Shred & overwrite data on Android with ADB

Hello,

I would like to find a solution (FOSS & GUI) to shred files on an Android smartphone and overwrite the device’s free space from a Linux PC,

then, in a second phase, a solution for recovering deleted data from this smartphone (to check the effectiveness of the shredding)

I use on the one hand Linux Debian and on the other hand, a non-rooted Android smartphone,
As I’m familiar with the adb program, I’ve tried to use it with Bleachbit and Testdisk, but these programs don’t detect the smartphone…

At least, I’d like to know if it’s possible to access the /data part of a non-rooted smartphone from adb?
(In this case, the “–user 0” command doesn’t work…)

Thanks !

You can use Extirpater by DivestOS with the “SecureRandom” setting for a secure erase.

Overwriting data is pretty pointless on modern storage. The only effective way to destruct data is to get rid of the decryption keys, which in android is a default on factory reset. If you cannot rely on that you should, with caution, physically destroy the device, after reset, through propper means aka actual shredding.

It still is an effective method to reduce lifetime of deleted data.

If it is on a properly encrypted phone (this varies by brand and model):

1. Do a manual backup of your files by copy-paste to another computer.
2. Perform a factory reset on your android phone.
3. Restore the copied files back to the same directory.

No need to shred anything and waste NAND flash write cycles.

How to check this on an Android smartphone ? Thanks,

For both smartphones and modern computers ? In this case, what is it the utility of programs such as Bleachbit ?

It’s only really useful if you have HDD drives. On ssd you are just wasting your durability. NAND (ssd/flash) typically do not use the same physical location on each write given by the flash translation layer. I believe the term is wear leveling should you want to get more info online.

If you dont write on the same physical location it is still possible to recover data.

Edit: was corrected by @gregandcin

In the settings there should be something that looks like this:

IMG_20241126_0107041008×2244 109 KB

Just want to clarify that its HDDs with physical spinning discs you should be doing this for, which are typically SATA based, but SATA based SSDs exist in both 2.5 inch and M.2 form factors

Thanks for the clarification!

So running a 7-pass secure erase on a USB stick will not do anything other than ruin it? How would you go about making data forensically unobtainable on a USB stick that already had unencrypted data on it?

Encrypt the drive with LUKS and just fill it with junk data. There is a CLI tool to do this F3 (fight flash fraud), IIRC.

Then just a do quick format.

Moving forward, always encrypt and use a USB drive when you can.

I could encrypt with APFS then use macOS` secure erase (two-pass) instead, that would achieve the same thing right?

What’s the point of encrypting it first and then overwriting the data though?

Filling a drive with junk data is useful regardless of medium.
It can still dramatically reduce the lifetime of data on flash disks and largely eliminate it on mechanical disks.

If you want to be sure you should be combining both data filling and built-in erasure methods (ATA secure erase or nvme sanitize or nvme block erase).

For Android specifically there is far too much spare area in the system and firmware partitions to make filling that useful, but it can still have some benefit.

For luks, please note your header can be backed up at anytime, so if your drive doesn’t really discard it could later be combined to restore data even if you thought it was fine. Hence combining is good.

And finally physical destruction when it really matters is the only option.

For information, how much time does require the encryption of a 16Gb USB stick with LUKS ? Does it depend of the USB speed (2.0/3.0) ?