0

On a regular PC hard drive, files aren't actually deleted, so they can still be recovered from the raw data on the drive. So there is the process called zeroing out a file when you delete it so that the chuck of binary space on the HDD is set to all 0s when the file is deleted.

Is this the same for an Android device?

I've read that SSDs may work a bit differently. So would having an app overwrite the file with binary 0s before deleting it have the same effect and protection against file recovery?

ComputerWhiz
  • 21
  • 1
  • 3
  • Secure file erasure tends to have a lot of hardware-specific factors. I’m not super familiar with mobile device storage, but I imagine what is true for one device, may not be for another. – nbering May 11 '18 at 00:50
  • 2
    tl;dr You cannot safely delete files from an Android device because of overprovisioning, wear leveling, sector relocation, etc. It is like any other SSD in that sense. – forest May 11 '18 at 01:12
  • 1
    Definitely not. These storage mediums work completely differently than hard discs. The only way I know of to be *certain* that data on solid state memory is irretrievably deleted is to smash the disc to pieces and torch it. – Chev_603 May 11 '18 at 06:34
  • @Chev_603 You would be surprised how small the actual components which store the data can be, and how much heat they can withstand. – forest May 11 '18 at 09:22
  • @forest I vote for leaving this open, because while it is the same answer, it is very different question. It is not obvious Flash memory in phones acts the same as SSDs when it comes to deleting files. People may not be able to find the answer if we only leave the SSD one. – Peter Harmann May 11 '18 at 11:23
  • @PeterHarmann That's a good point. I've retracted my vote. – forest May 11 '18 at 21:56

1 Answers1

1

As was mentioned in the comments, Flash memory in mobile phones acts very similarly to SSDs, and therefore securely deleting a file is mostly impossible.

Quick summary: Flash memory can only be overwritten finite amount of times before it dies. To prevent parts of memory that are used often from dying, flash memory uses wear leveling.

That means when you delete a file, it only marks the space as free to be used for writing later, but it does not overwrite the file, as that would increase the wear unnecessarily. When you want to write data, it chooses a sector marked free that had the least amount of writes. It spreads the writes out in this way. This however means, that if you try to securely delete a file by let's say writing zeroes to it, the zeroes may be written to entirely different part of the memory (with less writes) and the file may remain.

Overwriting the whole flash memory also is not an option, as these memories have additional space reserved for leveling. So if you have 16GB memory, it may in reality be something like 20GB, the 4GB being in reserve to use for leveling when the memory is nearly full. More details here.

Peter Harmann
  • 7,728
  • 5
  • 20
  • 28