Hacker News new | past | comments | ask | show | jobs | submit login

Yet another consumer protection law we sorely need. That a factory reset should leave passwords on a device should open Amazon to enormous liability.



Ideally, the OS should be an immutable image and the user partition completely seperate. Than a factory reset simply has to nuke the user partition and place a fresh template over the top.

I can understand how something not designed could have difficulty factory resetting when data can be scattered all over the place.


I don't know about what is it like now (with all this A/B stuff), but /system/ on Android is supposed to be read only. As was ROFS on Symbian. That said, root could modify /system/ anyway.


It's still read-only on Android these days (there are multiple partitions for A/B stuff). Root can modify it, true, but I don't think anyone is storing any secrets on there.

With file-based encryption on the data partitions, Android hard resets should make all files inaccessible even if they're left on the drive.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: