“Format” Your iPhone

by Eric March on May 29, 2008 at 7:07 pm

Thanks to the rather startling discovery people who bought refurbished iPhones made, we now know that even completely restored iPhones still contain personal data on them, because a restore doesn’t actually delete your data, it waits until you overwrite it with new data — much like deleting a file on the hard drive. It doesn’t actually get rid of the data, it simply marks the file’s entry in the file allocation table as “free” so that any new data written can use it. Until that happens though, the data is still there and accessible by anyone who knows how to get at it. (It’s a little different on the iPhone, but the idea is the same)

Absent a secure software data scrubber such as you can find on desktop computers, what do you do with your iPhone when you want to trade up to the newer, presumably sexier 3G model? You don’t want to be giving any potential hacker access to all of your contacts, your passwords, or your naughty bookmarks. The good news is that it’s possible.

The solution is pretty much what those of you who understand this stuff would expect: Scrub the memory yourself by writing new data to it, which is exactly as much of a pain in the tuckus as it sounds. Still, it’s better than the possible consequences of not doing so, and it’s not actually a lot of work. It just takes a while.

mogull of Securosis posted this method to manually scrub all of your personal data:

1. Restore the iPhone from within iTunes.
2. On the “Info” tab, un-check all options so you don’t synchronize calendars, email, bookmarks, and contacts.
3. On the Photos, Podcasts, and Video tabs, uncheck “Sync …”.
4. Create 3 big playlists at large as the storage capacity of your iPhone.
5. On the Music tab, select the first of your 3 playlists to sync. Make sure the storage bar at the bottom looks full after syncing.
6. Sync your iPhone, change to the next playlist, sync again, and repeat one last time.

If you’re wondering why you need to sync different playlists three times, it’s because NAND flash doesn’t work quite like a hard drive; rather than overwrite whatever space was just freed up, it simply uses whatever blocks of memory haven’t been used recently, and keeps doing that until it wraps around and starts over at the beginning. NAND flash only has a limited number of write cycles, so it does this so that it doesn’t wear out any particular block before the others. Syncing 3 big playlists should ensure that the flash memory has cycled through all of its blocks (and then some), thus ensuring that any (or at least most) of the personal data you had stored is wiped out by new data.

Before you sell that iPhone, seriously consider doing this. The term “forensic data recovery” may sound like something only experts with extensive training can do, but for simple deletions like this, accessing data the data is easier than you think.

(Securosis, via Hack a Day, via Engadget)

If you enjoyed this story, join the growing number of subscribers to our RSS Feed for live updates!