Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Avast Buys 20 Used Phones, Recovers 40,000 Deleted Photos

Soulskill posted about 2 months ago | from the delete-then-rewrite-then-smash-into-bits dept.

Cellphones 231

An anonymous reader writes: The used smartphone market is thriving, with many people selling their old devices on eBay or craigslist when it's time to upgrade. Unfortunately, it seems most people are really bad at wiping their phone of personal data before passing it on to a stranger. Antivirus company Avast bought 20 used Android phones off eBay, and used some basic data recovery software to reconstruct deleted files. From just those 20 phones, they pulled over 40,000 photographs, including 1,500 family pictures of children and over a thousand more.. personal pictures. They also recovered hundreds of emails and text messages, over a thousand Google searches, a completed loan application, and identity information for four of the previous owners. Only one of the phones had security software installed on it, but that phone turned out to provide the most information of all: "Hackers at Avast were able to identify the previous owner, access his Facebook page, plot his previous whereabouts through GPS coordinates, and find the names and numbers of more than a dozen of his closest contacts. What's more, the company discovered a lot about this guy's penchant for kink and a completed copy of a Sexual Harassment course — hopefully a preventative measure."

cancel ×

231 comments

Sorry! There are no comments related to the filter you selected.

child porn (1)

Anonymous Coward | about 2 months ago | (#47412763)

How much of it was child porn?

Re:child porn (0)

Anonymous Coward | about 2 months ago | (#47413187)

Why do you ask?

Where the fault lies? (3, Insightful)

PC_THE_GREAT (893738) | about 2 months ago | (#47412807)

When someone says reset phone and reset data, the OS should ensure a clean wipe not a soft wipe. Should atleast fill it with 0s. And people should try to keep most of their data on sd cards and move those alongs when they get new phones.

What kind of people sell sd cards along with phone. I thought everyone are misers.

Am tempted to know what kind of nudie pics where available :p.

Re:Where the fault lies? (1)

master5o1 (1068594) | about 2 months ago | (#47412827)

But how many people actually reset phone and reset data? I'd imagine a lot of people simply manually delete their photos and unhook their Internet accounts from the phone. Hardly a wipe.

Re:Where the fault lies? (4, Insightful)

tlhIngan (30335) | about 2 months ago | (#47413007)

But how many people actually reset phone and reset data? I'd imagine a lot of people simply manually delete their photos and unhook their Internet accounts from the phone. Hardly a wipe.

But it's so easy to do on iOS. You can do it on the phone - Settings->General->Reset

And it wipes the phone - the flash storage is encrypted. Resetting it wipes the key and generates a new one. It then reboots and reformats the user storage using the new key and mounts it. The old data is irrecoverable because the key is lost, and the new data is written using a new key.

Even prior to encrypted storage, iOS3 created the option to do it where it erases and wipes the storage - anything 3GS and newer wipes keys (so wiping takes a couple of minutes), older ones took a couple of hours.

No reason Android can't do the same - either by sending TRIM commands to the entire user storage area and then forcing a write-all-with-zeroes to be doubly sure.

Re:Where the fault lies? (4, Insightful)

MyFirstNameIsPaul (1552283) | about 2 months ago | (#47413199)

I would not trust an encryption method as a replacement for permanent data destruction, but I may be more paranoid than most.

Re:Where the fault lies? (1)

itsme1234 (199680) | about 2 months ago | (#47413821)

Well how are you using the phone otherwise? Do you keep it locked in some booby-trapped safe? Otherwise you can still lose it and it'll be in a much worse shape than it is when you sell it with keys wiped and storage formatted (even if technically not fully wiped even if still encrypted). It might be unlock-able, it might have some SD-card you regularly keep in it (but you wouldn't leave there if you sell the phone). etc.

Re:Where the fault lies? (0)

Anonymous Coward | about 2 months ago | (#47414021)

You probably are a bit too paranoid. As long as the encryption method is not one of those crazy ones that used to come on older flash drives before they got debunked (where it as an xor and a 9's complement) - as long as it is something like AES 256 - encryption as a data disposal method is a pretty good way to go. It prevents you from having to drill holes in the drive (or other destruction) and allows you to re-use the drive. Do you just bash your phones with a hammer when done with them? Perhaps run them through a BlendTec blender?

Android already does? (2)

emil (695) | about 2 months ago | (#47414053)

  • Settings / Security / Encrypt Phone - I've never used it, but I am assuming it encrypts everything under /data.
  • I understand that a format of /data is what happens behind the factory reset option. Using GNU shred on the device file for this filesystem might prevent any recovery.

That doesn't work (1)

dutchwhizzman (817898) | about 2 months ago | (#47413045)

"resetting" your phone to manufacturer settings doesn't wipe any data. Even manually "deleting" it and then "resetting" the phone doesn't do that. It merely marks the flash memory in the phone to be "reusable".

The only way to make sure the data is gone is to fill the phone up with garbage data after you've done a factory reset so there is something else written to the flash memory. After you've filled it up to the last bit, do another factory reset and you will be as close as you can get without destroying the physical device to wiping your data properly.

Re:That doesn't work (1)

dbraden (214956) | about 2 months ago | (#47413147)

But you wouldn't need to re-write all of the flash memory if it is encrypted and the key is properly wiped. Without the key it might as well be random data. The trick would be to make sure that the original key isn't still lurking on one of the chips, but I'd like to think that people far smarter than me worked that part out.

And they would like to think (1)

Marrow (195242) | about 2 months ago | (#47414035)

that you knew enough to wipe those copies of the keys yourself. I mean, EVERYONE knows that key lives in that directory right? Anyone who really CARED about the product would know enough to learn about it.

Garbage In (1, Insightful)

mfh (56) | about 2 months ago | (#47412903)

Mobile industry is afoul with moral hazard. They simply don't care about their clients because they only want to get paid once and then milk the clients for information.

Google's Android phones flat out REFUSE to uninstall Facebook, for example.

Users do not have control because we're experiencing what Oligarchy feels like.

Some of us remember what it was once like when you wanted to buy something and they would kiss your ass and make you at home while you were shopping. If you had any problems they would bend over backwards to serve you. That mentality is dead in the goods & service industry.

We are approaching the dusk of the psychopathic corporation era. Nothing after that folks. Thanks for playing.

Re:Garbage In (4, Informative)

djdanlib (732853) | about 2 months ago | (#47412931)

> Google's Android phones flat out REFUSE to uninstall Facebook, for example.

It uninstalls just fine, thank you very much.

Or are you referring specifically to Nexus devices?

Re:Garbage In (1)

GigaplexNZ (1233886) | about 2 months ago | (#47412945)

It depends. Some carriers are known to bundle software like Facebook, and if it's on the system partition it's not easily removable.

Re:Garbage In (3, Insightful)

Anonymous Coward | about 2 months ago | (#47412953)

That's the carrier's doing

Re:Garbage In (1)

djdanlib (732853) | about 2 months ago | (#47412971)

I wonder which direction the money flows in cases like this. Does Facebook pay the carrier, or does the carrier pay Facebook? Seems to me that both parties are equally at fault here. Some suits probably had a meeting about increasing shareholder value and leveraging popular apps and shook hands, then told the dev team to make it happen. Not that I'm thrilled with bundled software being possible on Android... I wish it wasn't... but it's not Android's fault that someone got greedy.

Re:Garbage In (2)

gl4ss (559668) | about 2 months ago | (#47413247)

fb pays the carrier or does some favors.

look into "facebook zero", they do direct collaboration with the operators to enable zero fee(to user) facebook access..

Re:Garbage In (0, Flamebait)

Actually, I do RTFA (1058596) | about 2 months ago | (#47413331)

but it's not Android's fault that someone got greedy.

Yes, it is.

Or rather, it's Google's fault because it let them.

Look, if this was an unforeseen action by a third-party, I would agree with you. But it was obvious that this was going to happen if Google enabled bundling software. They did, so they are just as much at fault as the assholes who do it.

In fact, Google intentionally enabled bundling as a service to those assholes, to encourage them to get Android phones out there.

Re:Garbage In (0)

Anonymous Coward | about 2 months ago | (#47414055)

Indeed, but if I have to 'break' my phone, software wise, to remove said app, thats quite the system we've been supporting isn't it!

Re:Garbage In (2)

advocate_one (662832) | about 2 months ago | (#47412951)

correct, if it's part of the manufacturer's feature set, then it's not possible to remove it, BUT, you can disable it after having removed all updates to it. Had to do that with my Sony Xperia... came with facebook and other social media rubbish... Some could be deleted, but the rest had to be disabled from starting up but still take up space.

Re:Garbage In (2)

viperidaenz (2515578) | about 2 months ago | (#47413251)

My phone didn't even have the Facebook app installed when I bought it.

It still doesn't.

Re:Garbage In (0)

Anonymous Coward | about 2 months ago | (#47413669)

Some of the newer Android phones on Sprint allow you to turn off or uninstall Facebook, Google Drive and other such bundled apps. Hopefully this means they're becoming responsive to user demands to reduce the bundled bloatware bs.

Re:Garbage In (1)

Neil Boekend (1854906) | about 2 months ago | (#47413733)

If it was installed before you got it you can usually only force it to stop, uninstall updates and turn it off. That is as close as you can get to uninstalling any apps that came with your phone.
Unless you install a different ROM. Then it's unlikely to be included.

Garbage In (0)

Anonymous Coward | about 2 months ago | (#47414029)

Google's Android phones flat out REFUSE to uninstall Facebook, for example.

My Android based phone did not have Facebook on it when I got it. Perhaps that is something your carrier did, rather than Google?

Re:Where the fault lies? (3, Funny)

gnasher719 (869701) | about 2 months ago | (#47413363)

When someone says reset phone and reset data, the OS should ensure a clean wipe not a soft wipe. Should atleast fill it with 0s. And people should try to keep most of their data on sd cards and move those alongs when they get new phones.

There's one phone that just throws away the encryption keys, which are never stored anywhere than on two locations on the hard drive (in encrypted form), so only these two locations need to be wiped. That phone also has the ability to access a small amount of flash memory directly without the firmware interfering, to make sure that no invisible copies of those keys are created. Well, it's not Android...

Re:Where the fault lies? (0)

Anonymous Coward | about 2 months ago | (#47413689)

Even the custom Android "recovery" systems only perform a quick format and call that "wipe data partition". It's no wonder people's data is recoverable: There simply is no way to remove it!

Re:Where the fault lies? (0)

Anonymous Coward | about 2 months ago | (#47413923)

You realize how long this takes? You think anyone is going to wait until it would complete?

But no spell checker (0)

Anonymous Coward | about 2 months ago | (#47412809)

"preventive".

Re:But no spell checker (0)

Anonymous Coward | about 2 months ago | (#47413131)

http://www.merriam-webster.com... [merriam-webster.com]

Re: But no spell checker (0)

Anonymous Coward | about 2 months ago | (#47413191)

what is wrong with you?

Who's at fault for this? (3, Insightful)

SeaFox (739806) | about 2 months ago | (#47412811)

Unfortunately, it seems most people are really bad at wiping their phone of personal data before passing it on to a stranger.

How many people actually have the ability to securely wipe data on their phone to start with, without rooting it? For lots of folks, the "factory reset" option is the only thing they can do on their own, and that likely only deletes prefs and network settings and erases file system directory info. It does not overwrite the bits in the phone's storage to make them unrecoverable.

Re: Who's at fault for this? (0)

Anonymous Coward | about 2 months ago | (#47412833)

Don't need to. Just reset to factory, then copy music to fill the phone then reset then repeat 3-4 times and you should be covered.

Re: Who's at fault for this? (5, Funny)

viperidaenz (2515578) | about 2 months ago | (#47413271)

Copy goatse, not music.

Give them a surprise if they try and snoop your old data.

Re:Who's at fault for this? (5, Insightful)

Mr0bvious (968303) | about 2 months ago | (#47412851)

As stated above this really should be an inbuilt OS feature - "Reset for resale"

It shouldn't take an understanding or knowledge of the intricacies of how the device works or how to properly erase data. It should be automatically done by the OS since most phone users do not know how to do it properly.

Re:Who's at fault for this? (1, Insightful)

baenpb (1343241) | about 2 months ago | (#47413021)

Agreed, but the money's not there. This promotes resale, which takes away from apple's.....i mean...the phone manufacturer's....bottom line.

Re:Who's at fault for this? (1)

Mr0bvious (968303) | about 2 months ago | (#47413075)

Yes true, there is that disincentive there.

Re:Who's at fault for this? (0)

Anonymous Coward | about 2 months ago | (#47413145)

which takes away from apple's.....i mean...the phone manufacturer's....bottom line.

Uh, these were *Android* devices. Last time I checked, Apple didn't sell Android devices...

Re:Who's at fault for this? (2)

rioki (1328185) | about 2 months ago | (#47413489)

I would wager that the real impact is the opposite. It is like used games, on the surface it looks like a "lost sale" but in reality it provides liquidity. The used phone market then fuels the new pone market, since those that sell the phone do not have / don't want to spend the money on their yearly upgrade cycle. On the other hand those that buy the used phones don't have the money to spend on a new phone. Even though they may have spent the money on a lower end device, it is not a lost sale, since as mentioned before they supported the sale of a high end device, which again has a higher profit margin.

But if MBAs would also get that, that would be great.

"What to do before selling or giving away your..." (0)

Anonymous Coward | about 2 months ago | (#47413083)

http://support.apple.com/kb/ht5661

Re:"What to do before selling or giving away your. (1)

Mr0bvious (968303) | about 2 months ago | (#47413189)

That's a good start, but I doubt it over writes any data - this *seems* like a soft delete and I'd expect one could still get the original data (??)

It'd also be nice if Android had such a feature built in.

Re:"What to do before selling or giving away your. (4, Informative)

SJ (13711) | about 2 months ago | (#47413255)

Nope... Apple iPhones actually securely erases the encryption keys which renders the contents of the storage useless.

It's a big button called "Erase All Contents and Settings". It does precisely that.

Re:"What to do before selling or giving away your. (1)

Mr0bvious (968303) | about 2 months ago | (#47413525)

Seems Apple have done it right, thanks for the heads up.

Obviously I'm rather ignorant regarding storage on iOS devices - I didn't realise that all data was encrypted by default (does that include images etc?).

Re:"What to do before selling or giving away your. (0)

Anonymous Coward | about 2 months ago | (#47413629)

(does that include images etc?).

What part of "All Contents and Settings" do you not understand? Even after having it explained how it works by trashing the encryption keys, you wonder whether maybe Apple made an exception for images so they would be saved after erasing all contents? Seriously.

Perhaps you should change your name to MrOblivious.

Re:"What to do before selling or giving away your. (1)

Mr0bvious (968303) | about 2 months ago | (#47413711)

Seriously - you're a tosser and a coward.

But thanks for pointing out what I missed.

Tosser.

Re:"What to do before selling or giving away your. (3, Insightful)

L4t3r4lu5 (1216702) | about 2 months ago | (#47413693)

Well no, it doesn't. You've contradicted yourself. What iOS does is delete the encryption key, as you stated, which renders the data inaccessible without recovering the key. The data is still entirely intact; Just really, really hard to recover :)

Re:"What to do before selling or giving away your. (1)

biodata (1981610) | about 2 months ago | (#47414043)

Unless you have the backdoor key

Re:Who's at fault for this? (2)

viperidaenz (2515578) | about 2 months ago | (#47413265)

I can go in to the settings menu and select encrypt device.
Not sure if that's new for Android 4.4 or if it came earlier.

click bait (1)

Anonymous Coward | about 2 months ago | (#47412813)

good job guys, now many more people will download and install your app. way to go!

Only Android? (3, Interesting)

exomondo (1725132) | about 2 months ago | (#47412825)

Does the same thing occur with iPhones or Windows Phones or Blackberrys?

Re:Only Android? (0)

Anonymous Coward | about 2 months ago | (#47412881)

I believe iOS "Erase all Content and Settings" makes everything go away in a non-recoverable kind of way.

Re:Only Android? (1)

friedmud (512466) | about 2 months ago | (#47412901)

If you don't wipe your phone this can happen with anything (including an iPhone)...

However, if you reset an iPhone there is NO way to recover anything. Everything written on an iPhone is encrypted... when you reset an iPhone it securely wipes the key and then nothing is retrievable.

Re:Only Android? (3, Insightful)

exomondo (1725132) | about 2 months ago | (#47412923)

They don't mention if any of the devices were using Android's full device encryption either or which of the devices they recovered deleted data from rather than just receiving a phone where the user had forgotten to delete their data. Seems less like a study and more like a sales pitch.

Only Android? (0)

Anonymous Coward | about 2 months ago | (#47413747)

blackberry 10 does a full format when doing a reset, it takes 30 minutes and it completely removes everything, even system apps (phone is unusable without reinstalling the system software using the pc/mac app)

Obvious! (1, Informative)

Anonymous Coward | about 2 months ago | (#47412829)

I bought 40~ used iphones off ebay and at least 12 of them were still logged into social media accounts (facebook, twitter, instagram, snapchat) and had thousands of photos and videos. i did not see any nudes but i did have fun with some of their profiles.

Re:Obvious! (1)

gnasher719 (869701) | about 2 months ago | (#47413373)

I bought 40~ used iphones off ebay and at least 12 of them were still logged into social media accounts (facebook, twitter, instagram, snapchat) and had thousands of photos and videos. i did not see any nudes but i did have fun with some of their profiles.

If you have burglars who are caught by logging into facebook at a victim's home computer and not logging out before they are leaving, what can you expect?

Re:Obvious! (0)

SternisheFan (2529412) | about 2 months ago | (#47414045)

So you screwed around with peoples accounts, huh? Aren't you proud of yourself.

Where is your goddamn morality? Just because you "can" do something does not give you the "right" to do it.

Ah, I might as well be replying to a wall. People like you just won'tever get why you shouldn't do some things.

BiFlex Edge (0)

Anonymous Coward | about 2 months ago | (#47412831)

Is anyone else getting a nearly full-screen video ad for "BiFlex Edge" thingies? It can not be dismissed, and keeps me from reading the story.

I'm on a 13.3" 1280x800 screen, which is zoomed way in (ctrl + in FireFox) so I can read it despite being visually impaired.

Re:BiFlex Edge (-1, Redundant)

ruir (2709173) | about 2 months ago | (#47412895)

Why should I waste time reading a fucking slashadvertisement? Opening up this piece of junk of post is enough for me. I recently went in a trip, my gf by accident deleted ALL of our photos at the middle of the trip, and I only said, relax, just take the card out, and we bought another the very same day. First day returning from the trip, I recovered all of the photos and videos. Is this fucking news, or just common sense?

full screen biflex ads on /. (0)

Anonymous Coward | about 2 months ago | (#47412855)

Am I the only person getting huge video ads for some BiFlex thing? I have to zoom my 13.3in 1280x800 screen in with (ctrl +) in FireFox to read because of my bad eyes. The videos pop up, and can not be removed or even moved. The play and play and play with no end. I don't have enough screen left to even see the %$#^ing article.

Re:full screen biflex ads on /. (1)

Anonymous Coward | about 2 months ago | (#47412925)

Install the Adblock Plus add-on into Firefox. Blocks many of the advertisements.

.

Re:full screen biflex ads on /. (1)

drew_92123 (213321) | about 2 months ago | (#47412957)

Agreed, I use the adblock plus addon with 3 subscriptions and almost never see any ads anywhere. It's fucking great! :-)

Re:full screen biflex ads on /. (1)

viperidaenz (2515578) | about 2 months ago | (#47413281)

Uninstall flash.

Factory reset. (4, Interesting)

bejiitas_wrath (825021) | about 2 months ago | (#47412899)

So taking out the SD card and a factory reset is not enough anymore? But how do you run DOD quality data wiping software on a phones built-in memory anyway? Most people hock phones and they are re-sold with phone numbers still on them. That should not happen. Let alone personal photos.

Re:Factory reset. (1)

glitch! (57276) | about 2 months ago | (#47412955)

Five to ten seconds in a microwave oven should do the trick. A good physical smashing is probably effective. Or just bury the damn thing. But don't sell it and have any expectation of privacy.

... and the water is wet (3, Interesting)

itsme1234 (199680) | about 2 months ago | (#47412933)

Yes, most devices we use don't actually wipe the data when you "reset to factory settings". Even desktop OSes don't do it (either by default, either at all, need special tools, etc). I bet this feature is really low on the "to do" list for most manufacturers of not only phones but also wifi routers, TVs, wireless cameras, you name it. We didn't (or maybe barely) manage to educate them not to put trivial backdoors, secure wipe is a long way out.

Re:... and the water is wet (1)

AmiMoJo (196126) | about 2 months ago | (#47414059)

Samsung market their secure wipe software as a feature, so apparently there is market demand for it.

Can't we just say people took naked pics? (4, Insightful)

Vellmont (569020) | about 2 months ago | (#47412969)

Why do we still talk like we're in middle school? Why the code talking? "personal pictures", "manhood"? Can't we just say they found pictures of guys penises, and nude to semi-nude women?

People take nude photos of themselves, don't realize it's still on the phone, and sell the thing. The fault lies with the cell phone makers who aren't actually doing real deletes of pictures. That's just dumb. Back when storage medium was on a hard drive, and computers do a LOT of IO, deleting the reference to the file made sense to improve performance. But all phones use flash as storage, and there's simply not a lot of IO that's going on in your typical phone usage. The OS should be wiping the file, or at the very least remove the reference, and wipe the file at a later (but soon) time after (like perhaps while the user is typing something and is otherwise idle).

The reality is phones get stolen, and the data is far less secure than on a PC. The OS needs to keep up with that. Deleting data for good should mean actually deleting the data. The shortcuts that've been done in the past should be a thing of the past.

Re:Can't we just say people took naked pics? (1)

worf_mo (193770) | about 2 months ago | (#47413905)

I thought there was a certain discrepancy between their middle school talk about manhood and their using the Goatse guy symbol in the green infochart (bottom right, above the "male nude selfies")...

Re:Can't we just say people took naked pics? (1)

Anonymous Coward | about 2 months ago | (#47413993)

Huh? That's clearly the Aperture Science logo.

Re:Can't we just say people took naked pics? (1)

AmiMoJo (196126) | about 2 months ago | (#47413989)

All those erase cycles would wear out the flash memory much faster. Flash can generally only erase blocks, so to remove part of a block the entire thing has to be read, erased and re-written.

The simple solution is just to enable encryption. Android has supported it for years. Then a wipe destroys the key, and all the data is gone.

This post is an advert (2, Insightful)

mendax (114116) | about 2 months ago | (#47413005)

This article is good reading in itself but it wound up being an advert for the poster's product. I wonder how much Dice got paid to post this "story"? Is it any wonder I spend more time over at soylentnews.org, the name of which I was going to bury in a link but couldn't because the link gets replaced with "slashdot.org"?

Re:This post is an advert (1, Interesting)

Anonymous Coward | about 2 months ago | (#47413085)

This is a test.
http://soylentnews.org/ [soylentnews.org]
http://soylentnews.org [soylentnews.org]
test [soylentnews.org]
http://soylentnews.org [example.com]

Test.

Re:This post is an advert (1)

Anonymous Coward | about 2 months ago | (#47413111)

Test successful.

For your benefit, here is what was tested:

This is a test.
http://soylentnews.org
<a href="http://soylentnews.org">http://soylentnews.org</a>
<a href="http://soylentnews.org">test</a>
<a href="http://example.com">http://soylentnews.org</a>

Test.

Re:This post is an advert (3, Informative)

mendax (114116) | about 2 months ago | (#47413407)

I don't know what you're doing. I tried several times without success. soylentnews.com was always replaced with slashdot.org.

D'oh! I'm an idiot. It helps if the href contains an "http://" as part of the URL. Ok. No more conspiracy theories now, at least not on this issue.

Re:This post is an advert (1)

KingOfBLASH (620432) | about 2 months ago | (#47413467)

Never explain by malice that which can be explained by stupidity.

Re:This post is an advert (0)

Anonymous Coward | about 2 months ago | (#47413313)

mod parent up

"Hackers at Avast" (1)

Anonymous Coward | about 2 months ago | (#47413029)

Really?! Hackers?

Re:"Hackers at Avast" (0)

Anonymous Coward | about 2 months ago | (#47413523)

Do you even know what a "hacker" is?

ProTip(tm): It doesn't mean what you think it means.

https://en.wikipedia.org/wiki/Hacker_(term)
http://www.catb.org/jargon/html/H/hacker.html

Really? (1)

freeze128 (544774) | about 2 months ago | (#47413043)

Who fills out a loan application on a phone? That has got to be the most painful web experience ever!

Re:Really? (5, Informative)

David Jao (2759) | about 2 months ago | (#47413483)

They could have filled out the loan application somewhere else and uploaded it to a service like Dropbox. Viewing it later on the phone would leave a cached copy on the phone.

This article just motivated me to... (1)

Anonymous Coward | about 2 months ago | (#47413053)

This article motivated me to take a picture of my manhood, just in case i decide to sell my phone some day.

Re:This article just motivated me to... (1)

Plumpaquatsch (2701653) | about 2 months ago | (#47413705)

This article motivated me to take a picture of my manhood, just in case i decide to sell my phone some day.

What makes you think anybody would be interested in either?

Grinder (0)

Anonymous Coward | about 2 months ago | (#47413093)

This is why my old phone(s) aren't sold but meet a grinder to obliterate them into pieces.

Re:Grinder (2)

viperidaenz (2515578) | about 2 months ago | (#47413309)

So no one knows you had the Grinder app installed?

here's my deal (0, Troll)

Osgeld (1900440) | about 2 months ago | (#47413101)

since I am not a crack addict and have to buy a new phone every 14 months, and usually the phone I buy is the cheapest I can get without contract (which actually gets you some decent android's now days) by the time I am ready to get a new phone, its not worth the time to even post on ebay, toss that shit in the wood chipper (minus battery), keep in mind the last phone I tossed was a 2005 windows phone model (I have newer phones but keep them as backups)

phone junkies are almost as bad as crack addicts, who cares if their precious images of orlando ends up on 4chan, their tits will anyway

Re:here's my deal (1)

SeaFox (739806) | about 2 months ago | (#47413175)

... by the time I am ready to get a new phone, its not worth the time to even post on ebay, toss that shit in the wood chipper (minus battery)...

You could do something [nnedv.org] more worthwhile [americance...edrive.org] with it, too. [911cellphonebank.org]

Problem solved. (0)

Anonymous Coward | about 2 months ago | (#47413117)

If cellphone makers used an encryption with a new random key on a factory reset this would not be an issue. It's not something the user would even need to know, by that I mean the new key.

Resetting to factory default should trigger the following.
1. Delete current key.
2. Generate new key.
3. Encrypt with new key.

Re:Problem solved. (2)

brantondaveperson (1023687) | about 2 months ago | (#47413527)

You mean like an iPhone? (as stated several times elsewhere on this thread).

Don't sell data carriers. Ever. (0)

Anonymous Coward | about 2 months ago | (#47413123)

Which is exactly why you don't sell any data-carrying devices. Phones, drives, memory sticks. I save them up for a few years and then go to town on them. Those hds have shiny little discs in them that you can use as wall decoration. The screens of your mobile devices can be reused. Fun little projects. :)

And monkeys flying out of Madonna's butt? (0)

Anonymous Coward | about 2 months ago | (#47413283)

Surely it is true, Garth.

Why not just destroy your old phone? (2)

mtthwbrnd (1608651) | about 2 months ago | (#47413385)

By the time it is old it is worthless. Just smash it up and throw it in the river.

Re:Why not just destroy your old phone? (1)

Anonymous Coward | about 2 months ago | (#47413415)

Yes, because there isn't enough crap floating in rivers as it is.
Brilliant!

Re:Why not just destroy your old phone? (0)

Anonymous Coward | about 2 months ago | (#47413945)

phones don't float... try it

Terrorists! (2)

marcello_dl (667940) | about 2 months ago | (#47413485)

They have circumvented a protection measure, that is wiping the phone- a faulty protection measure, but that doesn't matter, as history taught us if you find holes and publicize them, no matter the responsibility of the manufacturer, you are terrorist!

Moreover, it is clear they have an interest in selling their own protection products, and that they have given bad ideas to people who normally would have started using the second hand phone and overwriting the crap with their own crap.

So why doesn't avast end up in trouble like $RANDOM_HACKER ? Huh?

Re:Terrorists! (0)

Anonymous Coward | about 2 months ago | (#47413873)

So why doesn't avast end up in trouble like $RANDOM_HACKER ? Huh?

They have better lawyers, duh.

phones? (1)

JWSmythe (446288) | about 2 months ago | (#47413531)

I was wondering why someone would buy 20 crappy phones from me on eBay.

Just kidding. I take all my dirty pictures with a Polaroid. :)

Why no iPhones? (1)

MoZ-RedShirt (192423) | about 2 months ago | (#47413581)

Why didn't they test iPhones, too? Oh right. Because they encrypt their filesys by default and if you throw away the key before selling the buyer is locked out.

But it would be interesting to know if this really works for all the installed apps as well as for the system services.

Yep that's why you shouldn't buy insurance (0)

Anonymous Coward | about 2 months ago | (#47413917)

Some companies offer you after market spill / break insurance for your phone and tablet. You should not buy it, Even if, after the breakage you're able to access the functionality needed to "wipe" the phone, the truth is that memory is solid state, and doesn't wipe unless secure delete has 1)been implemented and 2) been implemented correctly by the manufacturer, who is the only entity that CAN implement it correctly, that is, has access to the information needed to do it correctly.

All you're doing when you send your tablet or phone is is making yourself vulnerable to scraping all your most personal data off it and having that data entered into a database n keyed under your real identity.

For all anyone knows, THAT is their REAL business plan.

Isn't this illegal? (2)

JDG1980 (2438906) | about 2 months ago | (#47413951)

How is this not a violation of the Computer Fraud and Abuse Act (CFAA)? They bypassed security measures (deletion) to access someone else's personal information without authorization. Given how broadly this has been interpreted in the past (Andrew Auernheimer was prosecuted for visiting public URLs on the Internet), Avast's act clearly should be considered a violation. Or is this a case of "if a corporation does it, it is not illegal"?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>