anyway, having babbled the above, from what I experienced from retrieving data from a hardisk (the normal way), your data is relatively gone if you fill it up with stuff. SO, if you can just hardreset your device, copy some movies, mp3s over (eg via WM5Storage) until it is full, and then hardreset it again, it ought to do the job. If you are still worried, do this 12 times. Those that are good enough to retrieve your data will just get he movies/mp3s you use.
FYI:
On magentic storage, like hard drives, one pass of zeros is sufficient to write over the data such that not even an electron microscope could determine what the bits previously contained. It may have once been possible on 10-20 MB MFM hard drives in the early 80s, but is certainly not possible anymore.
The American military and intelligence agencies use the same clean-room data recovery procedures as do commercial data recovery houses, and in fact often contract out to those houses.
Flash memory I'm not so sure about, especially because a lot of flash memory uses redundant sectors to fill in when a given sector has exceeded the number of read-write cycles it's supposed to be capable of.
I would probably just fill the device up with files, delete and repeat like hanmin is suggesting. If your data is so important that someone would try to steal the device (or buy it from you) and then subject it to a military-grade inspection, you can probably afford to destroy the device physically or at least destroy the memory chips inside it and resell it for parts.
mikesol: Thanks for clarification.
Latelly I read article about guy who recovered average od 20k pages from PocketPC Phones after where were "Clean Storaged" and owners thought that data are safely deleted.
Maybe I am paranoid but if somebody gave me theirs personal/confidential data I try to protect them as much as possible.
Device will stay in one company, but probably next person will not have such vital information as I did. That is why I try to clean it as much as possible.
Now, I am satisfy with what I did.
FYI: I do not work with DoD or cooperating company but level of security is high, ie. old harddrive - 10 times write over + drill over and apply acid inside. Just to be safe
http://www.informit.com/guides/content.asp?g=security&seqNum=234&rl=1
good read
Haahaha, with our old hard drives at my company we just take them apart and then tack up the platters because they look cool.
From what I've been reading, wear-levelling may make it possible to recover "old" bits on a memory card, but there's no context for them - the FAT (or whatever filesystem you're using) won't retain any links to them and it's possible that the microcontroller built into the memory card simply won't allow access to sectors that have exceeded their read/write cycle count.
Regardless, all that would be left in those sectors would be some random bits, context-free and virtually impossible to recover from.
As of now, most of the data recovery techniques for flash rely on the ability to read bits off of the card, and then applying the same utilities to them that you'd use for a disk image of a hard drive. I haven't read about any advanced, dissection-based approaches to determine whether previous states for a given bit can be read even when a bit has been overwritten.
I'd think that there's probably no good way to do that without a massive expenditure in R&D, and you're probably safe filling the memory up once or twice with a format after each. Anyone that gets old data back after that won't be going after you, they'll be working for the NSA or something.
Hmm.. I never thought I will see this, such software do exist!
http://pocketpcapps.net/fileshredppc.aspx
Pawlisko, you may ask your company to get a few copies of this.
hanmin - I used exactly this program. I do not have Apache no more and I feel quite secure about wipe out.
Probably my company will use this software in future, but for now our major concern is case when somebody will lose device. Of course we will remotly wipe it out, but data will not be securly deleted.
Every employee knows that loosing device is not an option
You used this software before or after my post? You ought to let others know your discovery
Anyway, in what form your 'secret' information are in? I mean, text, recordings, pictures? There are some software out there that do encrypt these things. I mean, if they were to be encrypted at stage 1, you won't have to worried about it anymore. If you were to let us know in what form the information is, probably members here can think of a better idea
So, what are you using now?
when it is avaliable, ma i recommend that your company upgrades to wm6, it has built in encryption for everything (optional) it will even encrypt stuff on sd cards.
If by WM6 you mean Crossbow, the encryption option is for the SD card, not the internal memory.
It's so that if you remote wipe a device, the contents of the card can't be read on another device or system, unless you restore that device from ActiveSync.
If the company information is that sensitive, it should be stored encrypted with any one of the hundreds of applications aimed at corporate users.
If they aren't doing this, then their IT department simply is not providing the solution to the business that it should be, and someone should do something about it.
Something like this will encrypt all of the PIM, and for instance your My Documents folder so all files stored will also be encrypted.
http://www.safeboot.com/products/device-encryption/windows/
And this one is quite impressive, I saw a demo at IPSEC in London last time:
http://www.pointsec.com/products/smartphonepda/
hanmin - fileshredppc I used after your tip, thank you very much.
What is sensitive stuff - PIM, text, PDF files and photos. Do you know any good solution to encrypt it in Stage 1?
Midget_1980 - for now on there are no plans to go for WM6. But I am monitoring if WM6 would be worth to invest money in it.
AlanJC - I will investigate your links. Thanks in advance.
I need to wipe two Android Phones that do not have the "encrypt" option. I am selling them very soon so this is important. One phone is running stock Gingerbread, the other is using a custom rom running ICS 4.04.
I attempted a secure wipe on the ICS phone by choosing every wipe option found in TWRP (dalvik, cache,etc), then I did 2 factory resets and flashed a NEW ROM after that. Guess what..? I used the free program "DiskDigger" on my PC and I found THOUSANDS upon THOUSANDS of recoverable files. FULL pictures, not just thumbnails; I found videos, I found zip files, I found voice recordings, I found music, and more!
There is no way in hell I can sell these phones until I know they are CLEAN of my information. What pisses me off is that with iPhone, it's as simple as pressing "Erase All Content And Settings". That takes maybe 5 minutes tops and it works on iPhone's as old as the iPhone 3GS! I thought custom flashing a new rom and wiping cache in TWRP would do the trick but NOPE.
Can anyone help me?
An update for you... I downloaded these two apps and ran them on both phones. Here are the results...
https://play.google.com/store/apps/details?id=com.pinellascodeworks.securewipe&hl=en - Secure Wipe
https://play.google.com/store/apps/details?id=com.aiuspaktyn.secureeraser&hl=en - Secure Eraser
On the stock Gingerbread phone, 3 photos were found by DiskDigger and I was able to preview them and recover them. Recuva found 20 files, the same 3 pictures, plus some overwritten garbage. I ran both apps AGAIN and got the same results, those same 3 photos were still there, intact. So what I then did was click on the photos in Recuva and selected "Secure Overwrite Checked". I ran the scans a THIRD time, Recuva first. It found 15 different files, 11 ignored all labelled as "unrecoverable" or "very poor". Only one photo was from before was found, but there was no preview. I recovered it, but no photo program could open it, so it looks to be successfully overwritten and corrupted.
On the phone running custom ROM ICS: I ran DiskDigger and it found 0 files; Recuva found 3 files after secure wiping. One was in "poor state" and two were in "excellent" state - a .bin file and .M file. I overwrote these files in Recuva and ran the scans a second time. DiskDigger found nothing, Recuva found 3, 14 ignored, all were "unrecoverable".
So I have some peace of mind now. Before running these Secure erase programs, DiskDigger found 99% of the contents on the phone that was running custom ROM ICS. So wiping dalvik cache, other cache, multiple factory resets, and flashing a new ROM did NOTHING!
If anyone has suggestions on other recovery programs, I will do a third check to put my mind at ease.
Wow... very surprised that there is no discussion on this. Do people not care about about the security of their devices?
umirin said:
Wow... very surprised that there is no discussion on this. Do people not care about about the security of their devices?
Click to expand...
Click to collapse
General rule is basically no to sell your old devices and physically destroy them, if you care for privacy. A phone is no different to PC or any other piece of hardware here, so you're either aware of this and don't give/sell your stuff or don't care.
Destroying old equipment is pointless unless you are a career criminal avoiding the police or some other high profile person that a large organization with spend tones on resources on investigate.
Data breaches are far more likely from bad practices during ownership
Quality wipe apps with root access over writing old data multiple times is quite effective..
Hi XDA members,
So I am a wiz at Apple software..... but
I have been provided with a Customers phone ( Google Pixel 3a) they have accidentally emptied the Trash Can instead of selecting the Restore option...All there photos have been deleted permanently.
I understand that the phone will need to be put into 'root' mode, but have read that rooting will wipe the phone which I do not want to happen.
My customer has got applications to do with taking regular Medication setup, and many more application that they do not want deleted with the data wiped.
Your urgent help on this matter would be kindly appreciated.....
Paul
P.s. I have installed ADB & Fastboot along with Bluestacks application but am stumped from here on in.
They are probably lost unless Google cloud gives you restore options.
Always redundantly back up critical data to at least 2 hdds that are physically and electronically isolated from each other and the PC.
It’s not my phone but a Customers well more of a friend but Customer still regardless..
I work tirelessly on Apple devices, but trying to do a big favour on this occasion with an Android.
The advanced software I use daily does not support Android devices.
In regards to Backup..I do back up everything of mine to a NAS drive…just my friends doesn’t/didn’t and their Google account doesn’t seem to show any photos of the deleted items from Trash at least..and they apparently hold precious moments that cannot be captured anymore.
My friend was trying to create a folder to put the images in, but instead deleted them then when they went to restore from the trash they ended up deleting them… no idea how they made this error with all the extra warnings that appear during the process, but that’s what they did and I’m not one to argue with a customer.
Could really do with someone being able to get my friend/customer out of this horrid situation
many thanks
Paul
At this point if the pictures are that important I would power down the phone and give it to a data recovery specialist. Any more mistakes may make recovery impossible if it is now.
Do not use online apps that claim to be able to do this!
If the jpegs that haven't been overwritten already can be recovered, it will be only the image. All file structure, exif data, time stamps, etc are lost in a sea of juxtaposed data. Only file types and file size can be searched for in the recovered data. This alone is a daunting task. The images have no time structure at all. Only memory can separate and index them back to order.
It's a rude shock... to the neat, organized data that once existed.
The magnitude of this is enormous. Even a flash card with a 120 images is a true pain to reconstruct and of limited value without the exif data. I need a stiff drink just thinking about it... always redundantly backup critical data. Never encrypt data drives.
Maybe your friend did back them up on Google at one point. Worth a shot, on a different phone/PC. Remember every second the victim phone is on is a second it can be overwriting data! Even after Backup Transport is disabled I've seen Google servers retain that data in spite of the warning to the contrary. If deleted on Google it's self... that's a question for Google.
I loathe cloud services and don't use them now.
my android device was quite maltreated by someone
i think that phone was not ecrypted
it was first factory reset
then Dr fone was able to recover some data
so Dr Fone eraser was applied
and as a finish screen was broken
screen replacement is usually easy
what about the possibility to recover some data from that phone ?
using recuva
minitool
autopsy ?
It's gone, gone, gone.
Even if you do recover anything the folder structure was destroyed. An ocean of juxtaposed files. Jpegs with no exif data.
A complete mess like a 747 slamming into a mountain side... that would be easier to reconstruct.
Plus Drfone encrypts the data; you got all you're going to get. Never use this app if you really need the data, take it to a data recovery $pecialist.
thank you for your answer
I did not do anything on that phone. Someone did with quite some succes
the folder structure is something that can be rebuilt with time
what would be interesting to recover even partially is :
call history
contacts
text messages
whatsapp messages
gps locations history
pictures could be nice
i you recommend a data recovery specialist.
what sort of tool they will be using ? autopsy ?
I also asked an offer from data recovery specialist
Android's internal folder structure ( read: layout ) always is left intact, a wipe operation - as a Factory Reset does - only marks any wiped content as re-useable by Android, hence it can get overwritten at any time.
If your phone's Android got rooted, you can establish an ADB connection with phone, then you can achieve a bitwise copy of the "unreadable" wiped data ( storage space ) by means of Android's dd command and later on try to read this copy by forensic tools.
thank you for information
I understood that factory reset only mark existing files as free space and that several tools can recover the files.
even Dr Fone could do at first.
but what does an eraser tool like Dr fone eraser ?
is the data really destroyed after this ? or still some tool could be used ?
autopsy maybe ? other suggestion ?
I think I clearly expressed what is to do.
FYI:
Wiped data isn't destroyed ( nulled out or similar ), it physically still exists.
File data is only really deleted when this storage space is needed by something else.
BTW:
Don't know anything about Dr.fone eraser app. But I think it overwrites data stored in Android's user-space with zeros or blanks.
I think it overwrites data stored in Android's user-space with zeros or blanks.
Click to expand...
Click to collapse
in that case maybe the data is really destroyed/unreadable right ?
or still something could be retrieved ?
jwoegerbauer said:
I think I clearly expressed what is to do.
FYI:
Wiped data isn't destroyed ( nulled out or similar ), it physically still exists.
File data is only really deleted when this storage space is needed by something else.
BTW:
Don't know anything about Dr.fone eraser app. But I think it overwrites data stored in Android's user-space with zeros or blanks.
Click to expand...
Click to collapse
True. What can be recovered and how it's indexed is another story. I have severe doubts the folders are still intact and it's probably worse than just that.
I use Drfone over a decade ago, it encrypted the found data but showed pieces of it. You had to pay for the encryption key.
You're right about it zero filling too I think. After running that app all that was left was Drfone's encrypted partition, folder, whatever and nothing else. It takes forever.
I usually use Google backup and Samsung backup and when switching to a new phone I backup and restore / smartswitch which works ok. A few days ago my phone did a hard reset I think because the incorrect pin was entered accidentally multiple times whilst the phone was in my bag (hard reset setting in this situation compulsory due to my security settings for my work email). Although most important things could be restored, things like my app settings, Email settings, Gboard, Nova etc all had old backups saved and so I have to spend a lot of time setting up each one again.
Is there a better way to have EVERYTHING backed up automatically so I can restore the phone to the exact way I left it if I lose my phone or have to hard reset without needing to spend so much time next time? I remember iPhone iOS was better years ago. Are there any other softwares available that do full back ups scheduled every week or daily?
Thanks
Not really unless you're rooted. A cloned copy be nice...
2 back to back boot loops and factory resets made me streamline my reloading process and the way I organize critical data and backups.
I use the SD card as a data drive then back it up redundantly to at least 2 hdds that are physically and electronically isolated from each other and the PC.
Only the apps, DCIM and download folder go on internal memory. The DCIM folder is backup to a folder on the data manually that doesn't have the name DCIM in it's folders names.
I use apps like Digi clock, Poweramp and ColorNote (for bookmarks) that allow backup import/export and store those on the data drive. I use ApkExport to make installable copies of all my apps for fast reloads without Playstore. I store notes for the theme and icon pack as well for quick lookout on the Galaxy store. I can do a full reload from the SD card. Takes about 4 hours total to reload.
Never rely on SmartSwitch to store critical files as it can fail miserably. It may cause other problems when switching devices and force another factory reset. I use it to save the homepage settings on the same device. It can also potentially import the initial cause for the reload.
Never encrypt data drives as you are the most likely one to be locked out. I never use screen lock for the same reason, double tap on/off.
If managed right stock Android's can be very stable. Current load on this N10+ will be 2 yo in June. Still fast and stable with minimal maintenance. This is one reason I rarely upgrade the firmware once I have a stable, optimized load. Android 9 and above are reasonably secure unless you do something stupid.
Thanks for the advice Blackhawk. It sounds a bit complicated for me! I was hoping for a paid simple option that would do most things I need.
Kash said:
Thanks for the advice Blackhawk. It sounds a bit complicated for me! I was hoping for a paid simple option that would do most things I need.
Click to expand...
Click to collapse
It takes some thought. After doing 2 back to back reloads the mistakes I made in backup organization where painfully clear to me. Reloads can be very frustrating and even damaging if you're not completely prepared. There's a lot that can go wrong that will at the best cost you time... better to send that time in backup preparation. Remember to make a copy of your current contacts.
Passwords need to be preserved one way or another, redundantly and available enough to access. Delete the Google and Samsung accounts before factory reset and do the hard reset from settings rather than the boot menu. Least FRP raises its ugly head... a lock out would be a pain.
The problem with all the easy ways like SmartSwitch is they can potentially cause the loss of some or all of your critical data. It shouldn't be your primary backup! A complete and organized data drive makes everything easier, it allows you to make best use of that resource. Haphazard organization is just beating yourself repeatedly... so preparing for a reload serves more than one purpose.
The Android OS can be extremely stable to the point where you may think it could never fail.
A crash is just one drop, one near lightning strike, rootkit, or bootloop away. It will eventually happen.
One other consideration with data drives is vetting. Keep the download folder on the internal memory not the data drive. Vet files before moving to the data drive. Malware that is downloaded must be detected before it is copy to the data drive and backups! Suspicious files can be scanned with online Virustotal, scanning with the free version of Malwarebytes may occasionally pick off a trojan preloader... that one missed. Any unknown files should be deleted without opening.
Open files, images before moving them to the data drive. Watch for changes in the folder or system and that what you opened is what it's suppose to be. It's best to time stagger backup hdds rather than do all at once, just in case something makes it in. That's one reason you isolate the hdds from each other and the PC.