Are your naked selfies safe? Researchers recover 100s of nude photos from second-hand smartphones

Security experts purchased 20 used smartphones from eBay and recovered thousands of photos from devices that had been 'securely wiped'

James Vincent
Friday 11 July 2014 08:09 EDT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Security researchers have warned that the “factory reset” function on Android handsets fails to properly delete data after retrieving more than a thousand photos of men and women in “various stages of undress” from second-hand phones.

The study conducted by Avast used advanced data retrieval techniques to recover data from 20 second-hand smartphone purchased from eBay.

More than 40,000 photos were recovered including “more than 250 selfies of what appear to be the previous owner’s manhood”. The researchers were able to identify the previous owners of four of the 20 handsets, and described the amount of data retrieved as “astonishing”.

Avast say that the problem stems from the method of data deletion used by the handsets, with the ‘factory reset’ option only deleting the directory that points to the location of the data – rather than the data itself.

A Google spokesperson defended the OS, telling technology site Ars Technica that the researchers must have been using older Android devices and that their findings did not “reflect the security protections in Android versions that are used by 85% of users.”

This statistic suggests that Android users running version 4.0 and later should be safe using built-in data wipe functions, although Google also recommends enabling encryption on their smartphones – an option available under Settings and then Security.

Extra security conscious users can even load ‘dummy data’ onto their phone following a factory reset and then deleting that set of data that before putting the device for sale online.

For iOS users encryption is built in, with all Apple devices apart from the original iPhone, iPhone 3G, and first two generations of the iPod touch using Advanced Encryption Standard (AES) to secure data.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in