Erase an iPhone properly


A fundamental problem with flash memory has just gone mainstream. A detective successfully recovered data from a refurbished iPhone purchased from Apple. Flash memory controllers write to blocks randomly so using standard secure erase techniques are no guarantee that all of the storage space will be written.

[Rich Mogull] has posted a method that should wipe out almost all remnants of your personal data. You start by restoring the iPhone in iTunes and turning off all the syncing options. Next you create 3 playlists large enough to consume all of the phone’s storage space. Sync each playlist in turn and your residual personal data should be obliterated. All that’s left to do is sit back and wonder when the first article about the MacBook Air SSD being impossible to securely erase will be published…

Comments

  1. jrod krip says:

    hrrm, or you could try the will it blend approach…securely erasing the iPhone should work too…

  2. polobunny says:

    Alternatively, a fill with zero secure erase would work fine…

  3. tony says:

    I like the will it blend idea. i saw the title and clicked on it thinking i was going to get to see an iphone that had been rapidly disassembled. now i am disappointed

  4. barry99705 says:

    Hey polobunny, how would you go about that? The iPhone doesn’t show as a drive when you plug it in.

  5. Use the SDK to wite one that runs on the phone?

    Doesnt have to be done via a PC/Mac

  6. wackyvorlon says:

    An important point to remember: Flash only writes zeros, not ones. When you write to a flash device, it sets the contents of the block to all ones via erasure, then writes the appropriate zeros in place.

  7. barry99705 says:

    Well that wouldn’t work either, it would stop right as it erases itself. Just like doing a rm -Rf / on a linux box.

  8. PaulJ says:

    I can erase any SSD drive, with a nice ball-peen hammer… though the resale value falls significantly, after the process is complete.

  9. Hello1024 says:

    No – none of those methods will fully work, because the SSD has spare blocks (more blocks than it’s rated capacity), which are used for wear leveling and replacement of faulty blocks. Filling the device with anything won’t fill the remaining “spare” blocks that may have your data on.

    Note this WILL work for some filesystems that work at a lower level than a block device – JFFS2 for linux being the most famous example.

  10. Savannah says:

    i found an iphone and the password is set, how would i change the password and use the phone?

  11. This is a neat article and I was shocked to hear that apple didn’t completely erase the contents of the referb. thanks for the info :D

  12. Sam Mitchell says:

    you think by now someone would make an easy way to hack newer phones, an app – one for all kinda thing. just my thoughts, if you get a min take a look at my site, hopefully you’ll like :)

  13. Rogers %9 says:

    Super-Duper site! I am loving it!! Will come back again, Thanks.

  14. Guru Wannabe says:

    WOW – this just opened my eyes – already excited to see new versions coming!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 92,374 other followers