There are hundreds of sites online instructing how to wipe a phone that you’re going to sell, but none suggesting how to ensure that a used phone that you’re purchasing is completely reset.
I’m not very familiar with the lower level Android underpinnings, but I’m reasonably certain that if you were informed enough to “root” a phone, or whatever, then you might be able to bypass certain security features and compromise the account of the next owner.
I’m not super paranoid, so if anyone has the basic 80/20 on this, that would be super.
When selling certain Samsung Galaxy phones the seller needs to remove it from his Samsung account BEFORE he sells it and does a factory reset on the phone, the buyer cannot do this . There can be issues if this is done after the phone is sold and already factory reset. I’ve had a Note 4 returned to me because I removed it from my account after I did a reset and the buyer could not get it to work (a very knowledgeable buyer). He had to send it back to me and sign back in on the phone and then go to my Samsung account and remove it from the account and then do a factory reset.
I worked on cell phone refurbishing about 5 years ago, and one of our error codes was “hacked/rooted”. Such a phone had to be completely reprogrammed before it could be screened any further for problems. Since we were factory-resetting all of them to begin with the first thing we did, if factory-resetting got rid of the rootkit (or whatever it’s called) that wouldn’t have been an issue. However, you definitely would be able to tell that it was rooted when you went to reset it, you just wouldn’t be able to do anything about it without access to the software and application that loads the software onto the phone. (Rooting never survived having the entire software overwritten, although I don’t doubt that it might somehow be possible.)
typically “factory reset” means wiping all a customers DATA (settings, address book, game saves, that sort of thing). What you’re worrying about are malicious PROGRAMS (commonly called malware). To be completely sure the operating system (Android, in this case) hasn’t been modified in a dangerous way, you need to flash (i.e. install) the stock firmware (operating system plus default apps).
Obtaining the stock firmware is fairly easy if you know the model number. You can find the model number by going to settings > about device. The pattern varies by manufacturer but it will usually be a mix of letters and numbers that make no sense (for example, my tablet is an SM-T280). Armed with the model number you should be able to find a guide that will take you step-by-step through the process of restoring the device to stock. Be careful, though. It is possible to brick a device (render it unbootable) if you do this wrong. Most guides will also warn you of this possibility. If you’re not interested in learning to play around under the hood of android, I’d suggest enlisting the help of a friend.
I’ve flashed and reflashed (and occasionally restored) several devices of my own, so I’m pretty familiar with the process.
The problem with reflashing stock firmware is that there are several different pieces of firmware on a phone. Not all (if any) are accessible to ordinary users.
It’s entirely possible for a rootkit to install itself in one of the other, lower level, firmware areas and persist thru a standard stock firmware flash.
It’s not like the old days of flashing a new PC BIOS.
You’re correct. I should have stipulated stock firmware, bootloader, and recovery.
Generally, the stock firmware downloads I’ve encountered (on xda-developers.com or sammobile) that are labelled as “original” or “replacement” roms include all of these.
Certainly, any guide for restoring to stock condition will list all the steps you need to take to restore it to like-new condition (software-wise, anyway). Also, these roms are usually designed to remove any traces of software modification (for warranty or return purposes), so they’ll write over the entire boot process.