Friday, 17 November 2017

Really serious What's App & Huawei security concern and a valuable lesson.

So today I got myself a shiny new Samsung S7 Edge.

We'd decided that my wife would have my old Huawei P8 and I would help her set it up later on in the day.

When I got my new machine, I took out the Micro SD card from my old P8 and Sim and put them in the new phone. I did a complete factory reset on the old P8 and put it on one side for later. Then I spent all day playing with the Edge.
Later on my wife returned home from work and I removed her sim from her old phone and put it in my old P8. Now, we had toyed with the idea of selling the P8 but eventually she decided she would take it. But hold that thought, because it's really important.

From the fresh reboot (again, to re-iterate, this was many hours after a FULL factory reset) I set her handset up. For clarity, I used NFC. I held her old phone with it's back facing my old phone (my S7 was on charge not in the same place - there's been no NFC confusion here). I did the same process with my phone and all 108 apps installed fine. My wife only had 47 apps, so I left it alone and we came back later. Most of the backups had worked perfectly and kept her log in details too, she was able to log in to her facebook account and her gmail, everything was working as one might hope it would.

Then she started What's App. As would be expected, she logged in with her phone number, the verification text came through, and she got a message about allowing the app to auto read her SMS, I checked the app permissions and they were already enabled. The SMS came through, returning to the App, and we were logged in. Logged in, with her account, her profile picture and her name, but, and here is the thing I was fuming, curious & bewildered about. All of MY conversations we there, every single word, every contact, every conversation.

So, to be clear,

  • I bought a new phone, 
  • Factory reset my old phone,
  • Gave my old phone to someone else,
  • They logged into their whats app account,
  • They got all of my conversations. 
Later on the same evening after I'd deleted What's App and reinstalled it (which worked) my wife opened Google Photos. 
"I think I've got some of your pictures here as well"
I looked and sure enough, all of my screenshots were there, mingled with her new ones. 

This was when I realised what had happened. This was my fault. 

When you factory reset a handset, there is a tiny icon I forgot about. I didn't want to format my SD card, so I didn't give it a second thought, but this checkbox formats a portion of the internal memory. A part of the internal memory that Android has stupidly called it's SD card for years. But it's not an SD card at all. It's internal memory. 

Once I figured this out, I went back to factory reset and noticed this small green checkbox. Like I said, technically, this was my own fault. But, how many people have bought 'factory reset' android handsets that have been through the process as above. And as so many millions of people use What's App, and the preinstalled Google Photos app? How many times have people ended up with other peoples What's App conversations and worse still, personal Google photos?

When selling a handset on, ensure you click that 'erase sd card' or 'erase internal memory' the one that isn't checked by default. 

Learn from my lucky mistake.