Some of you might have read the article from Jonathan Zdziarski where he states that all your personal data is still on the iPhone after you have restored to a new firmware.
For the people who haven’t read it i’ll quickly explain.
When you restore your iPhone through iTunes, all it does is a quick format.
This means that all your data is still on the iPhone although no longer in the partition table.
If you use Jonathan’s iPhone Forensics Toolkit, it’s not that hard to get all the data back in the open.
This means that all your pictures, e-mails, cookies, etc,etc are visible to the next person who is going to own your iPhone !
The original article (iPhone Privacy Alert: Restore Mode Leaves Much Personal Data Intact) can be read here.
Why am i telling you this information ?
Cause I know many of you will probably sell your current iPhone when the new 3g version is available.
I think i found a way it involves 2 steps and a lot of time :)
the following tutorial permanantly scrambles your Addressbook, Calendar, Notes, callhistory, voicemail, SMS, Safari, Mail and Pictures and everything else you have on your iPhone media partition.
I will explain what you have to do, but you need to know some things first.
The iPhone or iPod comes in different flavors (4gb, 8gb, 16gb and last but not least 32gb).
Although the sizes of the iPhone are different, the way the disk is partioned (divided) is the same.
You have 2 partitions (1 system that normally holds about 300mb and 1 data (music, video’s, mail, contacts,etc) that holds the rest.
What we need to do is get everything off the Data partition. How are we going to do this ?
We will use some basic commands (where you will only have to type 2) to really destroy all of your personal data.
WARNING : Only do this if you are planning to sell your iPhone or if you need to return it to Apple
This tutorial only works on a jailbroken phone !
1) If you don’t have a jailbroken iPhone, use one of my beginners guides to get it jailbroken.
2) Make surz you have installed the BSDSUBSYSTEM and the OPENSSH packages.
3) Go to our sources page and add the iPhoneFreakz.com source.
4) Open the installer and go to the iPhonefreakz category. Install the Erase Utility.
5) Connect your iPhone to your wireless network.
6) Connect with a SSH client to your iPhone (Putty, or whatever client you prefer)
7) Log in with the username root and password alpine
9) copy and paste the following command
/usr/bin/find /var/mobile/ -type f -exec /usr/bin/shred -u ‘{}’ \;
10) Wait a longggggggg time ..(it’s best you let this run and come back after some time .. )
11) Once the command is finished no one will ever find any personal information back on your iPhone.
12) Restore your iPhone and give it away (i can always use a extra iPhone :) or sell it now with confidence that your personal data won’t be retrieved.
Enjoy
gr,
Multinova
ps: i’ll add some screenshots over the weekend.
[ad#inblog]
\\ tags: 3G, erase, format, iPhone, iPhone Forensics Toolkit, iPhone media, ipod touch, Jonathan Zdziarski, secure, sms, wipe, wireless network
May 23rd, 2008 at 4:54 am
Thank you sooo much Multinova. I’m sure this will help tons of people. =]
Oh, and a question. Is Jonathan’s iPhone Forensics Toolkit availble for download somewhere? Or is it something he created for himself?
May 23rd, 2008 at 9:12 am
[…] misschien de oplossing voor het probleem: Securely wipe your iPhone the guide ! iPhoneFreakz the following tutorial permanantly scrambles your Addressbook, Calendar, Notes, callhistory, […]
May 23rd, 2008 at 10:17 am
I hope that the Remote Wipe feature on the 2.0 Firmware is a bit secure !
May 23rd, 2008 at 10:37 am
A very nice thing to do ! Thnx Multinova :)
Multinova , can you please make Erase Utility downable without needing installer ? i would really be greatfull if you do that .
Multinova .. you’re the king !
May 23rd, 2008 at 10:38 am
Hi Braden,
The toolkit isn’t publicly available, Jonathan only released it to law enforcment agencies, but you can recreate his toolkit if you know some *nix.
May 25th, 2008 at 4:59 am
You can try this
http://rapidshare.com/files/117402977/erase.zip
May 27th, 2008 at 8:46 am
Hey guys please help!,How to remove this from installer.When I want to Uninstall Erase Utility it saying Reinstall not Uninstall.Mayby I can remove it by SSH.
Thanks for your time.
May 27th, 2008 at 10:21 am
Serge,
When you install this app, and you follow the procedure above, your device will be screwed :) the only way to get it back in it’s original state will be to restore.
If you just installed the app and you’d like to remove it, there’s no need for, the app just installs 2 binary files, they don’t get executed automatically.
You need to follow the procedure to activate them.
May 27th, 2008 at 2:05 pm
Thank you very much.
Where I can find this files?What dir. I realy want to delite them.
Tanks. :mrgreen:
May 28th, 2008 at 3:26 pm
Is this program iPod Touch compatible? When I attempt to run it “failed to open for writing: no such file or directory”
May 29th, 2008 at 12:17 am
:sad:
i don’t understand what a SSH client is..?
where should i copy paste it.
June 4th, 2008 at 1:16 am
[…] Go to: -> Settings/General/Reset/Erase all Content and Settings, to do a cursory wipe. Although recent stories about data being recovered off old iPhones has some people worried. For the paranoid, a more comprehensive guide to wiping your iPhone is located here, or if your phone is jailbroken already, a better (in the terms of security) one here. […]
June 6th, 2008 at 9:04 pm
Hey man,
Thanks so much for putting this together.
When I run the shredder from the ssh prompt, I think I get an error message. The thing runs for quite a while, but when it finishes, all my files remain intact.
This is the message I get after copying/pasting the line you wrote above:
# /usr/bin/find /var/mobile/ -type f -exec /usr/bin/shred -u ‘{}’ \;
dyld: Library not loaded: /usr/lib/libintl.8.dylib
Referenced from: /usr/bin/shred
Reason: image not found
/usr/bin/find: /usr/bin/shred terminated by signal 5
Any thoughts would be great!
wilson
June 7th, 2008 at 1:48 pm
Hi Wilson,
You need the libintl.8.dylib file. Do you have bsd subsytem installed ?
June 7th, 2008 at 4:20 pm
Thanks Multinova. Yes, the bsd subsystem was installed, but perhaps I’ll try reinstalling it to see if that works.
Thanks.
June 8th, 2008 at 10:42 pm
Multinova, could you please help?
I am stuck at the ninth step. How do I send the /usr/bin/find /var/mobile/ -type f -exec /usr/bin/shred -u ‘{}’ \; command to my iPhone. I using the program Transmit version 3.6.6 so where do I copy and paste that command? Or should I be using another SSH program?
Thanks
June 8th, 2008 at 11:00 pm
Hi TM, I think you should use the terminal application of your Mac. Transmission is only a file management app. I don’t know for sure, but i think Fugu can send commands ?
Easiest way would be to use the terminal app.
June 8th, 2008 at 11:10 pm
Okay so I just connect my phone, open Terminal, type that command, and it is cleared?
June 8th, 2008 at 11:21 pm
No , You open terminal (check the ip on your iPhone)
type ssh -l root (iphone ip addresss)
type the password
and then when you see a black screen with a prompt, you can copy and paste those commands above :)
June 11th, 2008 at 9:09 am
It didn’t work..got:
/usr/bin/find: /usr/bin/shred terminated by signal 5
dyld: Library not loaded: /usr/lib/libintl.8.dylib
Referenced from: /usr/bin/shred
any suggestions
June 25th, 2008 at 4:14 am
When I run the command I get just error messages about failing to open for writing. This is repeated for what appears to be every file on the system. I followed the directions step by step. Any help is appreciated.
Sample of the error.
/usr/bin/shred: ‘/var/mobile/Library/Mail/Accounts.plist’: failed to open for writing: No such file or directory
June 25th, 2008 at 5:16 pm
I got the same thing. I used cyberduck ( http://cyberduck.ch/ ) to shh into the phone and delete the mail.app/mobile folder/notes/address etc., and all the necessary stuff and trash it. Then restore the phone but not from backup.
You can get $400.00 if you sell your iphone today on craigslist $300.min. Apparently folks want the iphone
Try doing that with an old Razor phone after one year. After you sell your iphone just go to walmart and buy a disposable gophone from t-mobile or att at bestbuy for $14.00. and wait two weeks to buy the new iphone.
http://www.bestbuy.com/site/olspage.jsp?skuId=8412345&st=gophone&lp=1&type=product&cp=1&id=1181347746128
June 26th, 2008 at 5:31 am
:sad:
Help!
On instruction 3 on the wiping data for selling my iPhone: 3) Go to our sources page and add the iPhoneFreakz.com source.
I went to the sources page, and do not find that at all?????
Help!
Bird
June 26th, 2008 at 9:43 am
:mrgreen:
Nevermind — understand that part now.
When I emtered the root and IP, and then the password alpine, the prompt showed a # sign, then a ^M while the long erase is running? Is that normal (am using PuTTY btw).
Also, when you say loooonnnngggg time, do you mean like many hours? I know it varies, but mine has been running for 3 hours now, and is still going — I guess (not sure what the ending command prompt will indeed be confirming clean?).
Lastly, how does one check if indeed it has done its job?
Thanks again for putting this up!!!!!!!! :wink:
Bird
July 13th, 2008 at 9:38 pm
I am getting the same errors noted by another user regarding the “libintl.8.dylib” file. Where can I get this? I have BSD Subsystem installed.
July 13th, 2008 at 9:45 pm
For reference, here is the error I am getting. Again, BSD Subsystem is installed.
Thanks for the help. I really need to get this iPhone off to its proud new owner tomorrow or the next day and don’t want my personal information leaving the United States and finding its way into the hands of an eBay buyer.
Terminal Output (Error):
dyld: Library not loaded: /usr/lib/libintl.8.dylib
Referenced from: /usr/bin/shred
Reason: image not found
/usr/bin/find: /usr/bin/shred terminated by signal 5
July 13th, 2008 at 10:15 pm
I found a copy of libintl.8.dylib (it was referenced here: http://www.hackint0sh.org/forum/showpost.php?p=244037&postcount=18). Downloaded it, and copied it via sftp (using Cyberduck) to /usr/lib on the iPhone. The original error where the library was not loaded went away. But…
Like J dubb (see post above from him), now I am getting a stream of “failed to open for writing: No such file or directory” errors.
Doesn’t seem to want to work for me. :(
March 10th, 2009 at 7:49 pm
I have the exact same error as Dennis.
BSD installed, reinstalled…
error message ==> dyld: Library not loaded: /usr/lib/libintl.8.dylib
My firmware is 1.1.4 on an ipod touch.
Nobody has another solution?
August 3rd, 2010 at 9:44 am
It worked for me. Iphone3GS 16GB 3.1.3 jailbreaked.
Download
http://apptapp.saurik.com/com/saurik/Packager-1.0.133-2.zip
Rename the libintl.8.0.2.dylib stored into the package to libintl.8.dylib and copy it to the \usr\lib directory on your Iphone. Put a copy in the \usr\libexec\cydia_\ directory.