How to securely erase personal data from the iPhone
intel Mac & PPC
If you are looking to sell your iPhone, or give it to somone as a gift, you should probably ensure that your personal data does not remain on the
iPhone. Most would think that a restore via iTunes would take care of this. But it does not! It has been proven more than once, and by more
than one person - one of them a programmer with deep routes in the iPhone community, and the other a state police detective using a
forensics data retrieval kit built by that same programmer - that your personal data survives a restore. In the case of the detective, he purchased
his iPhone via Apple directly (refurbished).
NerveGas recently published his notes on how he recommends wiping your iPhone clean before sale.
Click here to go to his site.
This tutorial comes directly from his notes.
There is a second process that is also mentioned, I personally had no luck at all with it. Perhaps it will mature over time and an even easier
method for performing this will come about. So a big thank you to NerveGas for publishing this method. I also want to thank the webmaster over
at WickedPsyched.com for hosting a critical file needed to conduct this wiping process. I link directly to his site for the file (it's very small),
but I'd rather not host anything I don't need to as bandwidth gets crazy over here at times. This entire process will take about an hour and a half
to complete, and your iPhone will get a bit warm too, so don't be alarmed.
I will be using Fugu to upload the files in this tutorial. These instructions can be applied to any files you want to add to your
iPhone, provided you already have SSH installed. If you have not installed BSD Subsystem, OpenSSH, or BossPrefs (via the Installer) or used
Fugu before, then you must read this tutorial first.
Connect your iPhone to iTunes and put the iPhone into DFU mode. Do this by pressing and holding both the Sleep/Wake button and the Home button for
10 seconds. At this point the screen will turn black, and the iPhone will appear to be off. Continue holding just the Home button at this point.
When this pop up appears, you can let go of the Home button. Click OK.
iTunes will now display this.
Download the firmware restore file for 1.1.4 here.
Remember where you put this file and do not decompress it.
Press the Option key and click Restore. A file browser window will open. Navigate to where the firmware file was downloaded, select it, and click
Various messages will appear while the process continues.
When it has finished you should see this screen next in iTunes.
Eject the iPhone from iTunes when it is finished. Close iTunes.
Launch iLibety+. Select "Jailbreak + Installer" and "Activate". My iPhone was previously unlocked, so
only check this option if you need to.
When it has finished (about 2 minutes later), close iLiberty+.
Launch iTunes. Make sure you select "Set up as a new iPhone". Do not restore from a backup!
Then at this screen, make sure you uncheck the sync option before continuing.
Go to your iPhone and launch the Installer. Install BSD Subsystem 2.1 and OpenSSH. They are both found
in the System folder.
Once you are finished press Settings, Wi-Fi and connect to your local network.
If you are truly paranoid you might want to change your network password login before entering into the
iPhone to a throw away password. Once you've connected, retrieve your IP address, by pressing Wi-Fi
and pressing the blue arrow next to your network name.
Download Fugu here.
Enter your iPhone's IP address in the Connect to: box, then enter root in the Username: box, then enter 22 in the
Port: box, then enter / in the Directory: box, then click Connect.
The #1 error that Fugu users may see at this point is this.
This is caused by a number of things. Any time you restore the iPhone the SSH keys get erased. When
you reinstall SSH you generate new keys. If you should switch computers that you work on your iPhone
with this could also happen. The solution is very easy.
Go to your menu bar at the top of your screen and click Fugu then select Preferences.
Click the Known Hosts button and you will see a list of host IP addresses, or maybe just one.
Now find your iPhone's IP address, highlight it, click Delete and then click Save. You can close
this window. Go back to the Fugu login screen and connect to your iPhone.
You'll get a prompt to continue.
You'll be prompted to enter your SSH password. Unless you have changed it, it is "alpine". Click Authenticate.
Download the file named "fscmds.tgz" (located at the top of the page) from
Decompress the file and you will see a folder. Inside the folder is a file called "umount".
Go back to Fugu and look at the right side column which is displaying a list of folders. Double click the folder
called "usr". The screen will refresh. Now double click the folder called "bin". The screen will refresh again.
Now drag the file called "umount" from the folder it is in, and into the bin folder in Fugu. The screen will
refresh again. Now scroll down the list of files in this folder until you see "umount" in the list.
Right click the file and select "Get Info" from the pop up menu. Make sure that the number 0755 appears in the
box labeled "Octal Mode Representation".
On your Mac, open a Finder window and go to the Applications/Utilities folder. Launch the program called Terminal.
ssh -l root (YOUR IP ADDRESS)
Then when prompted, enter your password, which should be alpine.
Now enter the following four commands:
umount -f /private/var
mount -o ro /private/var
mount -o ro /
cat /dev/zero > /dev/rdisk0s2; cat /dev/zero > /dev/rdisk0s1
At this point leave the iPhone alone, and do not allow your computer to sleep, or otherwise lose power and shut down.
It will take approximately 1 hour to complete this process.
I knew the process had completed when I saw this:
On another iPhone I wiped I received a different message (but still received the pairing pop up below).
Close the Terminal.
Launch iTunes. You should get this pop up message:
Looks to me like the iPhone has been wiped. Put the iPhone back into DFU mode and restore it to 1.1.4 firmware.
You can then choose to use iLiberty+ to jailbreak, activate, and if needed unlock it again. You now have a sanitized phone.