Friday, 28 October 2011

Securely Wiping your Personal Data from the iPhone

It seems like every year Apple release a better 'must have' version of the amazing iPhone, sparking a rush to upgrade by the masses. Ensuring all your precious personal information is securely removed from your old iPhone is an essential step to take before trading in or selling your old iPhone on eBay. Like any smartphone, the iPhone hoards all types of sensitive information about you, not just your embarrassing ABBA playlist and dodgy drunken pictures from the weekend, but all your Emails including access to future mails, username and passwords for websites and social media, and even sensitive financial information such as bank account and credit card details are often stored. So unless you are putting your iPhone through an industrial crusher, you really need to ensure you erase all the data from it before passing it on, this post explains how.

This data erasing advice and method also applies to the iPad and iPod Touch

If your old iPhone is a 3GS or an above model, then securely erasing your personal data is simple enough. The 3GS and above iPhone models comes with built in hardware encryption by default (not that you can switch it off), namely the iPhone uses AES-256 encryption, which encrypts all data stored on the iPhone to a strong industry accepted standard. This is not to say your personal data is safe if your iPhone is lost or stolen, due to the way Apple have implemented this encryption, however that is the subject of another blog post, the important thing here is all the your personal data that is stored on the iPhone, is strongly encrypted, therefore by merely deleting the encryption key securely from the iPhone (and everywhere else), will render all the personal data inaccessible.

Built into the iPhone iOS is an option to erase all the data on it and restore it to factory conditions. Apple states the encryption keys are removed (which doesn't take long) and then a series of ones are written to the entire data partition, which is why it takes a couple of hours to complete the process.


"When you opt to “Erase All Content and Settings,” the process can take up to several hours. The time this process takes will vary by device:

Devices that support hardware encryption: Erases user settings and information by removing the encryption key to the data. This process takes just a few minutes.
Devices that overwrite memory: Overwrites user settings and information, writing a series of ones to the data partition. This process can take several hours, depending on the storage capacity of your iPhone or iPod touch. During this time, the device displays the Apple logo and a progress bar."
 - Apple


The overwrite of the entire data partition with ones post encryption key removal makes the process secure enough to trust in terms of general third party data recovery risk in my personal view, however military organisations and some industries (and the paranoid) may well require further overwrite passes of the data partition with further 1s and 0s, for which there is commercial software available, such as iShredder. If anyone has managed to recover data from an iPhone following Apple's erasing process, I'm yet to hear about it.

How to Erase your Personal Data from the iPhone
1. Backup your iPhone in iTunes, you may well want to restore your personal information to your new iPhone.
2. Make sure the iPhone has power, this process might take a couple of hours to complete, you don't want the iPhone to run out of battery life before finishing.
3. On the iPhone go into "Settings"
4. Then select "General"
5. At the bottom tap "Reset>"
6. Select "Erase All Content and Settings"
6. Tap "Erase iPhone"
7. Wait a couple of hours and you are done.

Finally don't forget to remove the SIM card. The iPhone doesn't store any data on the SIM card but it is a wise precaution just in case your mobile operator doesn't de-active it properly, also its not like the person you are selling the iPhone to needs it anyway.

15 comments:

jason @ security door chains said...

It's amazing how many people will sell their old phone to a store when they update, and leave information on there.
A friend of mine works in such a store in Stockport and one iPhone he got sold had not only some bank details including a password but some pretty let's say near-to-the-knuckle photos of what could possibly be a girlfriend.
Think before you sink!

Laptop Repair said...

It's amazing how many people will sell their old phone to a store when they update, and leave information on there.

dissertation said...

yeap...cool to backup your old files from phone!

professional resume said...

Very cool post! I like it.

custom writing essay said...

Thanks for providing such a great information here.

Anonymous said...

btw: There is a new version of iShredder available. See http://itunes.apple.com/us/app/protectstar-ishredder-pro/id441224022?mt=8

Anonymous said...

Interesting article, though there is a MacOSG article that says that a police officer managed to recover data despite erasure...The article is not dated...but it would be interesting to see what the author thinks...

http://www.macnews.com/content/macosg-securely-erasing-iphoneipod-touch-photos

dissertation template said...

It is good to be read your post IT Security Expert and who else will read it he will definitely get many more.

My site said...

Would you rather spend all of that money on MORE portable devices that can do the exact same things as your phone, or would you rather SAVE all of that extra money and just use your phone and use all of that extra money on more important things? Hell, if my phone works perfectly fine showing movies on the go then why the heck would I spend money on extra stuff to do the exact same thing? @Jackson

Nathaniel Sandoval said...

These are some of the things we really need to take care of, people generally in hurry don't bother about this but this is something essential. Our personal data in someone's hand can destroy us if it's important one.

www.paperwritings.com said...

Nice article. Thanks a lot for sharing this information.

Kernos said...

That it takes hours is encouraging, meaning it is wiped more than once and not just flipping some bits.

Still I would be more comfortable being able to mount the iOS disk on a desktop and use industrial strength utilities to make sure no data cannot be recovered.

One seems to always be working in a vacuum with iOS and even OS X > 10.6.8 and trusting Apple a la "feudal security".

Anonymous said...

thank's for the information buddy, cheap essay writing realy good tips for me..cheers

Red said...

I am happy to find this post very useful for me, as it contains lot of information. This is first time see this information I want to say that it is very good and informative. resume writing I like it and I appreciate you for your effort.

Anonymous said...

I have iPhone. academia-research.com review And your post was really useful.