Researchers at Cambridge University, estimated that 500 million Android smartphones are susceptible to a flaw in the factory data reset function that could restore the data back.
When they did a of couple test, they believed that 500 million Android smartphones don’t fully wipe data partitions that contain sensitive data, which is allowing the restoration of contact and message data from first- and third-party apps. After they had tested 80% phones, the researchers finally able to extract the Google master token, which will give them an access to Gmail and Calendar data.
The team also believed during the factory reset test that 630 million devices were not able to get SD cards which is a vital source to store the pictures, videos and any kind of data. This is concerning for people who sell their used smartphones, they are realizing that their data are being removed after, factory test but, it is sometimes does not work.
They also found that the flaw in the Android’s factory reset make allow you to restore your data with full-disk encryption enabled. if you are doing the reset process and the decryption key is not wiped out, and recovery of the “crypto footer” along with this key which allow an attacker to crack the encryption offline.
The researchers at Cambridge University, fully focused on 21 devices which are running on 2.3.x to 4.3 Android version. Whilst on latest Android version 4.4 hadn’t tested, it’s “plausible” that devices which are running on these versions of the OS are also vulnerable, as told by the researchers.
One of the most important reasons why the reset function is not working properly because, of old drivers that could allow NAND chips to be wiped completely. it is difficult to wipe the flash storage completely, which is why producers have faced struggles to implement the factory reset functionality correctly.
Whilst the researchers at Cambridge University recommended a series of technical changes which are able to make the factory reset process in Android which help them to improve its effectiveness. These changes are able to many users to prevent data recovery. You could fill up the NAND on your smartphone with the help of random files after, a factory reset which overwrite the free space, but the most essential method to save your data is to destroy your smartphone.