[HacktionLab] encryption does the the trick in most cases. Re: wiping phones data

Micah+HacktionLab at ourmayday.org.uk Micah+HacktionLab at ourmayday.org.uk
Sun Nov 19 11:38:57 UTC 2023 

Mick and others,

My understanding is:

as per below

"The use of advanced storage technologies may also make file-based 
overwrite ineffective (see the discussion below under Complications)."

Shred no longer works on filesystems optimised to preserve phone (& 
iPad/AirBook) drives.

This is because it will not write new data to same place as old data, if 
you try to overwrite it.
Also it will reduce life of the drive.

If the drive is already encrypted as is the default now on most modern 
phone there is no need to use shredding to wiping tool, just losing the 
private key will work, so in most case just a factory reset. Remember to 
delink accounts before do this.

You could always (re)install (a totally new OS) with new encryption, if 
able.

cheers

Micah

https://J12.ORG/sb/

On 19/11/2023 11:10, mp wrote:
>
>
> On 11/18/23 16:55, Mick Fuzz wrote:
>> Hi there,
>>
>> Has anyone got any tips / links to deleting data securely.
>>
>> Ideally using on linux / crossplatform tools? But open to others.
>>
>> There's one article here that is almost useful!
>>
>> https://www.wired.co.uk/article/securely-wipe-android-iphone-hard-disk
>>
>
> Useful overview w/links:
>
> https://security.stackexchange.com/questions/10464/why-is-writing-zeros-or-random-data-over-a-hard-drive-multiple-times-better-th 
>
>
> Specific "shred" man:
>
> https://www.freecodecamp.org/news/securely-erasing-a-disk-and-file-using-linux-command-shred/ 
>
>
>
>
> The a Wikipedia section to sum up:
>
> https://en.wikipedia.org/wiki/Data_remanence
>
> Overwriting
>
> A common method used to counter data remanence is to overwrite the 
> storage media with new data. This is often called wiping or shredding 
> a file or disk, by analogy to common methods of destroying print 
> media, although the mechanism bears no similarity to these. Because 
> such a method can often be implemented in software alone, and may be 
> able to selectively target only part of the media, it is a popular, 
> low-cost option for some applications. Overwriting is generally an 
> acceptable method of clearing, as long as the media is writable and 
> not damaged.
>
> The simplest overwrite technique writes the same data everywhere—often 
> just a pattern of all zeros. At a minimum, this will prevent the data 
> from being retrieved simply by reading from the media again using 
> standard system functions.
>
> In an attempt to counter more advanced data recovery techniques, 
> specific overwrite patterns and multiple passes have often been 
> prescribed. These may be generic patterns intended to eradicate any 
> trace signatures, for example, the seven-pass pattern: 0xF6, 0x00, 
> 0xFF, random, 0x00, 0xFF, random; sometimes erroneously attributed to 
> the US standard DOD 5220.22-M.
>
> One challenge with overwriting is that some areas of the disk may be 
> inaccessible, due to media degradation or other errors. Software 
> overwrite may also be problematic in high-security environments, which 
> require stronger controls on data commingling than can be provided by 
> the software in use. The use of advanced storage technologies may also 
> make file-based overwrite ineffective (see the discussion below under 
> Complications).
>
>>
>>
>> _______________________________________________
>> HacktionLab mailing list
>> HacktionLab at lists.aktivix.org
>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org
> https://lists.aktivix.org/mailman/listinfo/hacktionlab

-- 
--
--
https://J12.org/micah/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xF3B338B24172387B.asc
Type: application/pgp-keys
Size: 33449 bytes
Desc: OpenPGP public key
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20231119/c5813a77/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20231119/c5813a77/attachment-0001.sig>

More information about the HacktionLab mailing list