It restoring deleted photos onto wiped devices that have been resold is a privacy nightmare.
I wonder if they’re doing that to reduce the write cycles on the cells and since they’re “encrypting” the contents of the cells they figure the overall IO flag of the data being deleted is “good enough”.
So, in a perfect world, when you wipe the phone it’s basically just trashing the encryption key and so it’s useless data.
That’s all assuming that the encryption method/keys are foolproof which is always a bad bet.
And, this here makes me wonder how effective that is.
And a person claimed in a later post that “around 300” of their old pictures, some of which were “revealing,” appeared on an iPad they’d wiped per Apple’s guidelines and sold to a friend.
That’s a huge issue. Not just for photos but also files for sensitive data, secrets, etc. this, if true, is a massive issue overall since it even happening at all shouldn’t be possible.
It seems unlikely that this is accidentally reading old encrypted data blocks. The filesystem wouldn’t even try to access data that it hasn’t written to yet. So you would need both filesystem bugs and bugs with encryption key management.
I think the theory that iCloud is accidentally restoring images based on the device ID is much more likely. It is also quite concerning but seems more plausible to me.
Offloading the data to the cloud and making it accessible on other devices no longer signed into iCloud.
That is so much worse if true.
That’s unnecessarily clickbaity, the article doesn’t mention it’s specifically nudes that came back, just old photos.
The person who started the thread claimed that NSFW photos they had deleted “years ago” were back on their phone.
Another Reddit user said that they saw photos from 2016 show up as new images but that they didn’t think they’d ever deleted them. And a person claimed in a later post that “around 300” of their old pictures, some of which were “revealing,”Removed by mod
So now we know, iPhones and iPads don’t TRIM their storage memory.
$.05 explanation for those unfamiliar?
Here’s the ELI5.
Imagine there’s a set of lockers in a school.
When a student leaves the school or changes lockers they remove the label on the locker but don’t empty it.
A TRIM, however, means that they not only remove the label from the locker by also clean out its contents.
Not quite; the contents all go in a bag labeled “trash” — someone still has to remove it from the locker.
TRIM is a command / instruction for solid state storage to release a block of data, so it is blanked and ready to be written again.
No, it actually isn’t. TRIM doesn’t erase data.
https://www.techtarget.com/searchstorage/definition/TRIM
Trim marks blocks for deletion. It doesn’t delete anything.
Usually when you “delete” data on a storage medium you really just remove a reference to it. The data is still sitting on the disk if you know where to look.
TRIMis a command that tells the storage device “I don’t need this anymore” and usually the hardware will return empty data the next time you read it (really the hardware is doing the same thing of just forgetting that there is data there, it is turtles all the way down, but it will track that this block is supposed to be empty and clear it when you next read it).However I think this is an unlikely theory. It would require two bugs:
- The OS would be trying to read data that isn’t supposed to exist. This would be a bug on its own that would likely be quite visible.
- The iPhone uses disk encryption, and when you reset the device the key is (supposed to be) reset, meaning that even if you read the old data it would be useless.
Both of these would be very significant and unlikely to last long without being discovered. Having both be present at the same time therefore seems very improbable to me.
