Effects of the Factory Reset on Mobile Devices
Rowe, Neil C.
MetadataShow full item record
Mobile devices usually provide a “factory-reset” tool to erase user-specific data from the main secondary storage. 9 Apple iPhones, 10 Android devices, and 2 BlackBerry devices were tested in the first systematic evaluation of the effectiveness of factory resets. Tests used the Cellebrite UME-36 Pro with the UFED Physical Analyzer, the Bulk Extractor open-source tool, and our own programs for extracting metadata, classifying file paths, and comparing them between images. Two phones were subjected to more detailed analysis. Results showed that many kinds of data were removed by the resets, but much user-specific configuration data was left. Android devices did poorly at removing user documents and media, and occasional surprising user data was left on all devices including photo images, audio, documents, phone numbers, email addresses, geolocation data, configuration data, and keys. A conclusion is that reset devices can still provide some useful information to a forensic investigation.
Showing items related by title, author, creator and subject.
Schwamm, Riqui (Monterey, California: Naval Postgraduate School, 2014-03);All mobile phones use internal flash memory to store information. The flash memory contains personal user data that can be extracted with the use of forensics tools. This information could be used to profile a user's daily ...
Fricker, R.D. Jr. (2009);I describe a methodology for optimising n Shewhart x-charts operating on parallel production lines in a factory. The goal is to maximise the factory-wide probability of detecting an out-of-control condition subject to a ...
CCS Research Staff (Naval Postgraduate School (U.S.)Program for Culture and Conflict Studies, 2008-03-01);"The last six weeks has brought some of the worst violence in Afghanistan since 2001. In 2007, there were more than 230 Improvised Explosive Device (IED) attacks and 145 suicide attacks. Casualty rates were at least 25 ...