iPhone forensics toolkit raises questions about privacy

You may have reason to worry about your personal data resurfacing if you've returned an iPhone back to the Apple Store or sold it on eBay. It appears one developer discovered a serious privacy issue with refurbished iPhones after creating a forensics toolkit that allowed him to recover deleted email, contact information, and other personal data previously stored on his iPhone.

On his website, Jonathan Zdziarski describes how this is possible. He says that when you do a restore through iTunes, you're basically performing a quick format of the flash drive that doesn't destroy the file system. Personal data is left untouched in the iPhone's NAND memory, and can be restored back to it's original form without any risk of being corrupted. This means that while the average Joe may not have the know-how to recover deleted files yet, someone who does can easily have access to any data you've ever stored on the phone.

Using Jonathan's toolkit, one "verified" detective from the Oregon State Police Department was able to recover sensitive data from an out-of-the-box refurbished iPhone he bought at the Apple store, and sent the developer screenshots of the compromised data. I guess what's alarming is how the detective was able to recover entire emails which contained online banking statements, receipts from online purchases, and possibly even login information to some of the user's accounts.

This is a very serious issue and I can't wait to hear what Apple has to say about it. If Apple doesn't figure out a way for users to safely remove all those undeleted files from the NAND memory before the new iPhone hits the streets, the company will have a mob of angry customers on its hands. 

You can read all about Jonathan Zdziarski's findings here.

Paranoid about privacy? Careful restoring your iPhone then (Ars Technica)