Flogged an Android blower on eBay lately? Better hope it wasn't chock full of nudie shots, buddy!
Software security firm Avast has gone to great lengths in an effort to show us just how vulnerable our 'deleted' Android files are to extraction, even the device has undergone a factory reset.
The Californian company bought up 20 used smartphones from eBay, and was able to recover 40,000 photos, e-mails, and text messages from the devices - including a chunk of NSFW content.
"The amount of personal data we retrieved from the phones was astounding. We found everything from a filled-out loan form to more than 250 selfies of what appear to be the previous owner's manhood," says Jude McColgan, Avast's President of Mobile.
"We purchased a variety of Android devices and used readily available recovery software to dig up personal information that was previously on the phones. The take-away is that even deleted data on your used phone can be recovered unless you completely overwrite it."
According to Avast, 80,000 used smartphones are sold on eBay every day in the US alone, with many phone-floggers completely unaware that their devices might still be carrying sensitive info - like the aforementioned 'manhood.'
So what's the issue? Why are Android phones so rubbish at keeping your data safe once its 'wiped'?
With Apple's iPhone, everything on the handset is automatically encrypted. Everytime you access your phone, a decryption key stored only on your phone untangles the mess of data into the texts and selfies that you hold dear.
When you wipe an iPhone via the 'Reset' settings menu, its decryption key gets the boot, meaning your phone's data is pretty much useless to anyone except an hyper-advanced overlord AI from the future. Simple.
Android phones, however, don't work in the same way, because storage encryption isn't a default option on the devices. Since Android handsets are all made by different manufacturers, phones wipe to different degrees of success depending on the OEM.
The problem is that a lot of manufacturer's wipe options are leaving behind recoverable data, even if you're resetting the device to factory settings.
To fix the issue, you can either encrypt the device yourself like the iPhone, or install reliable wipe software like Avast's anti-theft app.