Effectiveness of the factory reset on a mobile device

Loading...
Thumbnail Image
Authors
Schwamm, Riqui
Subjects
Android Operating System
Apple iOS
Mobile Forensics
smartphone
personal user data
Advisors
Rowe, Neil
Date of Issue
2014-03
Date
Mar-14
Publisher
Monterey, California: Naval Postgraduate School
Language
Abstract
All mobile phones use internal flash memory to store information. The flash memory contains personal user data that can be extracted with the use of forensics tools. This information could be used to profile a user's daily activity. However, all smartphones provide a tool to erase (factory reset) the information from the flash memory. Twenty-one smartphones were used to evaluate the effectiveness of the factory-reset feature. A set of forensics tools from Cellebrite was used for the extraction and analysis process. The factory-reset feature was found to leave significant amounts of user-generated content after operation. The amount of user-generated content varied by vendor and model number. Extracted data are presented as evidence to show the ineffectiveness of the reset. User data such as photographs, audio files, text files, login information and geolocation data were left on the phone. The data analysis uncovered the unreliable nature of a factory reset and how the user is not properly protected.
Type
Thesis
Description
Department
Computer Science
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections