nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Factory reset memory wipe FAILS in 500 MEELLION Android mobes

Knock Knock

And so another back door becomes a front door.

9
1

This post has been deleted by its author

Anonymous Coward

Re: Knock Knock

Another reason for corporates to use Windows Phone...

6
25
Silver badge
Joke

@AC Re: Knock Knock

Ac,

didn't you mean THE reason.

Or the relevant techies could remove the SD cards too, I always have whenever I have flogged off/re-used a phone...

J

0
2
FAIL

Re: Knock Knock

@AC

Not sure I follow your logic. Seemed to be:

"The boffins only spent their time scrutinising what is BY FAR the market leader, ignoring all the others. Therefore we should all pretend that NSA's Redmond's obscure little offering is secure"

Did I get that about right?

A sort of obscurity is security argument?

Tit.

3
1

Re: Knock Knock

Who would have have thought, a Secure OS, Re-written in JAVA, could have gone "tit's up", I Don't know, maybe

the Linux people who warned you ????

1
0
Silver badge
Meh

I think I can answer a question

"It is unknown how Android versions above 4.3 are affected. Google has been contacted for comment."

I think it will go along with the lines:

"It's fixed in the latest version. We are not going to fix any phones prior to this version"

Granted it will be about 200 words longer, but that will be the general line.

30
2
Anonymous Coward

Re: I think I can answer a question

"It's fixed in the latest version. We are not going to fix any phones prior to this version"

Granted it will be about 200 words longer, but that will be the general line.

I'd be very careful with that, this involves Ross Anderson. The almost immediate response could be "no it isn't, here is evidence". If Ross Anderson tells you you have a problem, you first best check exactly how deep you're in it with Ross before you make any public statements, the man has an almost pathological aversion to bullshit.

Which is why I like him.

22
1
Silver badge

Re: I think I can answer a question

Bullshi-- here, bullsh-- there, bullsh-- EVERYWHERE bullsh--! 'Ol McDonald had a Server Farm e-i-e-i-o....

And, this will get Google to change its mind, and suddenly go 'round digging in the Vaults to fix this? lol I don't believe it.... You know what I believe EVEN LESS?! Assuming for just One second your Guy actually WAS that good... And, Google actually wanted to do something to fix this... (They won't BTW!), But, in an otherwise 'finite Universe, had they actually wanted too... And, had fixed this.... The OEMs will have been to busy flogging their M9's, S6's, Nexus 6 etc... etc... to care.

This said, when I picked up a second hand Galaxy Tab a few years ago. It was literately filled with all kinds of nasty... If slightly arousing tings on it. Sadly before I thought to back any of it up I had performed a complete Device wipe, before installing what was CM9 at that time, on it.

I was under, the understanding that the last owner had enough sense to perform a Factory Reset, if only to protect his Accounts.

But, I really do NOT expect this is something that's ever gonna change ever!

1
4
Anonymous Coward

Re: I think I can answer a question

"It's fixed in the latest version. We are not going to fix any phones prior to this version"

But to be fair, is there much point in fixing it in the old versions? It isn't like an OTA could be sent out to all phones to update it so the manufacturers and carriers would need to do the update and if they were going to go to all that trouble of writing the core files into their customised version, testing and delivering it then they would just update to the latest version anyway which is designed to work better on older devices (although that's debatable).

The main way to get a security fix it to get the latest version installed, it's the same with pretty much every system we run outside of Windows and Linux (e.g. all our phone systems, copiers, embedded systems, switches, routers etc).

Unless a way is found to upgrade the core Android OS directly from Google without requiring the handset or carriers to get involved - which I can't ever see happening, then updating older versions is not effective. You just need to flash a custom rom with the latest version.

4
5

Re: I think I can answer a question

I have been banging on about this for yonks see posts passim. Even if the damn thing is sucessfully wiped it is easy enough to recover the data and just involves playing around with coercivity and drilling down.

The only person I ever me who understood this fully was an Irish builder. He said to me "I need a new hard drive" I said this one is fine. He then said "I need a new hard drive" at which point I understood and swapped the server drives.

2
4
Anonymous Coward

I like Anderson (and team) too, very much.

It's especially pleasant to see him moving his work outside the financial sector again. Further reading:

https://www.lightbluetouchpaper.org/

I do hope he (his department?) has good lawyers.

Meanwhile, safety critical aircraft systems on your list, please sir, when you have a moment.

3
0
Silver badge

Re: I think I can answer a question

" so the manufacturers and carriers would need to do the update"

Ideally they should be legally required to under consumer protection legislation. For Google it'd be a reminder "don't be incompetent" when coding, and for the carriers it'd be a welcome headache that might eventually persuade them to stop the nonsense of custom skins and bloatware.

Outside of the warped reality space of the carrier's marketing departments, I don't believe a single person on Planet Earth wants their new phone to be soiled by the carrier's logo, or the memory they've paid for to be filled with unremoveable but often barely functional bloatware, but it is specifically these undesired features that seem to be a barrier to fixing this.

The obvious solution (short of rooting and SIM free purchase) is for the handset makers to offer their nearest-to-vanilla versions of Android directly to consumers. The carriers could still skin up the phones before sale if they're so desparate, but then they'd have to add some real value with that to keep it on people's phones.

11
0
Silver badge

Re: I think I can answer a question

*To clarify that last statement... When I said I had done a complete Device wipe... I was referring to the Format functions under Samsungs Odin Flasher, and not the One inside the 3e Recovery. Which on that note... Why the HELL doesn't Google buy up TWRP, and make that the mandatory recovery?!

0
0

Re: I think I can answer a question

"But to be fair, is there much point in fixing it in the old versions? It isn't like an OTA could be sent out to all phones to update it so the manufacturers and carriers would need to do the update and if they were going to go to all that trouble of writing the core files into their customised version, testing and delivering it then they would just update to the latest version anyway which is designed to work better on older devices (although that's debatable)."

That doesn't seem to stop Apple, who managed to backport full-disk encryption and make it available for every device sold in the past few years as part of their regular update process. It wasn't *ooh* *whimper* sooo *sniff* haaaaaard *sob* like it was for Google. It's a core OS function that isn't dependent or reliant on manufacturer customizations, and should be updatable.

3
1
x 7
Silver badge

Re: I think I can answer a question

"That doesn't seem to stop Apple, who managed to backport full-disk encryption and make it available for every device sold in the past few years"

The Apple iPhone range is tiny compared to the range of Android hardware available. Whats possible for Apple on a small range of standardised is much harder when applied to the full Android range

1
0

Re: I think I can answer a question

"It's a core OS function that isn't dependent or reliant on manufacturer customizations, and should be updatable."

Not a great comparison really, Apple only have one hardware platform, Android has 1000's

Also Apple don't allow anyone else to use their OS, so again, its easy for them,

Google could release an update for 4.3 but the carriers will not spend money on a re-compile and release anyway.

0
0
Anonymous Coward

What an annoying coincidence..

In other news, Carl Icahn is urging Apple to do more with its money.

Personally, I'm OK with them not doing more - it means they're less subject to external pressures to go stupid.

3
1
Facepalm

Waiting for Eric Schmidt to step up and say: "That's because you're not resetting it right!" ...

4
3
Anonymous Coward

Simple solution

Factory reset it with a sledge hammer. That might limit the resale value, but it's the best way to be sure.

Well, it's that or thermite.

7
1
Silver badge

Re: Simple solution

Make sure you break and disperse the memory chips, otherwise, data can be retrieved ...

0
0

Re: Simple solution

That's what the thermite option is for...

2
0
Silver badge

Re: Simple solution

You could use the Blendtec (TM) data scrambler. Works on all smart (and not so smart) phones, hard drives, CDs, etc.

3
0
Silver badge

Anyone with experience of these?

https://f-droid.org/repository/browse/?fdfilter=wipe&fdid=org.safermobile.intheclear

https://play.google.com/store/apps/details?id=com.pinellascodeworks.securewipe

https://play.google.com/store/apps/details?id=com.projectstar.ishredder.android.standard

0
0

Re: Anyone with experience of these?

An app can't wipe any data except it's own (unless you root your phone - which is not an option for most).

1
0
Anonymous Coward

Re: Anyone with experience of these?

It's a process....

If you factory reset your phone, then SIDELOAD one of the above apps (I have used iShredder) then the app can overwrite the freespace on the main partition. Then remove the app, or factory reset again.

That's what I did with my Nexus 4.

I also setup Google on my phone via a OTP, Facebook to use 2FA, and logged both devices out/revoked the OTPs when clearing down the phone.

Admittedly these are things the 'average' user won't do, so the secure wipe should be fixed, but there are things you can do without root to make yourself a bit more secure when handing on a device.

1
0
ST
Silver badge

Re: Anyone with experience of these?

> https://f-droid.org/repository/browse/?fdfilter=wipe&fdid=org.safermobile.intheclear

F-Droid is OK for this - provided you have a rooted phone. Don't know about the others.

0
0
Anonymous Coward

Re: Anyone with experience of these?

If you factory reset your phone, then SIDELOAD one of the above apps (I have used iShredder) then the app can overwrite the freespace on the main partition. Then remove the app, or factory reset again.

I'm kinda short on downvotes, so I'm going to suggest a quicker alternative: get an iPhone :)

0
5
Silver badge
FAIL

@ac: Re: Anyone with experience of these?

Dear AC,

Maybe I am being a bit more dim than usual (I have just returned from the pub)...

But I haven't figured out how someone buying an iPhone will help them to scrub their googlephone.

Have a downvote on me.

Regards,

Jay.

1
0
Anonymous Coward

Re: @ac: Anyone with experience of these?

But I haven't figured out how someone buying an iPhone will help them to scrub their googlephone.

By not having the problem in the first place. Later versions of iOS (v7 and later) did a damn good job of creating secure storage in the device and zapping it on delete by using very established and proven cryptographic principles and providing enough hardware support for it to actually be of value.

I think Google can fix this in newer versions of Android, but it will have to insist on some of that same hardware that's a default part of iPhones to make that secure. After that it's a matter of structure, if the OS can be made clearly independent of the telecomms provider and manufacturer by making that theme layers on top of the OS instead of deep changes inside, you end up with a structure you could actually maintain. However, I have the distinct impression that Google doesn't really want to have that in place, and given what they make money from, that doesn't surprise me in the least.

I can't really see Google choosing for the customer in the clear conflict of interest here...

0
0

Huh?

You mean some people trust android devices with sensitive information?

7
4

Re: Huh?

Or for that matter, any device in the Android/iOS/WinPhone camps. Blackberry are probably the most secure horse in the race, and they were not absolved from risk with the Heartbleed/Poodle/Freak attacks on crypto.

3
0
Anonymous Coward

Re: Huh?

Actually blackberry 10 has a pretty poor security record with about 80 holes so far. Windows Phone is still on zero I think.

1
4
Anonymous Coward

Re: Huh?

Blackberry are probably the most secure horse in the race,

Past tense, I'm afraid, as soon as they decided to allow Android apps to run.

1
0
Anonymous Coward

Re: Huh?

Windows Phone is still on zero I think.

I'm glad you Microsoft marketing guys could make it. Be careful that you don't disturb that fact free life by reading any comments, though.

9
3
Silver badge
Happy

@Ac: Re: Huh?

Dear Ac,

Winphone has a zero of a lot of things...

I rather suspect that major security flaws ain't all of them.

But hope is good, please keep on keeping on...

Regards,

Jay.

1
2
Anonymous Coward

Re: @Ac: Huh?

Winphone has a zero of a lot of things...

Users? :)

0
0

So THAT's how WeBuyAnyPhone/Mazuma make their money. They sell your hacked data to scum. :-) Before anyone starts 'avin' a go, it's a JOKE!! They'll sell it to someone who'll hack it and get the data. Glad I still have my old Droids. <LOL>

0
0

In other news: Security hole found in all OSes!

It turns out that the 'format' command just changes a few blocks of data and doesn't overwrite the whole disk/store, thus allowing data to be retrieved afterwards.

2
0
Silver badge

Re: In other news: Security hole found in all OSes!

Not sure how serious your statement was, but an OS using full disk encryption, like iOS or Windows with Bitlocker enabled, simply has to dispose of the key and any data written on the partition(s) protected by it is instantly and permanently inaccessible.

I would assume that while Google probably implemented this in Android, it wasn't the default because in order to support it across a wide range of hardware capabilities they couldn't sure that every device would possess hardware able to support FDE. Whatever Android version made or will make FDE a requirement is the minimum one you'd have to be on to be safe from this, because you can't trust OEMs to care about stuff like this.

1
0

iOS devices potentially have the a similar problem

When you delete all content and settings on an iOS device all it does is erase the encryption key - it doesn't actually erase anything. Good enough you might think, but with things as they are in the infosec business I'm sure there are some working on a way of getting around this.

0
1
Silver badge

Re: iOS devices potentially have the a similar problem

There is no conceivable way around this. You either have to be able to perform an attack against the encrypted data, which is a problem for everyone using AES if there is such an attack, or you have to have possession of the device before the key is erased. There are methods to get the key off similar products such as Bitlocker, by booting the device into Linux and dumping the memory contents during early boot. You can't do that against iOS but with enough (read a LOT of) resources you probably could find a way to do something like that.

But the important thing to note here is that you'd have to have my phone BEFORE I wipe it. Once I wipe it, you can't get squat from it. The article is about weakness in Android's erasure - so everyone who did a factory reset before selling/giving away their old phone potentially gave away their data (to the 0.0001% of people who would care to try this against a random phone they bought second hand)

1
0

Re: iOS devices potentially have the a similar problem

Not only that, but on devices with A7 and higher CPUs the encryption keys are held in a special memory block on the CPU die itself with no direct read/write access from outside of the chip. Also, for anything running IOS8+ (iPhone 4S+, iPad 2+) full-disk encryption is mandatory. It's there, and there's no way to disable it.

0
0

In other news. Windows 98 is easily hackable.

Can we get Microsoft to send out updates to fix all the bugs in Windows 98? Or how about Windows ME?

0
4

Re: In other news. Windows 98 is easily hackable.

MS has committed to provide free updates for all major software for 10 years. The phone manufacturers haven't been allowing and/or pushing updates for phones past 1-2yrs, even in the rare instances the code has been updated. How is that equivalent to your mind?

8
0

Re: In other news. Windows 98 is easily hackable.

Windows has committed.

Google has not. There's nowhere where you buy a phone where people say that they are going to be giving you free software updates. Apple doesnt, Google doesnt, Blackberry doesnt, heck, even Windows Phone doesnt.

Why the expectation for them to?

Computers are being used for longer, there are still people using windows 98 and windows XP. Just because their systems are vulnerable should they go screaming at the media? Even after the support window has expired?

0
0

Re: In other news. Windows 98 is easily hackable.

MS have said all WP8 devices will be getting 10.

1
1
Anonymous Coward

Re: In other news. Windows 98 is easily hackable.

Windows has committed

You mean Microsoft. Oh really? Nonsense, they haven't - none of them have. The only commitment you have from Microsoft is that they will SELL you a new version when they get bored with sending updates or it becomes too obvious it really cannot be rescued (Vista immediately comes to mind here, or the upgrade to TIFKAM).

Google doesn't care one way or the other or they would have modelled the platform in such a way that customisations are layered on top instead of affect core code so that updates and OEM custom layers would not get in each other's way. But Google doesn't care - it goes for volume, and you get to volume by being cheap.

Apple has a decent update frequency in iOS and OSX, but could do with a lot more transparency. The main gripe I see people have is that new updates don't work on old hardware, but if you didn't expect that from the only IT company that makes a good margin off hardware instead of a waferthin edge over costs you need your head examined.

1
1
ST
Silver badge

> But the important thing to note here is that you'd have to have my phone BEFORE I wipe it.

No, I don't. The only thing i need is your key, which I may have obtained already, through various other means, and prior to your phone data scrub.

1
0
Bronze badge

DOH !

and still Google and the manufactures refuse to update older phones to a more secure version, using the same old tired and lazy excuses !

0
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing