Android free space wipe

Yeeah, first post

Just purchased an android phone (htc one s) and I did some searching and found this awesome site! I read this post here:
https://www.wilderssecurity.com/showthread.php?t=310143&highlight=textsecure

and immediately downloaded several of the applications from the above link.

TextSecure
OI Safe
and file shredder based on this thread here:

https://www.wilderssecurity.com/showthread.php?t=320996&highlight=android file shredder

Now my questions:
I was unable to find any type of wipe or delete app that wipes free space. Is there such an app? Selecting a file for delete sure, but before I found this site I have some things I'd like to make sure stay deleted, but I used the phones delete so I know the images are still there *

Where does android store the sms/mms, call history ect? I used a file manager and couldn't find them, and they're not saved on my sd.

and finally has anyone heard of these following apps, and do you have an opinion on them?

S.S.E. by Paranoia Works
Mobile strong box by Alin Coman (i like this one)
and finally,
wipr by Michael Cowell (free version is 5 pass, overkill yes but it's free)

 

not sure how reliable a freespace wipe would be or if even possible , since your phone uses flash memory , meaning no matter how many times you overwrite sectors with 0s the unencrypted data will be recoverable its not like a moving disk hdd where you can be sure that everythings gone once overwritten with 0s , and i dont know any phone supplier that offers phones with mechanical hdds ,lols, in order to be 100% sure , youd have to use a fully encrypted firmware rom that does on the fly decryption using the phones ram , for wich in turn would require special phone hardware , basically youd need truecrypts phone version havent heard of something like it as of yet, would make for an epic phone thou

 

Would steer clear of File Shredder as i saw first hand that it doesn't work all the time, leaves the file information intact and has not been updated in quite awhile.

SHREDroid can do this however, it leaves file information intact and hasn't been updated in a long time.

I just purchased the pro version of Wipr the other evening because of the automatic "file name scrambler" after shredding and plan to put it through the paces against file recovery tools later today or tomorrow. Assuming it passes, i would use the following setup:


History Eraser or similar app - to clean sms/mms/call history/cache/etc

Wipr - file and folder shredding

Free Space - hook your mobile up to your computer once or twice a week/month whatever you are comfortable with and use "Eraser" to overwrite that space. I tested it before with great results

EDIT: Also, KeePass Droid and LUKS Manager should be part of every Android device!

 

thanks for the response. I'm not rooted so luks manager is out . is oi safe inferior to keypads droid?

if your tests show wipe effective I Will certainly purchase it, so please don't forget to post results.

any thoughts on the other 2 apps I mentioned?

also I use eraser for my pc, I know I can wipe sd free space, but not system free space on the phone, correct.?

finally if u have any links to android phone security or how/where android stores sms/mms would be awesome..
thanks, and ill be watching for your results

 

There's no point in doing any security-type stuff if you don't have root rights. Right?

Even if you do, you're hosed unless you can use trusted firmware. Right?

 

just because I'm not rooted doesn't make my phone less secure.

while I've been unable to find any guide lines on how to choose a particular app on this site, I figure if the code is open source, doesn't ask for network permissions, is well reviewed in google store .(and recommended here). chances are its probably pretty good.

if your referring to firm ware for a rooted phone I can't speak to that. (although my old school optimus v was running cygenamod v7)

 

OK, so I don't know much about Android devices.

But, if you don't have root rights, who does?

Whoever that is, the device is secure for them, not for you. But, as long as they like you, it'll be secure for you too, I guess

 

LOL that was funny . I'm no Android specialist, and maybe someone with more expertise can chime in.

all the more reason to encrypt your sensitive information. if its encrypted someone you don't authorise can't access your info, wether that's your cellphone carrier, an unscrupulous person, or the police.

at least that's my hope/belief

 

nice dream there bud , reality is quite abit different from where im standing , lols

 

Right, but you seem even more paranoid than me

 

where DO you stand exactly? Are you saying the only way to secure your phone is to run it rooted with some sort of security rom?

it would seem to me aftermarket apps seem quite capable to secure the items I need secured, (text messages, pics) and being on this site for the short period seems to confirm that based on what I've read so far.

if you have some information (links or anything) saying either the apps don't actually work, or the encryption is not as advertised or rooted and security Rom is the only way to go then I'd def want to hear/see that. however based on the recommendations from members here I think its ok. Again if you have something SPECIFIC to add PLEASE share

 

lol I'm pretty bad too tbh but I think your right

 

Well, I'm not going to buy one until I get clear guidance about security.

 

you dont wanna know where i stand, right behind you , lols , anyhow no problem ill gladly share my findings with you dear wilders member , and yes a rooted secure firmware rom would be the very first starting point , using lets say proven and secure programs such as a couple previously mentioned, if theyre easily bypassed with a firmware hack or hell a backdoor , hence why you need a rooted secure fimware rom that prevents such intrusions , aka anybody but you trying to access your phone , thats what should be your concern , so heres a couple links for you to read up on , enjoy

http://thehackernews.com/2011/11/your-android-phone-is-spying-on-you-use.html


and here some rom suggestions, btw you dont have to run in root mode if you dont want too with cynagon custom rom

http://lifehacker.com/5915093/five-best-android-roms

http://labs.neohapsis.com/2012/04/12/cyanogenmod-9-an-android-rom-without-root/

about the softwares , well i honestly never heard of them , but if anybody got some reviews on them please do link , while i do some research on those


ive yet to find a full on security guide on all things android , mirimir , still searchin, but one thing i can tell is id choose android over apple or any other phone for that matter that aint android a million times over no questions asked

 

That's only if he has CarrierIQ installed, then root is required for removal. Otherwise you can easily check without root if it exists.

@OP: Don't forget to encrypt your phone (and SD Card), Android 4.0+ has that built-in. Heck, even adblocking and firewall don't need root anymore.

 

x942 is the resident Android security guru. I think he's actually working on a custom security ROM.

I also hear that Moxie may be working on a new WhisperCore.

I'm far from a guru, but I do run Android Jellybean 4.2.1.

I feel secure running a custom, AOSP (Android Open Source Project) based Rom (Rasbean Jelly), rooted. I use a custom kernel as well (Franco). Android encryption is based on dm-crypt. It offers pre-boot auth. I know it works, because TWRP custom recovery can't read the user partition (where all your tracks and data lay) without the pass phrase. While you are limited to a 16 character screen unlock code, EncPassChanger allows you to change the PBA pass to as many characters as you want. If you have a Galaxy Nexus (I do), BootUnlocker allows you to re-lock the boot loader. Remove all permissions for ADB and keep Debug off.

Firewalls, Anti-Malware, OpenVPN, KeePass, Orbot, TextSecure, RedPhone, Encryption manager, DroidCrypt, etc... - I feel protected. Way more than Windows Phone or iOS, that's for sure. God bless Linux.

I don't worry about free space wipes because I'm encrypted. It would be like wiping a TC container, to me...not needed.

PD

 

thats more like it , let me know when that security rom from x942 is out , id like to know , and the full phone encryption does sound very nice indeed, and your sure that nothing gets leaked to some unencrypted location ? , hell you know what it would be awesome if someone could make a full on security setup tut for android phones , maybe x942 could join in , hmmm....

 

WhisperCore is/was full phone. Built in ICS/JB allows access to some other partitions (I don't feel like re-booting to Recovery right now though, to see which ones, LOL)...I'm just not sure if anything that matters, resides there. If you lost physical control of your device, I'd wipe it and start over, because stuff could be placed in the other locations that could compromise you.

As usual, it's all a compromise. WhisperCore was awesome, but you were stuck with Gingerbread 2.35 forever. Custom ROM builders update their stuff with new, and awesome features, every week. So pick your poison. The built in ICS/JB encryption is fine, for me.

And remember, there is only one OS that NSA has built for - Android. Now, take that for what you paid for it...that may mean *don't* use Android, LOL! But I think it just means that the tools are there to secure it better than the competitors.

PD

 

I need to backtrack here from my previous post as inexperience with my new Galaxy Nexus has shone through

You see, previous testing was done with my multi-purpose device running gingerbread 2.3.4 and has external storage. Both internal(system) and external storage mount as drives when connected to a computer allowing restoration/wiping tools to be used from the computer. This is not the case with the GN or your device. One system partition that uses the MTP protocol instead.

When connected to a computer, i still can see/access Files and Folders but tools cannot be used as our devices show as a Portable Device and not a Drive. I would guess this provides more security but has no benefit for testing purposes.

So, any testing if possible has to be done inside the device itself which i am going to attempt this afternoon after backing up my current rom.

 

Is this a joke? Are you serious?? They really have this on my android phone? wtf If this is true I can understand the reason for the parinoia! WOW! that's NOT good! Maybe I'll get on the rooted/rom bandwagon!

Wow thanks J, just downloaded that app and it says my phone is free from the dreaded carrier IQ...

DONE! just downloaded the firewall you linked. Can you speak to the strength of the android encryption? If I'm on the streets of China, and they seize my phone are they able to break the encryption If I have a 16 character pw?

Maybe you can speak to that too Pauly

So are you you still gonna test wipr?

Can anyone speak to the following questions?

1) Root/non- rooted? Is it necessary to root to be MORE secure? Can an unrooted phone be just as secure?

2) Where does the android save call history, sms, mms, and pictures sent via mms?

It would really be awesome if the resident guru (x942) of Android phones had a guide, a step by step on how to secure your phone. Maybe 2 guides, 1 rooted and 1 unrooted. this thread is awesome! I've learned so much, thanks and keep it guys!

** edit ** anyone have a good non rooted backup app? I MIGHT go the rooted route... haha we'll see! thanks

 

All about dm-crypt on Android 3.0 and newer:

https://source.android.com/tech/encryption/android_crypto_implementation.html

If EncPassChanger is available for your phone (see if it says "Install" on Google Play) then just use it to change the PBA pass to a monster. Needs Root though.

A phone that is "On" is like a TC container that is mounted however...only the lock screen is protecting you. So next you have to research lock screen bypass. Using the full ASCII char set is best, and 16 'as random as memorable' characters is darn near improbable to be brute forced. Then you need to look at ADB/Debug exploits via OTG or PC. This why you should keep Debugging off in the options and remove all permissions from adb in /system/bin. Then have secondary encryption via an app, for really important stuff.

And get good at quickly turning your phone 'Off'
(Anti-Theft may help here - send a quick SMS from a buddies phone, to turn it off - encryption kicks in).

Root is more dangerous, but more useful (to techies).
Custom Recovery is more dangerous (But encryption protects here pretty well).
Unlocked Boot Loader is more dangerous (The GNex can lock and unlock at will though, no data loss, so lock it when going out the door).

But you can only do what you can do, right? You can not carry a phone to be safest, LOL

Edit: I'd also like to add that I have only ever owned a Nexus device...I have no idea what carrier phones/software can or can't do.

PD

 

No idea but you could use a cleaning app from the Play Store like "History Eraser" to deal with that.

Yes - did some minor testing and i say minor because you and i are limited testing wise to interior only.
With the pro version, file information is scrambled after shredding and i selected "not to delete" the file after shredding. Checked all files shredded and they were indeed shredded & file info scrambled. Every single one "failed" to open. File properties showed the scrambled name only.

Only Play Store File Recovery/Undelete Apps i could find were:

#Undelete for Root Users - on my mobile, this app was hidden from me in the market. Think because it only supports SD cards.

#Hexamob Recovery Lite *root* - really wanted to try this one as it supports EXT4 file systems which i have. Unfortunately, every time i opened the app it immediately closed Have no idea why

#DiskDigger - was only left with this one and the problem is - it recovers "everything" on the disk in the form of .png,.jpg,.mp4 whether it's deleted or not Over 4000 pngs, jpegs and mp4s Another problem is the program renames the files it finds with which sector it was found So really difficult to use this as a test tool.

Wipr appears to do what it says but again, i'm having a hard time giving it a good test without the use of tools through the computer.

 

Arrgh, I knew this but I wanted to see what all the cool kids were talking about so I decided to root my phone lol For the HTC they don't have anything like gnex, which allows me to relock my bootloader I haven't decided which rom to use, so for now it's just rooted, with stock firmware. Maybe I will unroot my phone and keep it how it is Not sure what to do
tbh :/

Awesome! Thumbs up on this review! Thanks for posting back. Gonna pick this app up tonight, I have some "pictures" that need a secure wipe lol

 

Now that your rooted, can you try "Hexamob Recovery Lite *root*"? I want to know if my issues with that app are Nexus or Jelly Bean related.

Also, have a look see at LUKS Manager. Just like TrueCrypt on a mobile

 

I tried it, and was not impressed. Didn't seem to find anything, but the app I DID try and it caused me to wipe everything and start over again was disk digger! Wow that app found so many pictures on my sd I crapped my pants! (even after doing a 3 pass with eraser AND cc cleaner!) Seems like my htc one wants to make copies of copies of my pics and put them everywhere, on the system memory as thumbnails, and on the sd card.

If you want a good recovery tool to test your disk cleanliness, please use disk digger (root required) I was so impressed I purchased it, and check to make sure there are no pics leaking out anywhere lol

I'm using the app safe camera, (awesome app check it out!) and mobile strong box.