Don’t Sell Your Android Device

Don’t sell your Android device.

Seriously, don’t. Getting a new one? That’s fine. Tuck your old one in your closet. Better yet, drill a hole through its heart or take a sledgehammer to the thing.

Just. Don’t. Sell. It.

If you have a BlackBerry or an iPhone, you’re okay. Go ahead and wipe your data, reset to factory settings, and sell away—everything’s good.

But you Android users out there cannot trust this gold-standard method of cleaning devices for resale purposes. It simply doesn’t work as advertised on Google’s mobile platform.

McAfee identity theft expert and amateur hacker Robert Siciliano bought 30 devices from Craigslist, mostly smartphones, to determine how effectively normal people remove their personal information from gadgets before selling.

He teamed up with a forensics expert with extensive computer knowledge to try and dig up goods. Half the devices revealed no information about the previous owner’s identity—no matter how deeply the hacker duo penetrated. But the other 15 devices coughed up a plethora of valuable private data without much difficulty.

Robert and his forensics partner were able to peel bank account information, Social Security numbers, court documents, credit card account logins, and more from Android smartphones. The kicker? Many of those exposed devices had been properly wiped and reset by their previous owners.

“Even if you follow protocol, the data is still there,” Robert told the Los Angeles Times. “[It’s] really scary.”

RIM fans, however, should feel proud: BlackBerrys proved impenetrable. “RIM has fantastic software,” he explained, noting that the Canadian company does “a really good job of destroying data.” He also affirmed that Apple’s iOS platform proved strong and secure.

But Androids failed miserably. “If you live in Texas, take [your Android] out into a field and shoot it,” he suggests. “Don’t sell your identity for 50 bucks.”