An article on CNET.com cites a study from security software vendor Avast that calls into question the effectiveness of Android’s factory reset option, which people often use to delete personal data from their old smartphones before reselling or making a charitable donation with the old device.
According to the article, Avast purchased 20 Android smartphones from eBay, which has around 80,000 used smartphones for sale at any given time. Using off-the-shelf digital forensics tools, Avast was able to recover SMS and Facebook chats from Android phones, along with more than 40,000 photos–including 250 nude male selfies–along with 750 emails and text messages, 250 contacts, the identities of four phones’ previous owners, and one completed loan application.
The problem, as Avast mobile division president Jude McColgan told CNET, is that people still aren’t used to considering the implications of all the personal data stored on a smartphone. The article quotes McColgan as saying, “Users thought they were doing a clean wipe and factory reinstall,” he said, but the factory reinstall is cleaning phones “only at the application layer.”
Avast noted in the report that its own Android security app comes with a deletion tool that the company said does a better job of wiping personal data than the included reset option.