Paul Marks, chief technology correspondent

Mailing your cellphone to a recycling company might make you a few pounds, but it can leave you at risk of identity theft. The deletion techniques recycling companies use are meant for hard discs, and so don’t work on the solid-state flash memory used in mobile phones. That means personal data like banking info, texts, contacts and pictures can end up in the hands of, well, anyone the phone ends up with.
To remedy the problem, British company BlackBelt Smartphone Defence of Skelmersdale, Lancashire claims to have developed a software algorithm that can securely delete data on cellphone memory chips. The trouble with data in a flash memory chip is that it is protected by an on-chip protection algorithm called the wear leveller. This hard-coded routine does its best to ensure the chip’s lifetime is maximised so that each memory cell’s ability to store charge is not worn out.
“The problem is that the wear-levelling algorithm ends up working against the data wiping technique used for hard drives, which tries to overwrite all the data,” says the company’s Ken Garner.
What the firm has done is write their own algorithm, called BlackBelt DataWipe, that works with, rather than against, the leveller routine to render data irrecoverable. “It is like having a shredder for personally identifiable data,” says Garner.
However, they don’t yet know if their method is proof against sophisticated, nation-state level attacks – which might use electron microscopes to read the last vestiges of the zeros and ones on a memory chip. “I imagine if you’re GCHQ you’ll probably have technology that could get around this and recover it in some way,” says Garner.

As it turns out, GCHQ’s paymaster, the British government, is considering the technology for an award. If the algorithm wins, it will be showcased at the British pavilion at Mobile World Congress in Barcelona at the end of the month.

Source: New Scientist