So, here’s the situation: I recently backed up my Bitwarden data and chose the unencrypted JSON format for ease of importing into another account without the hassle of remembering a password.
I stored this backup on my phone’s internal storage temporarily, then uploaded it to Proton Drive, which uses a zero-knowledge infrastructure. After successfully uploading, I deleted the backup file from my phone.
Now, I’m considering selling this phone, but I’m concerned about whether the deleted backup file could potentially be recovered. I’ve heard that modern recovery software can restore deleted data, even after it’s been “erased.”
How worried should I be about this? Is there a way to ensure that the file can’t be recovered before selling the phone? Looking forward to your insights!
If you are worried about someone like the NSA: I would smash the phone with a hammer, and then incinerate it.
If you are worried about some random person you will sell it to: if the phone storage was encrypted when you used it (nowadays most are when unpacked), a factory reset should be enough.
I think @kpiris made the distinctions very succinctly. I would add that, not just the NSA, if your adversary is potentially anyone with expensive (and possibly hard to get) forensic software, I would follow the NSA path.
The theory why a factory reset would work is that, when you use the phone, encrypted by default, it’s encrypted with a key secured in your hardware, which in turn protected by your PIN/biometrics. Once you factory reset, the key stored in the hardware is erased, and no one has the capability (including the NSA) to get at it.
Why the above theory wouldn’t work is that, the people providing the encryption platforms may have bugs/vulnerabilities, which expensive forensic software / NSA could exploit. Android’s hardware/implementations are also highly varied; it’s hard to tell which parts the manufacturer/Google does. The manufacturer may take shortcuts, producing an insecure phone, intentionally or unintentionally.
My phone is an old model (Xiaomi Redmi Note 4, Android 7), which I bought in 2017. I just found out today that there is a setting to encrypt the phone, but it is turned off by default (I have not activated it yet). Do you think this encryption is reliable, considering this is a 7-year-old phone?
I think it’s impossible to tell if the encryption is reliable or not; people just assume they are. Encrypting is better than not-encrypting from the security / privacy standpoint. Encrypt now, and when you want to get rid of the phone in the future, resetting the phone, getting rid of the encryption key, would protect your encrypted data better, with buggy implementations or not.
BTW, the encryption on your device is probably not hardware-backed. With the phone being out of updates, it’s best to keep all confidential information off the phone.
