Greetings to the community,
I would like to know if there is a tool/method to securely wipe a mobile device (in this case, my android phone). Secure in the same sense that DBAN or CMRR's "Secure Erase" securely wipes a hard drive (I will need to give up my phone very soon).
The idea of just writing huge junk files over all addressable memory would be fine with me, however the phone seems to use different memory (or a specific area of memory) for contacts, to-do lists, calendar, notes etc. with the main memory being the one accessed through connecting the phone to the PC (which also holds the OS files, etc).
So, how can one access the memory locations for, say, the Contacts, in order to wipe it? This becomes increasingly difficult for older phones
It's pretty much impossible to get a reliable wipe unless you have a fully rooted phone, preferably even with a custom ROM similar to Cyanogen installed. Otherwise there will be areas that cannot be touched and the manufacturer ROM can be expected to do shenanigans of its own these days. At least root after having made a factory reset, then a few apps like SecureWipe(Android) run a few times over seems to do pretty well. Try some recovery tool to see if you can restore anything. Do extra repeats as necessary, then factory wipe again at the end to give the next user a seemingly clean phone.
Companies do best to wipe with hammer.
Got something to hide, Gerard?
a tool/method to securely wipe a mobile device:
- 5-10 minutes in the microwave should do the trick
- or the GCHQ method of using an angle grinder on the logic-board
Just root it and then start writing random crap over the whole thing. Or set it on fire if you don't want to keep the phone.
Thanks for the recommendations. I still want the phone to be functioning. I just got Secure Wipe, and used it. It's very nice to have this process automated instead of doing it manually (I would write a junk files all over), however this quote from the developers caught my attention:
"The free version of this application does not sanitize database areas such as contacts, phone logs, or SMS text messages. Look for a pro version in the future that may perform a more thorough sanitization."
There is no PRO version that I could find. So does anybody know of a tool that would reach those cryptic "database" areas, which by the way are the ones that I am most interested in?
For anybody who is interested:
What I did to possibly reach all memory areas was to create junk contacts and junk SMS messages and import them on the phone (coding was necessary to speed this up to less than a million years). My phone has two logical "partitions" - don't know if this is the right word - of non-volatile space: one is the "phone memory" and the other is an emulated SD card. What I found out was that importing SMS's and contacts would consume the phone memory, which had already been wiped with "Secure Wipe" (the android app, above). So in essence there is no reserved memory for such items as SMS messages, contacts and possibly call logs. They appear to all share the phone memory. I went on with the junk data anyway though.
Also: The secure wipe program was run more than a few times to ensure that all NAND cells would be reached, and that any unwanted interference at the firmware level (wear leveling) would have no negative effect.
thanks for the update. this may actually be useful if i ever give away one of my work phones.