I have a Windows 10 desktop computer that I want to sell. I want to be 100% sure that the buyer cannot recover any of my data from the disk (hard disk, not SSD). I have done a factory reset using the “clean disk” option (which took about 7 hours). But now I’m doubting whether this is sufficient. Perhaps I should run cipher/w, or completely reformat the disk and reinstall? I’m not really worried about the buyer using some NSA-level tools to recover data from overwritten sectors, but I do want to be sure that any sector containing any of my data has been overwritten. I haven’t been able to find a definitive statement about exactly what “clean disk” does.
According to what I’ve read, “Clean Disk” writes zeros into all sectors. Not as thorough as the classic NSA wipe (which repeatedly writes various patterns) but AFAIK beyond inspection or recovery by any casual means.
Whereas reformatting isn’t very reliable at wiping sectors at all. (Especially since “quick format” is the default, and that just resets the filesystem pointers to look like an empty disk.)
Not to state the obvious but just sell it without the storage if you want to be 100% sleep-soundly secure. Most people aren’t really looking for an HDD in a PC these days anyway and would want to replace it with an SSD as soon as possible anyway. If I was buying a used PC with an HDD, I’d just read it as “No main storage included but here’s an old drive to put photos on, I guess”.
In any event, I’ve never had need to keep my data away from the CIA or anything but I understand that DBAN is well regarded for wiping an HDD (but not an SDD)
I would second DBAN or sell it without a drive.
Thanks. I had been thinking it would be more attractive with a disk and a Windows license, but since spinning rust is indeed almost obsolete, maybe it would be best to just sell it without the disk and not have to worry about the private data.
If it’s some old office system like a 4th gen Dell Optiplex, I would just sell it without the drive and not worry since it’s not worth putting extra time and money into. If it’s a newer system that might be worth a couple hundred bucks or more, I’d consider getting a 250GB SSD for $20 and installing Windows onto that so you can sell it as having a Windows boot drive. But it really kind of depends on what the rest of the system is and what you’re likely to get out of it. No sense in putting $20 into a $60 PC.
Could you remove the HDD and boot it from a thumb drive, simply to assure a buyer that the machine indeed works?
It’s a pretty nice workstation: 2 Xeon E5 CPUs, total 12 cores, 32 GB RAM, GeForce 1080 graphic card, liquid cooled. It cost over $6500 when I bought it 8 years ago. I’m hoping to get maybe $700 for it but I need to do a little more research on prices.
Yeah, for a pretty complete system like that I would (personally) add a small SSD boot drive just to be able to sell it as a complete package. If it was just some old office PC with integrated graphics, I wouldn’t.
I’m far from any expert but I’ve sold about a dozen used PCs over the years and they were all to hobbyists or people wanting to get into PC gaming. No one ever bought a PC because they wanted to use MS Word or research dog breeds from their living room. So the cheap computers were bought by tinkerers or other people not put off by a missing drive. The pricier systems were bought by people who wanted to go home and be installing Steam or Fortnite within an hour and try their new toy. Just my personal experience though.
What model? Sounds like one of the Precision workstations. The reality is that most people that want a fast system will just a new cheaper system.
As a reference point, I picked up a Dell PowerEdge R630 about 2 years ago. Same dual E5 procs, 512GB RAM, but no GPU, for CAD$200.
That’s fine. As long as you wrote nulls over everything, the disk is clean. If you want to reassure yourself, download a self booting file recovery utility, and see if you can recover anything, or just do dd if=/dev/sda skip=150G bs=1M count=10 and see if it contains anything other than ^0.
I’d say “beyond inspection or recovery by any means.” No one is putting drives under electron microscopes, and it isn’t even clear that will reveal old data.
DBAN is great, and I always just set it to the “Zero and only once” method. Just as secure (in my opinion), and much faster.
This is also why it is useful to use encrypted at rest disks. Just overwrite the key, and the rest of the disk is wiped.
Well, there will definitely be non-null data on the disk, because the Windows installation files are still there. It’s just my personal data that has (hopefully) been deleted. I thought about trying a bootable recovery program, but I’m not sure what is the best one to try, and I’m not sure how much more effort I want to put into this.
Especially if …
Well, that’s discouraging. My system was from Xi Computers. It was recommended by the company I was consulting for at the time.
The depreciation rate of PCs is horrendous. It’s worse for high end machines than for budget machines. I would not be surprised to find you now own a doorstop and a couple of spare parts.