Why you can’t delete those naked selfies

Comment on this story
iol scitech jan 14 android phone pic REUTERS Mobile phones are programmed to connect with the closest signal tower, but trust signals from towers or imposters when it comes to making decisions, hackers have demonstrated.

Washington - If you're selling an old Android smartphone on an online auction site, you could be giving away rather more than you intend to, according to a recent investigation by anti-malware company Avast.

Going through phones that had supposedly been “factory reset,” the company's researchers were able to view photos taken by the phone's original owners. In addition to the usual harmless photos of the family cat were naked selfies that the original owners would never have wanted anyone to see.

What's more, the researchers were able to do this simply by using a range of free smartphone forensic tools that are easy to use by technical enthusiasts as well as professional forensics experts.

 

How it works

Electronic data, stored either on a solid state drive or a traditional hard disk, persist even when we think we have wiped the storage device. Many readers will naturally assume that when you delete a file, it has been removed from your phone or computer.

The way it actually works is that the link (or reference) to the file is deleted, but the original file is still there — so that inappropriate selfie is still in your phone's storage even if you can no longer see it in the photo browser. What's worse is that, unless the file is fully overwritten, you may find that the dodgy pictures remain for some considerable time.

The issue spotted by Avast is that the “factory settings” feature of some older Android phones does not overwrite every “bit” of data; instead, it simply removes the file references.

 

Which phones are affected?

Based on their research, it is only Android devices that are affected. iPhones encrypt their storage, which adds a layer of strong security. So even if you could see that the data existed, you couldn't see what it was as you won't have access to the original security keys.

It would seem that Windows and Blackberry phones are not affected either. Researchers may yet discover issues, but as it stands there are no concerns.

 

How to protect your data

The best advice I can give if you intend to sell your Android phone is to first consider carefully how you may have used the device. If there are — or were — any pictures or data on the phone that you do not want to fall into the hands of others, then keep the phone, and do not sell or give it away.

There are also ways that you can encrypt your Android, and this is a technique worth considering.

But the only truly secure way to destroy the data is to smash the phone into little pieces, then throw it into a fire.

Personally, I prefer to store only impersonal and chaste data on my phone. Best not to take pictures of your cat unless you really want others to see your kitty. - Washington Post

* Smith is a lecturer in networking at The Open University.

This article was originally published on The Conversation: http://theconversation.com/uk.

Hungry for more scitech news? Sign up for our daily newsletter



sign up
 
 

Comment Guidelines



  1. Please read our comment guidelines.
  2. Login and register, if you haven’ t already.
  3. Write your comment in the block below and click (Post As)
  4. Has a comment offended you? Hover your mouse over the comment and wait until a small triangle appears on the right-hand side. Click triangle () and select "Flag as inappropriate". Our moderators will take action if need be.