The built-in factory reset on Android smartphones is so poorly implemented on popular models it should never be relied on to erase sensitive data, the Asset Disposal & Information Security Alliance (
ADISA) has warned after performing a forensic analysis of a range of current end-of-life handsets.
Authored by ADISA founder Steve Mellings and Professor Andrew Blyth of the University of South Wales, the pair
lined up 24 smartphones representative of those commonly disposed of in the channel, made up of 11 BlackBerrys, seven from Apple’s iPhone range and six Androids models from Samsung and HTC.
These included from the BlackBerry Bold 9900, BlackBerry Torch 9810 and BlackBerry Curve 9320, iPhone 3GS, iPhone 4, and iPhone 5, plus Samsung’s Android-based i8160, i890, i9100 Galaxy, and HTC’s Android Wildfire S and Cha Cha.
The reset function in the BlackBerrys and iPhones performed well and the researchers found it impossible to recover any data. However, the Android smartphones offered a very different story, with even multiple resets under test conditions unable to properly erase multiple categories of test data contained on them such as phone contacts, SMS messages, Calendar events, call logs, images, videos, and even apps and data.
