1

I'm running a custom ROM (MIUI xiaomi.eu 12.0.2/Android 10QKQ1.90910.002) and my phone is rooted. I want to encrypt my old deleted data (photos and videos) so that they can't ever be recovered after selling my phone because right now I can recover them using apps like diskdigger.

BelowAverageUser
  • 11
  • 2
  • 1
    Just write a large random file to cover the whole disk then delete it. That will stop Diskdigger from getting the deleted data (it might be possible for very advanced and very costly/destructive hardware attacks to get tiny fragments of data, but its not a threat unless someone is specifically targetting you and has losfs of money to throw at it) – davidgo Feb 15 '21 at 18:48
  • Also, are you sure you cant just lock and unlock the bootloader? All Android phones Ive ysed for many years have FDE - in which case, removing the enncryption header wipes the data partition irrecoverably. Locking and unlocking the bootloader normally wipes this. – davidgo Feb 15 '21 at 18:51
  • I have already tried the method of writing large files then deleting them and it doesn't work, unfortunately. I will try to lock the bootloader and see if it works. –  Feb 15 '21 at 19:02
  • do not try to lock bootloader on rooted device, especially on xiaomi devices that is bad idea (you remember the hassle unlocking bootloader?) just flash stock ROM and boot once - that will encrypt the whole userdata partition. you can run adb shell dd if=/dev/urandom of=/data/local/tmp/bigfile until low storage warning appears, then just do factory reset – alecxs Feb 15 '21 at 19:30
  • 1
    Run blkdicard on block device of userdata partition in recovery mode before flashing a new ROM. More details: How to make a complete factory reset, without anyone being able to retrieve my data? – Irfan Latif Feb 15 '21 at 19:48
  • @IrfanLatif How do you run blkdiscard on android? If I understood correctly, it's a command that you can run on Linux using the command line. – BelowAverageUser Feb 15 '21 at 21:06
  • Yes. Android runs on Linux kernel. You can run the same commands on Android too, though not all work. TWRP provides a built-in terminal plus adb shell to execute commands. – Irfan Latif Feb 15 '21 at 21:17
  • blkdiscard is a busybox applet – alecxs Feb 15 '21 at 22:09

1 Answers1

1

You cannot encrypt data which has been deleted. As Tetsujin mentioned, you are meant to encrypt the data beforehand. You can then discard the encryption key.

What you want to accomplish, then—ensure that cleartext deleted data be unrecoverable—is inherently difficult. It's not trivial to hide these things from experienced forensic laboratories.

That said, unless you are trying to protect your data against an adversary such as a nation state, there are steps you can take. Re-encrypt your phone now and, after ensuring that data encryption is enable, initiate a full wipe. This should render apps like DiskDigger ineffective.

Joseph
  • 126
  • 2