[HacktionLab] wiping phones data

Michael Rogers michael at briarproject.org
Fri Dec 1 11:48:28 UTC 2023 

I think what you've said makes sense. Apps can choose to store data on 
internal and/or external storage, but this distinction refers to whether 
other apps are allowed to access the data, not to whether the storage is 
built-in or removable. A long time ago "external" storage used to mean a 
removable SD card, but nowadays it may just be a conceptually separate 
part of the same built-in flash as the "internal" storage.

I've tested Extirpater with a couple of phones, and what seems to happen 
is that if an SD card is inserted then it shows the built-in storage as 
"primary" and the SD card as "secondary", whereas without an SD card it 
shows the built-in storage as both primary and secondary. So probably 
redundant to wipe both.

As others have said, overwriting data on flash doesn't work the same as 
on hard disks. The data may not be effectively removed and the large 
number of writes will reduce the lifetime of the storage. But perhaps 
it's still better than nothing.

Cheers,
Michael

On 01/12/2023 09:37, m3shrom wrote:
> Hi there,
> 
> I've managed to to use this tool as suggested below.
> https://f-droid.org/packages/us.spotco.extirpater/
> 
> It locates in a android 7.0 (Galaxy s6) phone, a primary and secondary 
> storage. No SD card is plugged in. Both about 27G
> 
> I think this is the difference between internal and external storage.
> 
> https://medium.com/@babul.sust.cse/understanding-of-android-storage-system-17b6134f873
> 
> external in this case is still on the phone (not SD card), but users 
> have access to it via Files. Compared to internal which users can't see 
> in files.
> 
> If so, this would be a good reason to use this app, rather than just 
> relying on overwriting data with files via USB as I have seen suggested 
> in other forums
> 
> Let me know if this makes sense?
> 
> Thanks
> Mick
> 
> -------- Forwarded Message --------
> Subject: 	Re: [HacktionLab] wiping phones data
> Date: 	Thu, 23 Nov 2023 18:55:31 +0000
> From: 	mat A <mat at de-mystify.co.uk>
> To: 	mickfuzz <mickfuzz23 at gmail.com>, hacktionlab at lists.aktivix.org
> 
> 
> 
> this tool writes zero's or randomness to free space on internal and 
> external sd drives:
> 
> https://f-droid.org/packages/us.spotco.extirpater/
> 
> Works on android 4 and up so should be adequate for the use case and 
> avoiding re install,
> 
> Mat
> 
> 
> November 22, 2023 6:11 PM, "mickfuzz" <mickfuzz23 at gmail.com 
> <mailto:mickfuzz23 at gmail.com?to=%22mickfuzz%22%20<mickfuzz23 at gmail.com>>> wrote:
> 
>     On 21/11/2023 22:00, sb wrote:
>>     Hi all,
>>
>>     Long time lurker here, hi. The question is how deep do you want to go?
> 
>     Not too deep if I'm honest. The main thing is this. I would like to
>     be able to say to people that donate their phones for reuse
>     something like.
> 
>     "We wipe the user data from the phone in a way which makes it
>     impractical for the next user to read it."
> 
>     So not impossible / military grade no fragments etc. But in
>     practical terms it's not going to happen with any off the shelf tools.
> 
>     In all likelihood a factory reset would be adequate, but I would
>     like to go further and prevent people from using a tool like dd
>     rescue (gui) to recover files for phones before they were encrypted
>     by default.
> 
>     So some kind of tool to write zeros, overwrite old data seems like a
>     good idea. Any suggestions welcome for android pre-10
> 
>     So I do want to avoid having to install a new OS as that'll probably
>     be overkill for this project I would hope.
> 
>     Thanks everyone for their help so far.
> 
>     On 22/11/2023 14:09, Michael Rogers wrote:
>>     On 21/11/2023 22:00, sb wrote:
>>>     When doing a factory reset, there is actually a duplicate hidden
>>>     partition of the main one, that just gets reloaded onto the main
>>>     one if it goes down. When you flash the bootloader with another
>>>     manager, that's how you get access. Hope that makes sense. I have
>>>     no idea about iPhone s.
>>
>>     I think this is only the system partition though, not the user
>>     partition where all your personal data's stored. A factory reset
>>     should wipe the user partition but not either of the system
>>     partitions.
> 
>     That was the impression that I got too. This would be good to
>     confirm one way or other.
> 
>     nice one
>     Mick
> 
> 
> 
> 
> 
> On 23/11/2023 18:55, mat A wrote:
>>
>> this tool writes zero's or randomness to free space on internal and 
>> external sd drives:
>>
>> https://f-droid.org/packages/us.spotco.extirpater/
>>
>> Works on android 4 and up so should be adequate for the use case and 
>> avoiding re install,
>>
>> Mat
>>
>>
>> November 22, 2023 6:11 PM, "mickfuzz" <mickfuzz23 at gmail.com 
>> <mailto:mickfuzz23 at gmail.com?to=%22mickfuzz%22%20<mickfuzz23 at gmail.com>>> wrote:
>>
>>     On 21/11/2023 22:00, sb wrote:
>>>     Hi all,
>>>
>>>     Long time lurker here, hi. The question is how deep do you want
>>>     to go?
>>
>>     Not too deep if I'm honest. The main thing is this. I would like
>>     to be able to say to people that donate their phones for reuse
>>     something like.
>>
>>     "We wipe the user data from the phone in a way which makes it
>>     impractical for the next user to read it."
>>
>>     So not impossible / military grade no fragments etc. But in
>>     practical terms it's not going to happen with any off the shelf tools.
>>
>>     In all likelihood a factory reset would be adequate, but I would
>>     like to go further and prevent people from using a tool like dd
>>     rescue (gui) to recover files for phones before they were
>>     encrypted by default.
>>
>>     So some kind of tool to write zeros, overwrite old data seems like
>>     a good idea. Any suggestions welcome for android pre-10
>>
>>     So I do want to avoid having to install a new OS as that'll
>>     probably be overkill for this project I would hope.
>>
>>     Thanks everyone for their help so far.
>>
>>     On 22/11/2023 14:09, Michael Rogers wrote:
>>>     On 21/11/2023 22:00, sb wrote:
>>>>     When doing a factory reset, there is actually a duplicate hidden
>>>>     partition of the main one, that just gets reloaded onto the main
>>>>     one if it goes down. When you flash the bootloader with another
>>>>     manager, that's how you get access. Hope that makes sense. I
>>>>     have no idea about iPhone s.
>>>
>>>     I think this is only the system partition though, not the user
>>>     partition where all your personal data's stored. A factory reset
>>>     should wipe the user partition but not either of the system
>>>     partitions.
>>
>>     That was the impression that I got too. This would be good to
>>     confirm one way or other.
>>
>>     nice one
>>     Mick
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> HacktionLab mailing list
>> HacktionLab at lists.aktivix.org
>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
> 
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org
> https://lists.aktivix.org/mailman/listinfo/hacktionlab
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x11044FD19FC527CC.asc
Type: application/pgp-keys
Size: 7546 bytes
Desc: OpenPGP public key
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20231201/31b0ce9e/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20231201/31b0ce9e/attachment-0001.sig>

More information about the HacktionLab mailing list