Does a factory reset protect against malware?
Hey there,
I bought a used phone with preinstalled SFOS, and just out of curiosity:
Does a factory reset protect me against preinstalled malware on the phone?
We have moved to a new Sailfish OS Forum. Please start new discussions there.
Hey there,
I bought a used phone with preinstalled SFOS, and just out of curiosity:
Does a factory reset protect me against preinstalled malware on the phone?
A factory reset:
on devices that use BTRFS (e.g.: original Jolla Phone 1), will simply delete the current BTRFS subvolumes (@ and @home) and will make a new snapshot from a reference factory snapshot (factory-@, factory-@home). After that, it will reflash the firmware version from that snapshot (from /boot subdirectory) into the boot and driver partitions. Alien-dalvik needs to be re-downloaded from Jolla Store.
on LVM+EXT4 devices (e.g.: Sony Xperia devices), the reset will overwrite the home and root partition with reference partition image stored in /fimage. Boot and driver firmware partitions will be left untouched, same as the /opt/alien partition (you need to redownload alien-dalvik from store to override).
So at best, it returns the device to a more pristine state.
But in practice you shouldnt trust a compromized device. You can't be sure if virus-infected device will actually do a real factory reset, or if it will only pretend to do so and actually stay infected
Best way is to put the phone in USB Fastboot, and overwrite everything from here. (including re flash of kernel and drivers).
Thx for the good answer.
and overwrite everything from here.
Means ... proceeding like described in the install instructions of SFOS, going from '6.'?
Or will there be the need for additional knowledge which is not stated in the instructions?
BlaeX ( 2020-01-20 12:44:58 +0200 )editSony driver = the blob package that contain all the proprietary firmware to make the phone work (mostly GPU drivers). That is the firmware package you were asked to download from Sony's Opendevices website as part of the flashing of Sailfish OS.
TL;DR: You can skip re-installation of Android (but that should work too).
DrYak ( 2020-03-03 18:37:56 +0200 )editNo, it doesn't, it's somewhat easy to compromise a factory reset by modifying factory reset image or putting malware in the partition that wouldn't be wiped.
Most you can do, is reflashing everything in fastboot mode, though it won't get rid of malware if it modified bootloader for example, but there is extremely low possibility of such malware existing, because almost nobody knows how those bootloaders work IMHO.
As the question has been posed with an hypothetical paranoid eye, one should also consider that malware could have been pushed to the baseband section of a phone (the part that handles the GSM/3G/4G communication) where it is extremely difficult to detect and to eradicate, due to fact that very little is known about those chipsets, they are running opaque 'blobs' of closed-sourced code, and they are essentially independent of the main processor that runs e.g. SFOS.
simosagi ( 2020-01-21 00:52:39 +0200 )edit@simosagi Qualcomm modems that are integrated in SoC probably don't have any writeable memory that can persist after device poweroff. If they had one, it wouldn't be necessary to load firmware for modem initialization.
0xe4524ffe ( 2020-01-21 01:08:36 +0200 )editwell...in theory it should because you "erase all data" but if the "malware" gets in to your CPU or such a reset wont help, just dont click on "stupid ads" or suspisious links and you should be fine from malware/viruses.
NexionTech ( 2020-01-20 12:12:58 +0200 )editThis thread is public, all members of Together.Jolla.Com can read this page.
Asked: 2020-01-20 11:48:50 +0200
Seen: 724 times
Last updated: Feb 03 '20
When performing a factory reset, 1.0.0.5 always present afterwards [answered]
how do i reset factory settings? [not relevant]
[BUG]: Factory Reset: no storage left [answered]
clean-up program for Jolla ("fresh install" / "pure factory reset")
When I reset my Jolla back to factory default, I need to update all the firmwares again?
bug: email app stops working after factory reset [not relevant]
Next device: Include ROM-based backup for bootloader [duplicate]
Screen stuck in strange landscape mode?
Factory reset error: "Couldn't backup rootfs, maybe the filesystem is corruped"