Now that I have my new iPhone 3G, and have sold my original iPhone on eBay, it is time to remove my data from the old iPhone. Since a simple restore of the iPhone using iTunes does not remove your personal data from the device (it is still there, lurking around, and can be accessed by someone with the proper knowledge), a secure wipe is important to me.

For those interested in the details, see the quote below from Jonathan Zdziarski's Web site.

...when you do a restore through iTunes, it is only the equivalent of performing a "Quick Format" on your iPhone. And for those of you who use "Erase all Content and Settings", this has even less of an effect, as it doesn't even destroy the file system. In both cases, all of the personal information that was sitting on the device prior to the erase or restore is still left sitting in the unallocated blocks of the iPhone's NAND memory. To make matters worse, the restore process is likely to restore the original operating system files over the same location as the old ones, meaning very little data is likely to be corrupted at all. Let this be a caution to everyone who sells used iPhones or sends their phone into Apple - you are releasing your personal data with it.

I used two methods to wipe my data from the iPhone. One simply writes a lot of music and video to the device, and the other writes zeros to the system and user partitions. The second method is Jonathan's method, although trying to follow the instructions at his Web site will be hard for most people. I found that iClarified wrote a set of instructions, with screenshots, that walks the user through Jonathan's method very well. They even included a video. Wasn't that nice of them?

» iClarified: How to Securely Erase Your iPhone Before Resale

Before I list out the steps of my own, semi-custom method, let me first say that I am paranoid by nature, and always expect the people to snoop when given the chance. The new owner of my old iPhone seems like a nice person, but I've only spoken with her via email. Frankly, she does not seem like the sort of person who would even know how to access any of my personal information hidden on the device. But...better safe than sorry, right?

Below are the steps that I followed to get my iPhone securely erased. In theory, just following iClarified's guide (using Jonathan's method) should be enough, unless you are selling your iPhone to the CIA or NSA, and then all bets are off. The CIA and NSA can probably even defeat what I've done below, but I'm only willing to be so crazy and spend so many hours trying to protect myself from information theft.

Before you start, note that you will be restoring the iPhone a few times via iTunes. You may be asked, one or more times, by iTunes, if you want to install the latest version of the firmware (currently 2.0). The answer is no! You need to use firmware 1.1.4. The safest way to ensure that you always use firmware 1.1.4 is to always tell iTunes no when it asks if you want to restore and do it manually. To do this, download firmware 1.1.4, save it to your desktop (or somewhere on your hard drive), and hold the Option key (Mac) or Shift key (Windows) while clicking the "Restore" button in iTunes. This will allow you to select the firmware file you downloaded and iTunes will restore that firmware to the iPhone. If you accidentally upgrade to firmware 2.0, you can probably use the method above to restore to firmware 1.1.4 after you download it, but I have not tried this myself.

1. Restore iPhone via iTunes. Set the iPhone up as a new iPhone (do not restore from a backup). Turn off all syncing of personal data.
2. Jailbreak iPhone. Install BSD Subsystem and OpenSSH.
3. Perform all steps in iClarified's guide.
4. Restore iPhone via iTunes. Set the iPhone up as a new iPhone (do not restore from a backup).
5. Turn off all syncing of personal data (calendars, email, contacts, etc.) for the iPhone.
6. Create two playlists in iTunes. Fill them with about 1100 different music files, or a combination of music and video (podcasts, movies, TV shows, etc). Note that I have an 8GB iPhone, so about 1100 files worked for me. I kept copying and syncing each playlist (see steps below) and adding music to them until the iPhone was full. Also note that you are creating two different playlists. The files in each should be different from one another, meaning that you would, for example, put rock music in one playlist, and R&B music in the other playlist (assuming you have enough of each genre to fill the iPhone).
7. Sync the first playlist to the iPhone. I checked off this playlist in my list of playlists on the iTunes screen for the iPhone (Music tab) and told iTunes to only sync this single playlist.
8. Restore the iPhone. Set the iPhone up as a new iPhone (do not restore from a backup).
9. After the restore, sync the second playlist in the same way that you did the first playlist.
10. Restore the iPhone (yes, again). Set the iPhone up as a new iPhone (do not restore from a backup).
11. After the restore, jailbreak the iPhone again. Install BSD Subsystem and OpenSSH.
12. Follow the instructions in iClarified's guide again. This is the second time you will write zeros to the two partitions on the device.
13. Restore the iPhone (last time, I promise). Set the iPhone up as a new iPhone (do not restore from a backup).
14. Do whatever else you need to do with the iPhone (the new owner may want it jailbroken and/or unlocked, for example). Make sure you do not sync any personal information to the device. If you do, go back to step one and start over.

This is probably overkill. As you can see, I am doing a two-pass wipe of the user partition and a two-pass wipe by writing zeros to the system and user partitions, in the following order.

1. Write zeros to system and user partitions, restore iPhone.
2. Write data to user partition, restore iPhone.
3. Write data to user partition, restore iPhone.
4. Write zeros to system and user partitions, restore iPhone.

For just about everyone, writing the zeros one time (iClarified's guide) is enough. For many users, writing the music twice, and skipping the zero writes, is fine. I chose to be a little crazy about it, but it was a good experience and I learned a lot as I went along.