7

Flash memory uses wear levelling (changing the physical location of data stored) to maximize memory life. Most flash memory has some "spare" space that is unreported that allows it to replace bad parts as they wear out. This means that there may well be small amounts of (worn/bad) memory that still holds some of your data.

iPhone uses nand flash memory (which uses wear levelling), so how can file shredders overwrite data in worn out areas.

Can fileshredders be used on iphones? How useful are they?

Buurman
  • 103
  • 4
  • 1
    Possible duplicate of [how much security does the iPhone factory reset provide](http://security.stackexchange.com/questions/141940/how-much-security-does-the-iphone-factory-reset-provide) – Nick T Nov 09 '16 at 17:52
  • that wasnt answered there –  Nov 10 '16 at 06:48

2 Answers2

2

They aren't, in general. The point about spare space which is unreported is that it's for internal use only - any software accessing the memory through normal methods doesn't know whether the data goes on what was previously spare space, space which has never been used before, or if it's overwriting some data which is marked as deleted.

If the memory unit (drive/chips/whatever) has some specific "wipe" method, it might be that this specifically overwrites spare space, but the only way to check would be to access the data in a non-standard way, since the normal methods would just show the data on the currently readable parts. You'd also have to trust that the method which was provided by the manufacturer actually did what it said it did.

However, if you've used full disk encryption (or equivalent - full device encryption, perhaps, with a phone), it all becomes academic. If the keys are destroyed, any data is practically unreadable, whether you can pull it off spare space or not. That's why the general advice for SSD/flash memory use is to encrypt before writing anything important to disk - it means that even if there is some data you can no longer overwrite reliably, it still can't be used.

Matthew
  • 27,233
  • 7
  • 87
  • 101
1

Most information on an iPhone's flash drive is just encrypted, each file with a different 256 bit key. So if there are bits of some file left around that is no big deal, you won't be able to decrypt them.

There are some bits that are more critical. There is a master key, which is encrypted with the user's passcode (plus a key in the CPU, plus a key stored on the flash drive), and the encrypted master key is stored in two locations on the flash drive. The OS has direct write access to these two locations, so any write to these two locations goes directly to the flash memory, with no write levelling algorithms involved.

gnasher729
  • 1,823
  • 10
  • 14
  • If I recall, wear leveling in flash memory usually is done transparently by the flash memory chip's controller, i.e. the OS has no control over it. – Lie Ryan Jan 10 '17 at 01:15