Deleted? No Way!
Cell phones don’t always delete SMSes, pictures and videos reliably. We show you the right way to do it.
An individual has an intimate relationship with his cell phone. The device listens to your confidential company information, knows with whom you go out with and knows all the news, which you send to your friends. The SMSes can certainly be deleted from the cell phone with relative easily, but that is a superficial fact. Most of the devices delete sensitive data from the memory half-heartedly; you can retrieve it without any fuss using the relevant tools.
CHIP took used cell phones and smartphones to try and restore the SMSes, pictures, contacts and videos – and the results were remarkable. Supposedly deleted data can be retrieved in an easy way. We show you what is the nature of this data and how you can secure your cell phone before passing it over to friends or colleagues or even sell it on the Internet.
Deleting contact data and SMSes
Every cell phone has certain amount of data that is specific to its owner. If the cell phone is subsequently passed on, then it should be wiped clean of this compromising data. After all, there are certain personal details which its owner does not want to reveal, even to his family members. The same logic applies to office phones, which is at times shared between colleagues. Whether it is personal or official, no one wants to pass on his sensitive data in unknown hands. You can always use the delete function of the cell phone, but this option comes with loopholes.
To identify what could still be found in the cell phone memory after the supposed deletion, we used a spy tool for professionals called the Paraben’s Device Seizure, which is available on www.paraben-forensics.com. The application costs approximately Rs 2,980; the site also offers a trial version for 30 days with the complete version of the forensics tool. And yes, Device Seizure is a tough nut
to crack.
to crack.
After installation, we plugged in current cell phone models to the computer and set the spy tool on the devices. The program creates an image of the cell phone memory that can be subsequently used with the integrated hex editor. We thus came across deleted contact data and SMSes in a few cell phones, which the previous owner had received and deleted.
While tool did not work on all the devices, it is, however, constantly being developed. Thus, the danger of unauthorized persons retrieving your deleted data is very plausible.
To avoid such a scenario, you should ideally first delete the data on the SIM card and then overwrite it. This makes it very difficult or rather impossible for forensics programs to restore the contacts or messages. For doing so, you must use a SIM card reader such as the SIM Card Stick. You can use it to access the SIM card, load the contact data and messages stored on your computer and edit the entries there. It is much more comfortable and even much faster in case of several messages as opposed to editing data using the cell phone menu.
In addition, the software deletes all the existing contacts on your SIM card and overwrites them. Once done, the overwritten contact data can no longer be read.
Deleting pictures and videos
Unusual photos, videos or voice notes are much easier to trace on your cell phone than SMSes. This is because modern cell phones and smartphones are come with multimedia centers have the in-built storage space and microSD cards to store your pictures, videos and music. If you connect the cell phone to the PC, it normally detects the card as a standard data carrier, integrates it as a drive and allows full access to it via Windows Explorer — just like in case of a USB stick or digital camera.
Hence you can have complete access to the additional memory and retrieve the deleted snapshots or vacation clips on your computer using tools such as O&O UnErase (approximately Rs 2,000, www.oo-software.com) or the free to use PC Inspector File Recovery tool; and that too without too much effort or in-depth knowledge about computers. If you delete data; particularly from the memory, using the deletion function in the cell phone or through the computer, by moving them to the recycle bin, the data is deleted superficially. You only sweep it under the carpet. And that is exactly where the above-mentioned tools look for it; striking gold in most cases.
Many cell phone users do not think of deleting data off the memory cards correctly was proved as a fact when we visited Second Handy, which specializes in sale of second-hand cell phones. We randomly rummaged through cell phones and came across wedding photos, vacation photos, a whole lot of MP3s and voice notes — exposing the privacy of the previous owner. We could even find out the taste of music—from “Jason Mraz” to "Savage Garden" to “Red Hot Chili Peppers”.
Clearing the memory
cards correctly
cards correctly
If you want to pass on your cell phone or plan to sell it, you must force delete all the contents. Meaning you must delete all the data such that it's irrecoverable. The best way to do this is using the Open-Source-Software Eraser (www.eraser.heidi.le) or the professional tool O&O Safe Erase (approximately Rs 1,900, www.oo-software.com). These applications enable quick deletion by replacing the binary code of the data values by invalid values. This trick helps you effectively secure your microSD cards, USB sticks, digital camera memory cards, external storage devices and hard disk drives. This is an effective and clever solution since files, once overwritten, cannot be retrieved even by using the best of software.
A downside of this technique is that it reduces the life of your flash devices. Flash memories have limited life which is measured by the number of read and write cycles. Excessive deletion procedures with several runs reduce the life of your data storage. Hence, you should be careful while using programs such as Eraser. Also moving your files from to the Recycle Bin is not enough. This is because only two bytes are modified in the partition table during
the simple deletion process; other
values such as the file name still exist. Data recovery tools check the tables where the deleted files are located and restores them.
the simple deletion process; other
values such as the file name still exist. Data recovery tools check the tables where the deleted files are located and restores them.
It is possible to restore the contents of formatted drives, albeit it is much more complicated than retrieving deleted documents. For instance, to restore photos successfully after formatting the storage devices and memory cards, a recovery tool such as DiskRecovery by O&O software must scan the actual data field, which is a rather lengthy process. However, the software finally detects the file type with the help of its built-in database of templates of different file formats. It can restore a JPEG file or a Word document for instance with the help of this information.
Overwriting data without using a PC
It is not possible to delete the contents of the phone memory from the PC if you do not have a suitable flash card reader or the device does not get connected as a universal mass storage device. However, there is a simple trick and it works fine for other plug-and-play devices as well. To do so, first reset the cell phone to factory settings so that the phone memory is reset. Next, point the cellphone camera to a neutral surface, for example a white wall, and start capturing a video until the phone memory is full. If the cell phone does not have this function, fill the memory by clicking photos. The old pictures and videos are overwritten and irrecoverable.
If you have cleaned up your cell phone using these tips, you can sell your phone or pass it on to someone without worrying that your data can be retrieved.
CELL PHONES AS VIRUS CATAPULTS: INFECTED MEMORY CARDS INFECT THE PC
You should ensure that your cell phone is devoid of all your personal data if you are selling it. However, there are lurking dangers even when buying phone – especially in case of second-hand phones. This is because undeleted memory cards can contain malware. Moreover, you cannot be too sure even while buying new products. This is what happened with an employee of Panda Security; an alarm was set off when he tried to connect his new HTC Magic smartphone by Vodafone to the computer: malware was detected on the cellphone's memory card. The analysis showed that it was a Mariposa client. In addition, the memory also contained the Conficker worm and a Trojan.
ORIGIN STILL UNCLEAR
Vodafone reacted to this and sent replacement cards to 3,000 affected users as well as suitable removal software; however, the data that was hacked by the malware is now in the hands of the hacker. Hence, always check the microSD card in your cell phone for malware – especially if you are buying a second-hand device.
Vodafone reacted to this and sent replacement cards to 3,000 affected users as well as suitable removal software; however, the data that was hacked by the malware is now in the hands of the hacker. Hence, always check the microSD card in your cell phone for malware – especially if you are buying a second-hand device.
CELL PHONE VIRUSES ARE SPREADING
As Kaspersky reports, Europeans are relatively less affected by cell phone viruses; they are more widespread in Asia. Among other things, malware independently sends SMSes to premium numbers and forces up the cell phone bill. Viruses have the same task on cell phones as that on the computer: hacking passwords, login data and credit card numbers. A possible scenario is that criminals manage to set up cell phone botnets. The magnitude could be greater than in case of the known PC botnets. After all, there are clearly more number of cell phones in the market than computers. For now, there are no mobile botnets, but only initial setup attempts. In November 2009, a harmless malware managed to enter jailbroken iPhones, i.e. hacked version of the Apple iPhone. It did not cause any damage, but was a proof-of-concept for cellphone botnets. There are many different cell phone operating systems, which makes it difficult to set up botnets. However, cell phone viruses run easily on Python and Java. Hackers are on the lookout for smartphones that run Symbian and Windows Mobile OS. According to Kapersky, one can expect malware in Android cellphones as well. This is because, unlike iPhone with its Apple Store, this security program is missing in Android OS .
As Kaspersky reports, Europeans are relatively less affected by cell phone viruses; they are more widespread in Asia. Among other things, malware independently sends SMSes to premium numbers and forces up the cell phone bill. Viruses have the same task on cell phones as that on the computer: hacking passwords, login data and credit card numbers. A possible scenario is that criminals manage to set up cell phone botnets. The magnitude could be greater than in case of the known PC botnets. After all, there are clearly more number of cell phones in the market than computers. For now, there are no mobile botnets, but only initial setup attempts. In November 2009, a harmless malware managed to enter jailbroken iPhones, i.e. hacked version of the Apple iPhone. It did not cause any damage, but was a proof-of-concept for cellphone botnets. There are many different cell phone operating systems, which makes it difficult to set up botnets. However, cell phone viruses run easily on Python and Java. Hackers are on the lookout for smartphones that run Symbian and Windows Mobile OS. According to Kapersky, one can expect malware in Android cellphones as well. This is because, unlike iPhone with its Apple Store, this security program is missing in Android OS .