Android tips

Factory resetting Android doesn't entirely wipe it. Do this instead

Android's factory reset feature has a security problem, but you can easily protect yourself before selling or recycling your phone

Android tips

Show More

You likely already know that before you sell or recycle your phone you should reset it to factory settings so all of your personal information doesn't go along with the device. There's a problem with factory reset, however, in Android.

A factory reset isn't enough, according to a recent study (PDF) which found that data gets left behind after Android phones are wiped--including the Google account login token. As the Verge explains:

The core of the problem is flash memory, which limits how often a given block of memory can be overwritten. As a result, a factory reset will often designate data as logically deleted (that is, available to be overwritten) without actually overwriting it, so as to prolong the life of the hard drive. Using a variety of database recovery tools, two Cambridge researchers were able to scan the wiped phones for portions of the hard drive that had been designated as logically empty, recovering photos, passwords, and chat logs. In theory, the factory reset is supposed to wipe all that data, but thanks to the quirks of flash memory, it wasn't being wiped all the way.

Thankfully, the solution is easy: encrypt your phone before you do the factory reset. That way, any data that's left behind will be scrambled and inaccessible to the next user (unless they're able to crack your encryption key with brute force, but that's unlikely if you choose a long and complex encryption password). Head to Settings > Security > Encrypt Phone to encrypt your device--a good thing to do anyway in case your phone is ever lost or stolen.

 [h/t The Verge]

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon