Did you disposal your mobile / laptop / drives data safely?
Old photos and videos can come back to haunt smartphone sellers.
When we looked at the different types and quantities of residual data found on the mobile devices, 1% of the total residual data was in the form of photos and videos. This may stem from the erroneous assumption that deleting a file means the file is gone. In truth, hitting the ‘delete’ button on photos and videos saved on mobile devices does not guarantee that photos and videos are securely removed from the device.
The information potentially gleaned from remaining photos and videos can be dangerous, especially if it falls into the wrong hands. Photos may contain very specific geolocation data about where they were taken. This means that not only the photos themselves but also the location data could be shared publicly, raising concern that a user’s location and actions are no longer private. Additionally, a skilled cyber criminal could use a tool like Photoshop to copy the faces of sellers onto other images or sites that are explicit or inappropriate in nature.
As Paul Henry, IT Security Consultant for Blancco Technology Group, explains, “Whether you’re an individual, a business or a government/state agency, failing to wipe information properly can have serious consequences. One of the more glaring discoveries from our study is that most people attempt in some way or another to delete their data from electronic equipment. But while those deletion methods are common and seem reliable, they aren’t always effective at removing data permanently and they don’t comply with regulatory standards. There’s no better example of this danger than the findings of a recent state audit, which found that 12 US state agencies responsible for handling taxes, programs for people with mental illness and driver’s licenses used inadequate methods to attempt to wipe information. The big lesson for both businesses and consumers is to understand which deletion methods are effective and comply with regulatory standards and, most importantly, to be cautious of blindly trusting that simply ‘deleting’ data will truly get rid of it for good.”
Data is difficult to delete and can easily resurface after mobile devices are resold
While over one-third (35 percent) of the second-hand mobile devices purchased contained data that was still intact, it is even more disturbing that 57 percent of the devices with residual data had a deletion attempt made on them. In fact, two of those devices still contained 179 texts, 252 instant messages, over 75 photos and two SMS messages. From that data, the identity of the original phone owners were discerned!
The takeaway is that not all mobile data erasure methods are effective at completely erasing data. Some of the methods commonly used still leave a significant amount of data. Additionally, failure to completely and properly wipe electronics could leave behind data as well. In the case of Android devices, ineffective deletion may occur because users assumed the factory reset would suffice in completely removing their data. The bottom line is information often considered ‘deleted’ (including external SD or SIM cards) by the examples noted in this study still leave a considerable amount of data intact.
In reality, manually deleting data or simply logging out of an app will not erase the data from the phone. Deleting data only removes the ability for the mobile device to find the data again. The data still remains and can be recovered. In order to make the data unrecoverable, it needs to be overwritten. Factory reset – a heavily relied upon deletion method – has been proven effective in some cases but not in others. Each device’s operating system is different and the same wiping method that works on iOS devices does not work on Android devices. These methods are not only specific to the operating system, but they are also unique to the device manufacturer and can vary by device model produced by the same manufacturer. If the factory reset applied is not completely effective, it is extremely easy to perform a simple Google search to find software that can quickly recover that data.
Basic file deletion commands leave users with a false sense of security
For hard disk drives and solid state drives found to have residual data, 75 percent showed that a deletion attempt was performed. Only 25 percent were resold without any deletion method applied to them. This demonstrates that sellers are attempting to permanently wipe data, but they are failing to use a fully effective solution. On four of the drives containing data, or 11 percent, only a basic delete was performed, meaning that the user simply deleted the file or sent it to the recycle bin. This type of deletion method made it easy to retrieve 100 percent of the data stored on the drives. To be specific, a total of 444,000 files were found on these four drives.
When you simply delete files from your HDD or SSD, the file data remains on the drive. In reality, you are only deleting the pointers to the data. Imagine your drive is like a library. To find the book you want, you get a reference number from the library’s database, which leads you to the section of the library where the book can be physically found. Imagine if the book was removed from the library’s database and pointers to its location no longer exist. The book still remains in the library, but it now becomes a case of using more sophisticated methods to locate it. This same analogy can be applied to deleting files.