Refreshing system for sale
- Vous devez vous identifier ou créer un compte pour écrire des commentaires
Hello!
Newer user here.
I have a Librebooted "Taurinus x200" from Libiquity computers, which was new in 2019 with Trisquel on it. I have not updated the computer since 2020 or so.
I'm looking to sell the machine.
Since I am not knowledgeable about Trisquel at all, I think I would normally just sell it and send the current user/pass with it. However, it has personal files on it.
- If I just delete these personal files, is that sufficient in making sure they are not recoverable by the next owner? I'm looking for 'easier' here.
- Or is there a way to delete the whole user I am using?
What do you recommend? Thank you!
I would normally just sell it and send the current user/pass with it.
Is the machine able to boot on a Trisquel installation USB, without entering any kind of password? If yes, the buyer can probably reinstall Trisquel without the need of any kind of user/pass information.
If I just delete these personal files, is that sufficient in making sure they are not recoverable by the next owner?
If the data are in an encrypted volume, you don't even need to delete them, just don't give the decryption passphrase.
If they are not, deleting the files is not enough. If the disk is an HDD, filling it with zeros should make it very difficult, if not impossible, to recover your personal data. That can be done by booting on a Trisquel installation USB (option "try Trisquel without installing") or any GNU/Linux distro USB, and, in a terminal, a command like "sudo dd if=/dev/zero of=/dev/sdX" where X is to be replaced by the letter of the HDD. Be careful to get the correct letter, since that will erase a disk.
If the disk is an SSD and your data are not encrypted, I am not sure how to do. SSD manufacturers often provide a way to trigger a wipe function of their proprietary firmware but I don't know how reliable that is. If you want to avoid risks of your data being ever recovered, the easiest might be to sell the laptop without the SSD.
In any case, wait for a few more responses on this forum.
If they are not, deleting the files is not enough. If the disk is an HDD, filling it with zeros should make it very difficult, if not impossible, to recover your personal data.
Writing random data is better. On any GNU/Linux live system, the shred command does that. Three times by default. If /dev/sda is the disk to overwrite (be careful not to overwrite the wrong disk!), here is what to execute from the live system, in a terminal:
$ pkexec shred -v /dev/sda
(The -v option show the progress: it takes much time!)
If you promised the computer will come with an operating system installed, you then need to install it.
Thanks, Avron and Magic Banana. I will look into these ideas. Appreciate the reply
As a seller: I don't want any of my stuff left behind and will use GNU Shred to completely wipe the drive. Or leave the drive out if I can't do that.
As a buyer: I don't trust any operating system that comes on a computer and will replace it. This gives me the chance to get the computer into a known state.
Is there any known advantage/inconvenient in using the Gnome Disks "ATA Enhanced Secure Erase" option if available, in combination with GNU Shred?
https://askubuntu.com/questions/17640/how-can-i-securely-erase-a-hard-drive/860658#860658
What of this suggestion: "The same menu that offers ATA Secure Erase (if and when available) also offers to write zeros (slow) or to mark deletion (fast but not secure). The zeroing can reasonably be considered secure so this answer should be generalized to recommend that option."
The "ATA Enhanced Secure Erase" seems to be the method using the proprietary firmware. For a particular device, the only way to assess whether all data are really removed would be, after applying it, to ask someone highly skilled for data recovery to try.
If I haven't used encryption with an SSD that has things like my bank account number and passwords, I would not dispatch it until all the data in there have become irrelevant (bank accounts closed).
For SSDs, it is better to always use encryption, with a long random passphrase (using diceware, with a wordlist that only has words that one knows and could remember) and set the number of iteration of the key derivation function as high as one can tolerate (higher number means higher delay).
If one doesn't use SSD (like me) this is not really an option.
- Vous devez vous identifier ou créer un compte pour écrire des commentaires