Is it safe to pass on a Steam Deck after a factory reset?

Scythers@alien.top · 1 year ago

Is it safe to pass on a Steam Deck after a factory reset?

locke_5@alien.top · 1 year ago

You would be 99% fine just factory resetting the device.

But….

The way factory resets work is by flagging all your data as over-writable. If you had any sensitive information on your Deck, that data would still be there and still be recoverable if someone knew what they were doing. Best practice when selling/trading in any device is to zero out the drive (overwrite every bit with a ‘0’) then reinstall the OS.

Most likely not necessary for a Steam Deck but it’s important to know how data storage works!

HYPERBOLE_TRAIN@alien.top · 1 year ago

Is that the current best practice? I seem to remember reading that overwriting with random data, multiple times, is the most secure way to delete data.

This is well outside of my expertise so I’m asking out of curiosity.

Silejonu@alien.top · 1 year ago

Random writes and/or multiple zero-fills are just a waste of time. They don’t achieve anything, they’re just a placebo. Plenty of people/procedures recommend to do it, but they’re absolutely pointless in the real world. Once your disk is full of zeros, it doesn’t matter what came before.

Don’t trust me? If the US government was unable to recover the content of a drive related to Julian Assange’s case after a single zero-fill, I think you’re safe:

Johnson testified that he found two attempts to delete data on Manning’s laptop. Sometime in January 2010, the computer’s OS was re-installed, deleting information prior to that time. Then, on or around Jan. 31, someone attempted to erase the drive by doing what’s called a “zerofill” — a process of overwriting data with zeroes. Whoever initiated the process chose an option for overwriting the data 35 times — a high-security option that results in thorough deletion — but that operation was canceled. Later, the operation was initiated again, but the person chose the option to overwrite the information only once — a much less secure and less thorough option.

All the data that Johnson was able to retrieve from un-allocated space came after that overwrite, he said.

In the case of an SSD, random writes or zero-fills don’t work at all, though: they are not guaranteed to actually fill the disk with zeros (and most likely won’t), while at the same time wear the drive. For SSDs, you should run a secure erase command that’ll instruct the SSD to reset all its cells to their default state.

neph36@alien.top · 1 year ago

Are you storing your tax returns and bank account information on there? I’m an anxious guy but this sounds insanely paranoid.

icebalm@alien.top · 1 year ago

Is that the current best practice? I seem to remember reading that overwriting with random data, multiple times, is the most secure way to delete data.

On current hardware when data is overwritten once the original data cannot be retrieved. The “Gutmann Method” hasn’t been necessary for about 3 decades, even though the myth seems to still propagate. https://en.wikipedia.org/wiki/Gutmann_method

spacedghost_@alien.top · 1 year ago

How does someone zero out the drive? Is that an option in the reimage screen or something?

ImrahilSwan@alien.top · 1 year ago

I usually delete the entire drive and reformat.

I’m presuming this would do the same thing.

Isn’t there also a difference between hard drives and SSDs?

jorceshaman@alien.top · 1 year ago

100% this. I was going to reply with something similar but you said it better than me!

It’s extremely important to know how storage works and that just doing a normal wipe isn’t good enough to truly protect sensitive data. The DoD does 7 passes of random data then also destroys the drives. Most home users would be fine with 1 or 2.

I have personally never given a used drive to anyone besides family. I’d rather keep it and put a new one in.