Tuesday, May 20, 2008

Refurbished iPhone Reveals Customer Data

Here's an interesting excerpt, from Jonathan Zdziarski's site (a.k.a. "NerveGas"), about getting your personal data hacked when you sell your iPhone...

"As part of my work on a forensics toolkit for the iPhone, I decided to test whether user data could survive a full restore in iTunes. There have been rumors floating around that the entire NAND is flashed to 0xFF when the device is restored, but this is untrue - this only occurs in a different part of the iPhone (the NOR), but not the NAND. To confirm this theory, I first deleted any backups of my device and then forced the iPhone into recovery mode. From there, I performed a full firmware restore of my iPhone, ensuring that no backups or syncing were performed. I then performed a basic recovery of the raw disk using the forensic toolkit I put together, and analyzed it. What I discovered was that deleted mail, contacts, and pretty much all of my other personal information was still residing in unallocated space on the device. My personal information was safe and sound, and available to anyone with the right skills to recover it."

Might want to think twice before selling your iPhone on Craigslist or eBay. Read more at the author's site.

No comments: