Here's a slightly disturbing story from iPhone Atlas. Apparently user data is recoverable from iPhones that are being sold as refurbished. A detective from the Oregon State police recovered email, photos, and other user data from an "out-of-the-box refurbished iPhone." Indeed the image to the right is a partial screen capture from the refurbished iPhone.According to the iPhone developer Jonathan Zdziarski "all of the personal information that was sitting on [his iPhone] prior to the erase or restore is still left sitting in the unallocated blocks of the iPhone's NAND memory." In other words doing a Restore operation through iTunes will not actually fully delete all the data on the iPhone. What's needed is a low-level format of the NAND, but there doesn't seem to be a readily available means for doing this.
With the 3G iPhone presumably about to drop it seems safe to assume a lot of second-hand iPhones are about to become available on eBay, etc. It would be nice if there were some fully reliable way to ensure that all personal data is expunged from the device. The original information is on Zdziarski's blog.
Update: Just to be clear, the data was recovered using forensics software. Average users who buy refurbished iPhones will not have easy access to the previous userss data, though it will still be there waiting to be recovered by anyone with the proper expertise.
Reader Comments (Page 1 of 2)
5-20-2008 @ 9:38AM
PSM said...
Wow, that's scary. What steps would someone have to take to be able to get access to the data that's left on the phone?
And why the hell would Apple not build in a way to wipe personal data? This doesn't make me feel great about buying a 3G iPhone. I hope a 3rd party utility can at least come out to do this.
Reply
5-20-2008 @ 9:40AM
Jason said...
Ouch. This and Apple's policy of not returning users' bad hard drives after warranty replacement are both annoying and dangerous. My MacBook Pro may have to go back for warranty service soon, and you can be sure that I'll be taking my own backups and wiping the hard drive clean before I send it back to them. Hopefully they'll update iTunes quickly to provide a way to fix this iPhone problem so I can wipe my iPhone too should it ever need to go back to Apple.
Reply
5-20-2008 @ 8:31PM
bobartig said...
Oh my god, Apple doesn't return your bad hard drive because that's never what they agreed to do in their terms of service. They agree to swap your existing bad hard drive for a replacement one. If your data is sensitive, DESTROY the hard drive and have an AASP do a warranty-preserving replacement using Apple certified parts.
In the case of the idiot blogger who complained so loudly, regarding the whole "no, you can't have the old drive back", the Genius offered to show him how to replace his own drive, which he could have bought himself, thus skirting the data sensitivity issues. He didn't want to because he was cheap. Then he complained about not getting the drive back, even though it had been explained to him that he would not get the old drive if they proceeded with the repair.
He agreed to the repair terms, thinking he could wiggle out of them, and argue his way into getting his old drive. Then, when he couldn't, he tried to make a big deal out of it. It's pathetic and lame.
5-21-2008 @ 9:52AM
Kalessin said...
@bobartig: So, your hard drive fails and you take your Mac in for warranty repair. But first, according to you, DESTROY the failing HDD. How? With a big hammer? I can only assume Apple would claim their warranty doesn't cover that.
Or do you show them the intact drive and say, "Now just hold on there for a second; I'll be right back," and go and run over it with your car?
5-21-2008 @ 4:10PM
bobartig said...
@Kalessin: I left out some steps. Basically, if you need to destroy your hard drive, you'll end up eating the cost of the repair, but you can at least maintain warranty coverage for future repairs. It was a bit out of order (actually, the order was fine, but you didn't get it that way). But here's a way to do it:
1) Take computer to AASP, request that they replace the drive with a warranty part, but sell the part to you, charge for labor, and return the bad drive to you. You pay out of pocket for all expenses, but once returned, your mac has warranty support, including the new drive.
2) Take old hard drive and destroy it.
My steps above were:
1) Remove bad hard drive
2) Destroy bad hard drive
3) Have AASP repair. Same warranty coverage result.
In a way, however, having drive warranty coverage doesn't matter if your data is so important that you need it securely destroyed each time a drive fails. I'm just saying how it works in terms of Apple's warranty coverage because I have apple service provider experience.
5-20-2008 @ 9:42AM
krye said...
What if you restore to factory defaults, then fill it up with junk until the memory was full?
Reply
5-20-2008 @ 9:45AM
maybesew said...
I would really want to know if this was an AT&T refreshed phone or not. From what I have heard, an apple refurbed phone is completely disassembled and reassembled and wiped clean at the factory itself. AT&T probably just restored with itunes.
5-20-2008 @ 9:46AM
Dean said...
Scary. It seems like they don't really have a system in place to handle things like this.
I bought a refurb iPhone from AT&T a few months ago, and I needed to take it to Apple for service. The receipt I got back for the work order had the name, address and phone number of the original owner of the phone! Is this common?
Reply
5-20-2008 @ 9:48AM
d said...
A reliable way be be sure your data is safe:
Crack open the iPhone and pull the internals. Apple will replace them during the refurb process.
Yes, I am being sarcastic.
Reply
5-20-2008 @ 10:13AM
Paul said...
Wait, wait, wait!
The data was retrieved with FORENSICS software, not just browsing about. Who has iPhone Forensics software? Cops, detectives, and unscrupulous hackers.
This is not for the common person, and the average Joe isn't going to be able to get to the info.
You can stop panicking now. Remember, the devil's in the details. Read the full links and blogs to discover the truth.
Nothing to see here, move along.
Reply
5-20-2008 @ 10:17AM
Macroy said...
At least I can rest easy knowing that only unscrupulous hackers (and the police) have access to this kind of information.
5-20-2008 @ 11:39AM
mark said...
Yes by all means let us just bury our heads in the sand and ignore that which we can't understand.
Crappy suggestion dude. You BETTER be worried about this. Just because YOU don't know how to hack doesn't mean others don't and won't exploit this situation.
5-20-2008 @ 2:22PM
Macroy said...
I was being sarcastic.
5-20-2008 @ 10:19AM
Galley said...
My AT&T refurbished iPhone arrived in minty fresh condition. There was no previous data of any kind on it.
Reply
5-20-2008 @ 10:21AM
Pauldy said...
If your paranoid about someone getting yoru data I'm pretty sure you can run a dd if=/dev/zero of=/Volumes/iphonedir/test.zero
Once that crashes because it ran out of space rm -rf /Volumes/iphonedir/test.zero and ou will have efectivly reset all the bits to zero on the iphone, if this doesn't work writting an app that links against itunes to transfer a huge file of zeros over shouldn't be that hard.
Reply
5-20-2008 @ 10:22AM
gajkowskia@gmail.com said...
Reminds me of a used Xbox I purchased that still had the original user's data on it for the Live service. I would have thought Apple would have been smarter with such a high profile device like the iPhone. Makes me wonder how secure the enterprises will be if they need to remotely wipe a stolen company iPhone. Apple needs to respond to this latest allegation before my money leaves my pocket.
Reply
5-20-2008 @ 10:49AM
zachary miller said...
and before the 3G iPhones leave the warehouses, I see this delaying the next generation back a few weeks.
5-20-2008 @ 10:35AM
Hawkman said...
Well... Dur? The same is true of pretty much every mobile phone in existence - deleting something doesn't actually zero it from the storage. It's true of your computer. Hardly such a big problem as someone pinching your stuff and having immediate access to your data anyway.
The moral of the story is, don't ever store any data anywhere in case someone gets their hands on it. Or alternatively learn to live with it...
Reply
5-20-2008 @ 10:36AM
Bender Bending Rodriguez said...
They really need to add a writer to zero option for the Factory Restore option.
And hopefully the remote wipe coming in v2.0 will allow write to zero instead of just removing the markers.
Reply
5-20-2008 @ 7:58PM
JG said...
Couldn't you just wipe the iPhone with iTunes and simply fill the iPhone with data (pics, tunes, etc.), then wipe again?
Reply