Just curious as I want to replace my original Steam Deck before the OLED releases.
Is a Steam Deck safe to sell after performing a factory reset? As in, will the next owner be able to obtain any passwords to my steam account or any other account/personal details?
Thanks in advance!
You must log in or register to comment.
You would be 99% fine just factory resetting the device.
But….
The way factory resets work is by flagging all your data as over-writable. If you had any sensitive information on your Deck, that data would still be there and still be recoverable if someone knew what they were doing. Best practice when selling/trading in any device is to zero out the drive (overwrite every bit with a ‘0’) then reinstall the OS.
Most likely not necessary for a Steam Deck but it’s important to know how data storage works!
I usually delete the entire drive and reformat.
I’m presuming this would do the same thing.
Isn’t there also a difference between hard drives and SSDs?
Is that the current best practice? I seem to remember reading that overwriting with random data, multiple times, is the most secure way to delete data.
This is well outside of my expertise so I’m asking out of curiosity.
Random writes and/or multiple zero-fills are just a waste of time. They don’t achieve anything, they’re just a placebo. Plenty of people/procedures recommend to do it, but they’re absolutely pointless in the real world. Once your disk is full of zeros, it doesn’t matter what came before.
Don’t trust me? If the US government was unable to recover the content of a drive related to Julian Assange’s case after a single zero-fill, I think you’re safe:
Johnson testified that he found two attempts to delete data on Manning’s laptop. Sometime in January 2010, the computer’s OS was re-installed, deleting information prior to that time. Then, on or around Jan. 31, someone attempted to erase the drive by doing what’s called a “zerofill” — a process of overwriting data with zeroes. Whoever initiated the process chose an option for overwriting the data 35 times — a high-security option that results in thorough deletion — but that operation was canceled. Later, the operation was initiated again, but the person chose the option to overwrite the information only once — a much less secure and less thorough option.
All the data that Johnson was able to retrieve from un-allocated space came after that overwrite, he said.
In the case of an SSD, random writes or zero-fills don’t work at all, though: they are not guaranteed to actually fill the disk with zeros (and most likely won’t), while at the same time wear the drive. For SSDs, you should run a secure erase command that’ll instruct the SSD to reset all its cells to their default state.
Are you storing your tax returns and bank account information on there? I’m an anxious guy but this sounds insanely paranoid.
Is that the current best practice? I seem to remember reading that overwriting with random data, multiple times, is the most secure way to delete data.
On current hardware when data is overwritten once the original data cannot be retrieved. The “Gutmann Method” hasn’t been necessary for about 3 decades, even though the myth seems to still propagate. https://en.wikipedia.org/wiki/Gutmann_method
How does someone zero out the drive? Is that an option in the reimage screen or something?
100% this. I was going to reply with something similar but you said it better than me!
It’s extremely important to know how storage works and that just doing a normal wipe isn’t good enough to truly protect sensitive data. The DoD does 7 passes of random data then also destroys the drives. Most home users would be fine with 1 or 2.
I have personally never given a used drive to anyone besides family. I’d rather keep it and put a new one in.
If you keep sensitive data on your steam deck, what the hell are you doing lol
Yes it deletes everything including all user info. It literally resets the console to factory preset.
If youre worried about it you could reimage it completely
Boot up a copy of your favorite Linux Distro, open a terminal, and run
lsblkFrom that, find your deck’s SSD - Probably somthing along the lines of/dev/nvme0n1Then do
sudo dd if=/dev/urandom of=/dev/nvme0n1 bs=4M status=progressOnce that’s done, do
sudo blkdiscard /dev/nvme0n1Your Steamdeck is now very securely erased.
Boot up the recovery media from Valve - https://help.steampowered.com/en/faqs/view/1b71-edf2-eb6d-2bb3
And use the option
Re-image Steam Deckfrom the Desktop. That will set it up as if it’s new from the Factory.I think this is the way for HDDs, but the steam deck has an SSD.
The
ddstep is to overwrite all the data; this would do the same thing on a HDD or an SSD, but theblkdiscard -stells the SSD to erase all blocks. In theory this is a secure erase, but in practice most SSD’s implement it in a flawed way, hence the first step.
Yes but let them know THEY need a steam account to use it. I’ve sold 2 in the past and i cannot stress that enough. A lot of new users buy steam decks n just don’t know what they are getting into.
No, it will probably talk about you behind your back sometimes - also the buyer could scape your dead skin from the thumbsticks and the cracks in the case and use your DNA to clone you.
The support will still answer to the original steam account that it was bought with. Had this with my steamdeck which i bought over a friends account because he was a few months earlier than my reservation and didn’t need it. I didn’t use my reservation in the end but his. When i needed a replacement, the support first answered that i did not have a steamdeck, that it belongs to someone else and they would send it to him. But the original address that we put in was mine, so i could prove that i was the owner and it worked out in the end. But i just wanted to let you know that he be careful when using the support because the serial number is still registered to the ordering steam account.
Pardon me for not checking first but how do you uncouple your serial number from your account? I’m giving my old 256 to a family member. (I keep my 512 bwa.)
I don’t think they offer that service. They will always know from which account it was ordered and it makes sense to keep that info for a while. But if you have an RMA or support issue, you can always talk with them and prove that you are the owner by address, contract or by sending a message from the original byers account verifying the transaction. They are pretty reasonable for a manufacturers support. Also registering is only useful if it is during warranty. If your Deck is out of warranty, whats the problem anyways? Its not that Valve is running an anti-theft service like find my Deck.
Yeah we can prove proof of purchase and all that, but it will be out of warranty come end of November. So an RMA isn’t such a concern. Since he’s really into the newest Xbox games and Windows, he might just chuck it in the closet anyway, which is fine. But he might take to it, who knows. It’s still hands down the best handheld games machine and handheld computer out there.
I have a 512 from that last sale and will eventually get on the queue for an OLED, so there will be three units tied to my account. (I’ll never part with the LCD 512, it’s set up with ~150 itch games for which I scraped the artworks individually, no way am I doing that again).) It’s just unclear to me what, in practical terms, three units on one account means. On the other hand, probably 90% of resales are just factory resets, so at the end of the day, I guess it shouldn’t matter.
To be safe
sudo dd if=/dev/random of=/dev/nvme0n1before resetting back to factory from recovery disk.
I don’t know if it’s just me. but if i bought a steam deck from someone, and it was full of personal details, payment stuff, private pics and convos.
I’d just reinstall the os myself (or give back the SSD). i don’t care and i’m not a thief so, whatever.
but there are nefarious people for sure.
This applies only to 256/512 GB models; I don’t know that the 64 GB model supports this command:
NVMe drives contain an internal encryption key. By deleting this key, all data (including over provisioned blocks) is practically unrecoverable. (You’d need a sufficiently motivated attacker with knowledge of a flaw in the encryption algorithm.)
To use this command, you’ll need to boot from another Linux device, such as a thumb drive with Debian on it. Once you’ve installed nvme-cli you can use the following instructions:
https://tinyapps.org/docs/nvme-secure-erase.html
As always, I’m not responsible if you brick your device. And of course, you’ll need to reimage as soon as this finishes, as the drive will no longer contain a partition table.