As an Australian who wrote about the demonstrations while on campus, I gave my phone a superficial clean before flying to the U.S. I underestimated what I was up against.
Almost everything is recoverable unless you do a deep scrub of the onboard storage with special tools, and even then I wouldn’t guarantee it. You cannot recover what never existed.
The encryption key is wiped and overwritten on a factory reset. Encrypted data can be recovered, but good luck decrypting that.
It would take a classified amount of capability to get through that, likely isn’t possible at all, and isn’t likely to be used against random dissidents.
They will get your IMEI, which doesn’t change. This can be used to see where you’ve connected to cell phone towers in the past.
For nearly everyone a factory reset of the phone is just as good as a burner phone, unless you need to hide your IMEI history.
Both a factory reset phone and a burner phone are vulnerable if you use them to sign into existing accounts.
Are you citing something specific, as in a toolset that has been leaked that the government is known to use with what it can retrieve or do you mean theoretically? I mean, sure, if an organization went to the extremes and desoldered the NVRAM from the phone and dumped the contents from an external reader they could likely get much more than fragments.
Unless you do a proper secure wipe the data is recoverable. In recent versions of iOS, Apple has implemented a method whereby they encrypt the data without a decryption key before “deleting”. This should be impossible to recover if we assume some vulnerability in this method hasn’t been found and exploited by some Israeli infosec company…again.
If your freedom and safety are on the line, spend the $35 of the dumb burner.
You can run a direct disk copy of a phone and then recover “deleted” data. You need root access to do it. I’m sure they have plug in tools to do it on most phones. Just don’t give them your access password or don’t use your old phone.
Just say that you brought an old phone in case it gets lost or stolen since you don’t have cell access anyway, no point in bringing your good phone.
Why not a “wiped” old smart phone? What isn’t wiped at a factory reset?
The hardware identifiers like IMEI and serial number are the same, which means previous use of the phone can be linked to you.
Almost everything is recoverable unless you do a deep scrub of the onboard storage with special tools, and even then I wouldn’t guarantee it. You cannot recover what never existed.
The encryption key is wiped and overwritten on a factory reset. Encrypted data can be recovered, but good luck decrypting that.
It would take a classified amount of capability to get through that, likely isn’t possible at all, and isn’t likely to be used against random dissidents.
They will get your IMEI, which doesn’t change. This can be used to see where you’ve connected to cell phone towers in the past.
For nearly everyone a factory reset of the phone is just as good as a burner phone, unless you need to hide your IMEI history.
Both a factory reset phone and a burner phone are vulnerable if you use them to sign into existing accounts.
This defeats the point of a burner.
Are you citing something specific, as in a toolset that has been leaked that the government is known to use with what it can retrieve or do you mean theoretically? I mean, sure, if an organization went to the extremes and desoldered the NVRAM from the phone and dumped the contents from an external reader they could likely get much more than fragments.
Unless you do a proper secure wipe the data is recoverable. In recent versions of iOS, Apple has implemented a method whereby they encrypt the data without a decryption key before “deleting”. This should be impossible to recover if we assume some vulnerability in this method hasn’t been found and exploited by some Israeli infosec company…again.
If your freedom and safety are on the line, spend the $35 of the dumb burner.
Do phones actually cost $35?
Cool, thanks.
You can run a direct disk copy of a phone and then recover “deleted” data. You need root access to do it. I’m sure they have plug in tools to do it on most phones. Just don’t give them your access password or don’t use your old phone.
Just say that you brought an old phone in case it gets lost or stolen since you don’t have cell access anyway, no point in bringing your good phone.