I suspect that many of you have performed a factory reset on your phone thinking that all your data was gone and then either gave away or sold your phone. I have.
Tech Times wrote an interesting article on the subject and it is not all sunshine in Android land.
Avast, the computer security software firm purchased 20 second hand Android phones on eBay and used a standard forensics tool (FTK imager) on these 20 supposedly factory reset phones.
The results? They recovered more than 40,000 pictures, some with kids in them. Some with “personal” selfies. Along with a bunch of other things like a loan application. Remember these 40,000 pictures came from only 20 phones.
The issue is that just like in DOS (or Windows), all the factory reset does is change the index to the file so it is not visible. The data is still out there.
Before you panic too much (sorry, you can’t change history – that phone you sold last year – just forget it), there is an answer.
Google says that if you enable encryption before you do that factory reset, you should be in good shape. Remember that you have to enable encryption on the external SD card separately from the built in storage (or remove it from the phone and keep it).
Once you have turned on encryption, THEN perform the factory reset.
It still does not delete any of the files, but it DOES delete the encryption key, so when someone retrieves the deleted files, they won’t have the key and therefore won’t be able to decrypt the file they were able to recover. Not perfect, but a whole lot better than before.
Avast (of course) does offer a freemium product called Avast Anti-Theft that they claim will overwrite deleted files, but unless you are very paranoid, you should not need to do that.
I guess it is what you DON’T know that can bite you.