Refurb iPhones still contain previous users' data
Here's a slightly disturbing story from iPhone Atlas. Apparently user data is recoverable from iPhones that are being sold as refurbished. A detective from the Oregon State police recovered email, photos, and other user data from an "out-of-the-box refurbished iPhone." Indeed the image to the right is a partial screen capture from the refurbished iPhone.According to the iPhone developer Jonathan Zdziarski "all of the personal information that was sitting on [his iPhone] prior to the erase or restore is still left sitting in the unallocated blocks of the iPhone's NAND memory." In other words doing a Restore operation through iTunes will not actually fully delete all the data on the iPhone. What's needed is a low-level format of the NAND, but there doesn't seem to be a readily available means for doing this.
With the 3G iPhone presumably about to drop it seems safe to assume a lot of second-hand iPhones are about to become available on eBay, etc. It would be nice if there were some fully reliable way to ensure that all personal data is expunged from the device. The original information is on Zdziarski's blog.
Update: Just to be clear, the data was recovered using forensics software. Average users who buy refurbished iPhones will not have easy access to the previous userss data, though it will still be there waiting to be recovered by anyone with the proper expertise.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 2)
PSM said 9:38AM on 5-20-2008
Wow, that's scary. What steps would someone have to take to be able to get access to the data that's left on the phone?
And why the hell would Apple not build in a way to wipe personal data? This doesn't make me feel great about buying a 3G iPhone. I hope a 3rd party utility can at least come out to do this.
Reply
Jason said 9:40AM on 5-20-2008
Ouch. This and Apple's policy of not returning users' bad hard drives after warranty replacement are both annoying and dangerous. My MacBook Pro may have to go back for warranty service soon, and you can be sure that I'll be taking my own backups and wiping the hard drive clean before I send it back to them. Hopefully they'll update iTunes quickly to provide a way to fix this iPhone problem so I can wipe my iPhone too should it ever need to go back to Apple.
Reply
bobartig said 8:31PM on 5-20-2008
Oh my god, Apple doesn't return your bad hard drive because that's never what they agreed to do in their terms of service. They agree to swap your existing bad hard drive for a replacement one. If your data is sensitive, DESTROY the hard drive and have an AASP do a warranty-preserving replacement using Apple certified parts.
In the case of the idiot blogger who complained so loudly, regarding the whole "no, you can't have the old drive back", the Genius offered to show him how to replace his own drive, which he could have bought himself, thus skirting the data sensitivity issues. He didn't want to because he was cheap. Then he complained about not getting the drive back, even though it had been explained to him that he would not get the old drive if they proceeded with the repair.
He agreed to the repair terms, thinking he could wiggle out of them, and argue his way into getting his old drive. Then, when he couldn't, he tried to make a big deal out of it. It's pathetic and lame.
Kalessin said 9:52AM on 5-21-2008
@bobartig: So, your hard drive fails and you take your Mac in for warranty repair. But first, according to you, DESTROY the failing HDD. How? With a big hammer? I can only assume Apple would claim their warranty doesn't cover that.
Or do you show them the intact drive and say, "Now just hold on there for a second; I'll be right back," and go and run over it with your car?
bobartig said 4:10PM on 5-21-2008
@Kalessin: I left out some steps. Basically, if you need to destroy your hard drive, you'll end up eating the cost of the repair, but you can at least maintain warranty coverage for future repairs. It was a bit out of order (actually, the order was fine, but you didn't get it that way). But here's a way to do it:
1) Take computer to AASP, request that they replace the drive with a warranty part, but sell the part to you, charge for labor, and return the bad drive to you. You pay out of pocket for all expenses, but once returned, your mac has warranty support, including the new drive.
2) Take old hard drive and destroy it.
My steps above were:
1) Remove bad hard drive
2) Destroy bad hard drive
3) Have AASP repair. Same warranty coverage result.
In a way, however, having drive warranty coverage doesn't matter if your data is so important that you need it securely destroyed each time a drive fails. I'm just saying how it works in terms of Apple's warranty coverage because I have apple service provider experience.
krye said 9:42AM on 5-20-2008
What if you restore to factory defaults, then fill it up with junk until the memory was full?
Reply
maybesew said 9:45AM on 5-20-2008
I would really want to know if this was an AT&T refreshed phone or not. From what I have heard, an apple refurbed phone is completely disassembled and reassembled and wiped clean at the factory itself. AT&T probably just restored with itunes.
Dean said 9:46AM on 5-20-2008
Scary. It seems like they don't really have a system in place to handle things like this.
I bought a refurb iPhone from AT&T a few months ago, and I needed to take it to Apple for service. The receipt I got back for the work order had the name, address and phone number of the original owner of the phone! Is this common?
Reply
d said 9:48AM on 5-20-2008
A reliable way be be sure your data is safe:
Crack open the iPhone and pull the internals. Apple will replace them during the refurb process.
Yes, I am being sarcastic.
Reply
Paul said 10:13AM on 5-20-2008
Wait, wait, wait!
The data was retrieved with FORENSICS software, not just browsing about. Who has iPhone Forensics software? Cops, detectives, and unscrupulous hackers.
This is not for the common person, and the average Joe isn't going to be able to get to the info.
You can stop panicking now. Remember, the devil's in the details. Read the full links and blogs to discover the truth.
Nothing to see here, move along.
Reply
Macroy said 10:17AM on 5-20-2008
At least I can rest easy knowing that only unscrupulous hackers (and the police) have access to this kind of information.
mark said 11:39AM on 5-20-2008
Yes by all means let us just bury our heads in the sand and ignore that which we can't understand.
Crappy suggestion dude. You BETTER be worried about this. Just because YOU don't know how to hack doesn't mean others don't and won't exploit this situation.
Macroy said 2:22PM on 5-20-2008
I was being sarcastic.
Galley said 10:19AM on 5-20-2008
My AT&T refurbished iPhone arrived in minty fresh condition. There was no previous data of any kind on it.
Reply
Pauldy said 10:21AM on 5-20-2008
If your paranoid about someone getting yoru data I'm pretty sure you can run a dd if=/dev/zero of=/Volumes/iphonedir/test.zero
Once that crashes because it ran out of space rm -rf /Volumes/iphonedir/test.zero and ou will have efectivly reset all the bits to zero on the iphone, if this doesn't work writting an app that links against itunes to transfer a huge file of zeros over shouldn't be that hard.
Reply
gajkowskia@gmail.com said 10:22AM on 5-20-2008
Reminds me of a used Xbox I purchased that still had the original user's data on it for the Live service. I would have thought Apple would have been smarter with such a high profile device like the iPhone. Makes me wonder how secure the enterprises will be if they need to remotely wipe a stolen company iPhone. Apple needs to respond to this latest allegation before my money leaves my pocket.
Reply
zachary miller said 10:49AM on 5-20-2008
and before the 3G iPhones leave the warehouses, I see this delaying the next generation back a few weeks.
Hawkman said 10:35AM on 5-20-2008
Well... Dur? The same is true of pretty much every mobile phone in existence - deleting something doesn't actually zero it from the storage. It's true of your computer. Hardly such a big problem as someone pinching your stuff and having immediate access to your data anyway.
The moral of the story is, don't ever store any data anywhere in case someone gets their hands on it. Or alternatively learn to live with it...
Reply
Bender Bending Rodriguez said 10:36AM on 5-20-2008
They really need to add a writer to zero option for the Factory Restore option.
And hopefully the remote wipe coming in v2.0 will allow write to zero instead of just removing the markers.
Reply
JG said 7:58PM on 5-20-2008
Couldn't you just wipe the iPhone with iTunes and simply fill the iPhone with data (pics, tunes, etc.), then wipe again?
Reply