Personal Data Isn't as Personal as You Think

7/09/2014 Stephen Colbert 0 Comments


With mobile devices becoming more and more of a central fixture in most people's lives, it's important to keep on top your privacy.  As Google, Apple, and a million app developers offer us more and more convenient features, we are used to signing over privacy rights willingly, but sometimes, it comes out that our privacy was infringed without our permission.

Unfortunately, this is often the case with the NSA, Facebook, Snapchat, Yo, and any other number of social services are found guilty of this frequently.  Sometimes it's intentional, but sometimes it's merely a bug (such as Heartbleed).  Either way, your data will be aired to the world if you aren't vigilant.

Avast recently purchased 20 Android phones from eBay and scanned them with the drive imaging software FTK Imager (which is available with a free 30 day trial).  The users who sold them may have been under the impression that their devices had been wiped, but Android only wipes the application layer with the standard device wipe, meaning all the data remains on the device, just not necessarily indexed.

After scanning the devices, Avast recovered over 40,000 photos ( including 250 nude pics), 750 emails and text messages, Facebook messages, 250 contacts, personal information of the former owners for 4 of the devices, and a completed loan application.

There's two lessons that can be learned from this.  First, your information is never as private as you think it is.  There's some data that should not be recorded anywhere digitally.  This includes social security numbers, bank information, nude selfies, and any other sensitive personal information.

Second, be more thorough in your device wipes.  Avast's Android app offers a more complete device wipe solution (as do others).  This goes for any devices, though.  Smartphones, laptops, desktops, tablets, etc.  If it has a hard drive, then data can usually be recovered from it.

You don't have to sell your device for someone to get a hold of it.  Pin codes, remote device wipes, and kill switches can't always protect your data if your device is stolen, so it's important to not put anything sensitive on the device in the first place.  If it's too late for that, or if it's essential for you to store sensitive information on your device, then make sure you take care to do a proper wipe when you get rid of it.

Source: CNET

0 disqus:

Sound off