Welcome to Boardsort™ - Learn - Sell - Profit -

Learn to properly Sort, Sell, and Profit from your electronic scrap material.
It is currently Thu Mar 28, 2024 11:31 am


Post new topic Reply to topic  [ 5 posts ] 
Author Message
PostPosted: Fri Oct 18, 2019 11:04 am 

Joined: Thu Nov 09, 2017 10:40 pm
Posts: 25
I run a small e-recycling business. I get paid by several customers to destroy data, which is simple on PCs. I either wipe drives with data destruction software or physically destroy the drives. On cell phones, though, it's a different ball game.

I recently got a stack of about 600 cell phones from a single customer. Many are iPhones with Apple IDs intact. The rest are Androids or older, pre-smart phone units. I've read that a factory reset may not be good enough to remove data from Androids and iPhones seem to be impregnable without Apple IDs and passwords.

What is the correct way to wipe data from Androids if not a factory reset? How do I go about assuring the data is safe on units that will not power up? If I sell them to Boardsort, how can I be certain the data cannot be accessed? I need to avoid the liability. Is there a safe way to destroy phones with built in batteries without fully disassembling them?

Thanks in advance.

Allen


Top
 Profile  
 
PostPosted: Fri Oct 18, 2019 12:05 pm 
Site Admin
User avatar

Joined: Tue Feb 03, 2015 6:57 pm
Posts: 9751
Location: Low DOS
[edit] read new post at end of thread[/edit] Android:
For 99% of the population. Encrypt the phone, do a factory reset. Done. Unless a government wants to spend dozens of thousands of dollars rebuilding a flash dump...! It’s good as dead data.

For phones that boot: it’s fairly easy.

Method 1: long but correct method

Factory reset
Skip over account setup
Upgrade to highest android available for the phone via settings
Restart again (the upgrades restart the phone too)
Go to settings -> security or the related term for the manufacturer
Choose to encrypt the file system.
Restart.
——
Now do a hard reset into recovery mode.
Each phone is different but but for most you hold power and volume down. Bing or google it to find out per model (android recovery mode) it can be a few seconds, or a few minutes, of holding buttons down.
Once there the little android will show up with his chest open.
Chose prompts with volume up/down and select with power.
You want the equivalent of wipe and restore
For ease of explanation: in human terms Each time you do this it kills off some number of cells by shifting block 0 right some number of cells. So not only are you destroying an encrypted partition, you’re overwriting part of the encryption table.
No company including Celebrite has shown they can recover more than fragmented garbage after this.
(if you really want to bork it for fun you can flash the recovery rom here too AFTER you wipe here). On most phones Updating the Rom from a non-existent one installs-> nothing. Lol. DOA

Method 2: The fast but tech way
Assuming you have the connection cables for each brand (you can buy the Celebrite cable kits on ebay for under $50
Download Odin.
Either load or reset the phone to get in. Go to settings
Activate the developer menu. Usually about-> software version and tapping the info block 6-12 times but you can bing it.
Turn on ADB.
Load Odin
Plug the phone into the computer and click the larger square in the top right of Odin. This will sync the phone to the software.
In Odin 2 Then select
encryption
Erase
Reset
Flash (tap escape when the menu pops up to chose the image location)

In Odin 3
Auto reboot
Re-partition
F reset time
Flash lock
Phone boot loader update (tap escape)

Then for either click start and walk away
Good thing with Odin is it’s totally scripted and automated, AND it won’t reset the settings on the app once it finishes. So just unplug the phone and plug in a new one. Down side is they all need ADB (Android debug bridge) activated on the phone.
Most android phones can be screwed over with oden by not matching the phones up so you can just keep going on all the phones that allow you to click start.
Skip the ones that don’t for now, and you can restart Odin to match those up individually after the first batch is done.

Oden will also work on many damaged phones phones you can’t power on alone. And even if you cannot access the settings via the phone to turn on ADB a repartition will royally screw up the phone.
Again you’re flashing blanks so you’re clearing and overwriting.

If the phone is totally dead: email Chris and ask what their data destruction policy is.
If they don’t have a system in place you can try GreenDisk. But you have to PAY for destruction.

Apple is easy because the entire system is encrypted.
In newer cases where the user was smart just keep trying to access the phone until it self destructs. (Between 6 and 12 failed tries) Nice expensive paperweight.

For users who didn’t activate that option in settings or phones older than the 7... only one company in the world (Celebrite) ever got ANYTHING from an iPhone and even there they didn’t get it from the phone itself. They used strings, tags, hex values... bunch of tech stuff from the phone’s encrypted dump to access data that wasn’t on the phone itself.
iPhones... just do a reset (if you can) and send them in to be scrapped. Nobody is getting anything off it. Don’t believe me? Just ask the FBI.
;)

_________________
42 6F 61 72 64 73 6F 72 74 2E 63 6F 6D


Top
 Profile  
 
PostPosted: Fri Oct 18, 2019 12:33 pm 

Joined: Thu Nov 09, 2017 10:40 pm
Posts: 25
You are fabulous. I am continuously astounded by the breadth and depth of your knowledge.


Top
 Profile  
 
PostPosted: Fri Oct 18, 2019 12:53 pm 
Site Admin
User avatar

Joined: Tue Feb 03, 2015 6:57 pm
Posts: 9751
Location: Low DOS
Lol. I found out about Odin some time ago when I got a used tablet for $20 that was so messed up I just wouldn’t do ANYTHING. No matter what I tried to do.
I used it to install an unsigned ROM. Then continued to do stupid things until it had a full fledged non-android Linux up and installed.
It still wouldn’t do anything but it showed me just how easily Odin could destroy stuff. It’s been my Linux phone and tablet killer/destroyer ever since.

Don’t use it for your own stuff unless you know EXACTLY what you are doing and how to do it WITHOUT Odin. A mistake in this program is permanent.

Un-technically— using totally incorrect terminology:
Odin with ADB basically turns your phone or whatever into a serial drive. Giving you direct access to raw components. With some know how you can use it as a gateway to bare metal for reprogramming. It’s built in compartmentalised objects and open source so you can mod it too.
YouTube and Daily Motion have some videos of people screwing up all sorts of peripherals from video adaptors and card readers to keyboards. Anything with a kernel and writable space.

_________________
42 6F 61 72 64 73 6F 72 74 2E 63 6F 6D


Top
 Profile  
 
PostPosted: Sat Oct 19, 2019 1:44 pm 
Site Admin
User avatar

Joined: Tue Feb 03, 2015 6:57 pm
Posts: 9751
Location: Low DOS
On the other hand: if you plan to make any habit of dealing with phones you could just buy a Celebrite!
I’ve had two. An ancient original one bought for $50 used and a more recent one that I “loaned” to a “friend” and never got back. :(

They run a few hundred to a few thousand depending on model and generation but there’s only two things to consider regardless of age.
2nd generation or newer.
Cable kit has a minimum of 60 adaptors. The 60 kit covers all android, most feature phones, and all Apple devices.
Like using a computer only easier. Plug the phone in. Make a few settings adjustments. And kill a phone in 10 minutes or less.

_________________
42 6F 61 72 64 73 6F 72 74 2E 63 6F 6D


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC - 5 hours [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to: