1

When performing a factory reset on Android devices, it is my understanding that the pointers to the data located in the SD card are simply erased while the data itself remains intact, waiting for future overwriting.

However, I have recently come across the concept of "wear levelling" in the context of SSDs which means filling an SSD to full capacity with junk data will still always leave a bit of the data storage intact. Overwriting to full capacity would, to my understanding, make it less likely for a user created data to survive but this is not really 100% guaranteed with a finite number of overwrites.

Since SD cards are a type of SSD with no moving parts, does this mean it is impossibpe to truly make all data ever created as a result of user actions irrecoverable?

Anon1337
  • 11
  • 2
  • Im fairly certain that the overwhelming majority if sdcards cant be overprovisioned (ie support wear levelling) - they lack controller/complexity in sdcards which is one reason they are slower and wear out so much quicker - without this overprovisioning abstraction the data cant hide from the user as it can with ssd's. – davidgo Dec 01 '21 at 18:10
  • 1
    The price of a new SD card is definitely lower than the cost of compromise of sensitive data, multiplied by the chance of compromise. –  Jan 01 '22 at 03:32

1 Answers1

1

It is true that directly overwriting sectors on flash based media is useless because of wear leveling. But flash media prevent data recovery of deleted data:

  1. Sectors of deleted files is usually marked as deleted via TRIM command and trimmed sectors can not be read using the regular interface (they just return zeros as data). This is no real security measure but it makes data recovery harder

  2. The free sectors that can be used by wear leveling is limited, even considering overprovisioned sectors that are not linked to logical sectors. Therefore overwriting the free space multiple time increases the chance that you also overwrite the data of a deleted file

  3. Last but not least when it comes to a full erase of a media like when a factory reset is performed a secure delete on e.g. Android is simple as recent devices are fully encrypted by default. This applies to the internal flash as well as SD-cards that are integrated as adoptable storage. They are encrypted by default and when you perform a factory reset simply the encryption key has to be erased so that all data becomes inaccessible. SD-cards that are not adopted are as far as I know not modified by a factory reset at all.

Robert
  • 1,373
  • 2
  • 12
  • 13