I recently broke the display of my smartphone and wanted to sell it on eBay. However, I am paranoid about my data. So this is what I did: * Get a new phone and set it up. * Encrypt the Phone with Android's builtin encryption feature: * Set a lock screen password (not a PIN) with a random 16 letter string (at the time of writing, Android won't let you choose longer passwords). * Go to security in your settings and find the option to encrypt the phone, confirming your password. * After this is done, open an ADB shell on your phone. Because the phone's internal memory is flash, there might still be areas that contain sensible and unencrypted information. We will overwrite them with random data.
cat /dev/random > /data/junkfile
* If you have a stock Android installed, perform a factory reset. If you do not have a stock Android installed: * Go to the Google Developers' Factory Images for Nexus Devices page and grab your image. * Extract that file and find a batch file that will flash this stock distribution on your phone automatically. Warning. You might really have to try several different USB cables and several different USB ports on your computer before fastboot succeeds. For me it worked on the 3rd port and the 2nd cable, that's 7 failed attempts. * Take pictures of your old phone with your new phone and make sure to remove all the metadata from those pictures:
for img in $(ls *.jpg); do mogrify -strip $img; done
* Now you're good to go, put that old heap of junk up for sale! If you have any comments, go ahead.


As simple as that. I registered at the website g2play.de some time back to buy a computer game cheap, and since I use fresh eMail addresses for each service where I register, I can say without a doubt that somehow, g2play leaked the eMail address I provided. I received targeted spam to that particular address today and there is no way this eMail address could have gotten into the hands of that spammer by any other means. Shame on you, g2play.