New Android Flaw in Factory Reset Emerges

By CIOReview | Wednesday, May 27, 2015

FREMONT, CA: Cambridge University Researcher Ross Anderson along with his sub-ordinate Laurent Simon has carried out a research to figure out Smartphone sanitization capability and found that 500 Mn Google phones along with HTC, LG, Samsung and Motorola using android version 4.3 and 2.3 have been clinically proved less effective. The estimation they made is analyzed by reviewing Android OS distribution of 2013, as reported by Thomas Fox-Brewster from Forbes.

Nowadays second hand market is pacing way as people prefer trading expensive device after a certain time of usage. Therefore wiping the data by resetting factory settings is a mandatory function to be carried out to avoid threat of restoring trader’s personal data.

According to the research paper submitted by Ross Anderson, Google authorization can be found in all devices with flawed factory reset to acquire data from some applications and they observed that when full disk was turned on entire data was not wiped out properly enabling to decipher the encryption key and unlock the phone.

It makes consumers skeptical about the reports when Google gave no comments regarding the research. But Anderson suggests Original Equipment Manufacturers should understand Android code so that they should not disfigure the settings as well as Google need include factory reset into its conformance test process.

Precisely Operating Systems like Gingerbread 2.3, Ice Cream Sandwich and Froyo are among those who could not sanitize primary SD cards for secure deletion. However Anderson commented that Android Lollipop is better in this case as it verifies ownership after factory reset.

Important asset of this research is its recommendation part which suggests use of an emulated primary SD Card erasing the entire partition, implementing sanitization in boot loading mode and exposing an option of sanitation validation.