Being that I’m studying for my bachelor’s degree in information technology security, I often find myself experimenting with certain computer security measures and countermeasures. Currently I’m enrolled in a class that focuses on computer and data forensics. Because of this, I have access to trials of some interesting computer forensics programs such as Access Data: Forensic Tool Kit (FTK) and Technology Pathways ProDiscover. Both of these are used by top computer forensics agencies for recovery and analysis of computer hardware and accessories.
Naturally I’ve been experimenting with this software (specifically with ProDiscover) over the past couple of weeks and have found that it is quite good at doing what it does. What is that, you ask? Well, ProDiscover can be used to capture an image from a data source such as a hard drive, jump drive…or even a GPS navigation device. An image such as this contains all of the digital information contained on the device, sometimes even deleted information. That leads me to the topic of today’s article. If you sell your old (or maybe new) GPS navigation device and you have taken the precaution to reset it to factory settings, does it really delete all your old contacts and data?
The answer to this question came surprisingly just a few days ago as I was getting ready to ship my TomTom ONE 3rd Edition navigation system to a buyer from Amazon.com. I realized that before I could ship the system, it would be important for me to have it erase my favorites and added points of interest. While this may not always be of the utmost importance, you may not want your potential buyer to have access to data regarding your home address and the addresses and phone numbers of your 100 closest friends.
In order to erase this data, I simply found the option in the preferences menu to reset the device to factory settings and confirmed my selection twice. Upon doing so, the device reset and allowed me to enter all the initial configuration information just like it would have you do the very first time you turned it on. All is well, or so I thought.
Being the curious type that I sometimes am, I decided it might be fun to connect the TomTom to my computer and have ProDiscover capture an image of it. My objective in doing this was to find out if any of my personal information could still be recovered from the device, AFTER it had been reset. I waited about 30 minutes until the imaging process was complete and what I found was not really too surprising, though maybe at the least a bit alarming. Even after the device had been reset, I could still find instances of both my home address and my school address in deleted files on the TomTom device. Granted, I did have to search for them specifically, but they were still there.
What does this mean? Probably not a whole lot, unless you are ultra paranoid about your personal information. Nine chances out of ten, no one will spend the time or effort to find this information on a device that you have sold. I tried this mainly just to see what would happen, and I ended up learning something in the process. With that said, it may be relevant for TomTom (and other GPS manufacturers) to include some sort of encryption layer for user data on the device, in the future. This way you could have the peace of mind that once you do a factory reset, your data really is inaccessible.