Android's flawed factory reset vulnerable to data recovery

According to researchers at Cambridge University, around 500 million Android smartphones are vulnerable to a flaw in the factory data reset function that could allow the recovery of a wide range of data.

Following a series of tests, the researchers estimate that 500 million Android devices don't fully wipe data partitions that contain sensitive data, allowing the restoration of contact and message data from first- and third-party apps. In 80 percent of phones tested, the researchers were able to extract the Google master token after a factory reset, giving them access to Gmail and Calendar data.

The team also estimate that 630 million devices don't wipe SD cards and other places where pictures and videos are stored during the factory reset process. This is concerning for people who sell or give away used smartphones, who might think that sensitive data is removed after a factory reset, when in many cases it's still accessible.

It was also discovered that the flaw in Android's factory reset allows you to recover data with full-disk encryption enabled. During the reset process, the decryption key isn't wiped, and recovery of the "crypto footer" along with this key allows an attacker to crack the encryption offline.

V-NAND causes data recovery complications

With the introduction of stacked NAND cells to increase performance and capacities, how does this effect data recovery success rates?

V-NAND data recovery complications...

Recently ‘Planar’ NAND technology has expanded with changes to density (Gbs per square millimetre), bits per cell and power consumption, notwithstanding the decreasing costs to produce it. However squeezing more bits into each NAND flash cell is becoming challenging and we are approaching the limit. Welcome to 3D NAND or V-NAND technology! Well we are now seeing several layers stacked vertically which improves the performance significantly.

Solid state drives (SSDs) based on this 3D or Vertical NAND technology have 24 or even 48 layers (256GB), with talk of 64 layers soon! Stacking cells has lots of benefits, including higher capacities and improved electrical performance because of the shortening of the interconnecting lengths between cells. But this new technology has massive implications for data recovery. When cells fail, removing chips becomes increasingly more difficult.

Data protection methods: Mounting backups vs. recovering from backups

Mounting a virtual machine image can save time, but there's a penalty to pay for the convenience. We list the questions to ask when deciding which data protection method to employ.

Backup software today is not the file backup software of yesteryear. It has evolved significantly to back up virtual machines (VMs); containers; cloud applications; edge devices such as laptops, tablets and smartphones; websites and more. But one of the data protection methods generating a lot of excitement is the ability of backup software products to mount a virtual or physical machine image directly on the backup or media server as a VM and put it into production. This capability is a game-changer when it comes to system-level recoveries because it enables server systems to be brought back in minutes -- a system no longer has to be recovered on new hardware and then put back into production.

So when does it make sense to mount a backup versus recover from a backup?

Challenges with mounting backups

Mounting backups and running them on media or backup servers decreases recovery time objectives (RTOs) by orders of magnitude, but the technology is subject to real limitations. For example, backups mounted on a media or backup server will often run in a degraded state, although exceptions exist when there is a separate physical host for those mounts. Media or backup servers are sized for backups, not application production and ongoing backups, so organizations should ask and answer the following questions while planning their data protection methods:

  • How often do physical hosts fail?
  • Will the budget allow for overprovisioning media or backup servers?
  • If not, can applications, application owners or users tolerate running in a degraded mode if there is a physical host failure?
  • How much degradation can users tolerate?

When answering these questions, many data protection professionals will envision a single VM running concurrently with the backups on that media or backup server. But that's an unrealistic scenario today. Should a physical host die, there will be far more than a single VM that will have to be brought up on media or backup servers. Additionally, most media or backup servers back up more than one hypervisor-equipped host plus other nonhypervisor-equipped hosts. Should there be a multiple host outage, each media or backup server will likely have to mount several dozen VMs concurrently.

Mapping features of Hyper-V to VMware

Introduction

Businesses thinking about deploying new virtualization solutions would do well to begin by comparing the available features of different virtualization platforms before deciding upon which platform to implement. Microsoft's Hyper-V virtualization technology, which is built into their Windows Server operating system, together the VMware platform and its line of products, represent the two most popular virtualization solutions used by enterprises today. Many features of the Hyper-V platform have close or near parallels in the VMware world, and likewise many VMware capabilities are mirrored almost exactly in the Hyper-V universe.

Unfortunately this overlap between these two technologies is obscured to some degree because of how different features are named in both platforms. If you were able however to translate the name of a Hyper-V (or VMware) feature into its most closely corresponding VMware (or Hyper-V) feature, you would gain some immunity from the oceans of spin that attends each of these virtualization platforms. The net effect would be to allow you to more rationally compare and assess the capabilities of the two platforms instead of being swayed and tossed two and fro by the waves of hype emanating from their marketing departments.

The purpose of this article is to do just that. In other words, to provide you with a way of translating Hyper-V terminology into VMware terminology and vice versa. Using this cross-reference will then enable you to determine which virtualization technology has the capabilities you need to solve your business problem.

The purpose of this article is to do just that. In other words, to provide you with a way of translating Hyper-V terminology into VMware terminology and vice versa. Using this cross-reference will then enable you to determine which virtualization technology has the capabilities you need to solve your business problem.

Comparing terminology for virtual machines

At the heart of it, the function of both VMware and Hyper-V is to run virtual machines so you can virtualize workloads, desktops, applications and services. The first table below compares the terminology that VMware uses for describing its virtual machines with that used by Microsoft for a similar purpose.

VMware terminology

Microsoft erminology

Service Console Parent Partition
Templates Templates
Standard/Distributed Switch Virtual Switch
Standard/Distributed Switch VM IDE Boot
Hot Add Disks & Storage Hot Add Disks & Storage
Distributed Resource Scheduler (DRS) Performance and Resource Optimization (PRO)
Distributed Power Management Core Parking & Dynamic Optimization
VMware Tools Integration Component
Converter SCVMM P2V / V2V

Table 1

Get Help Now

Thank you for contacting us.
Your Private Investigator will call you shortly.