How does this relate to the Windows 10 Preview?
That's not a very constructive reply; to be candid its quite odd. The feature is baked into Windows 10, so my query to you: Why
wouldn't it be relevant to Windows 10 Insider Preview?
The Windows reset is by no means a secure cleaning of the system. You will have to use a third party utility meeting DOD specs to accomplish a secure cleaning of any system, Windows or otherwise.
So, for sanity's sake we'll lay the cards out:
In Windows 10 under 'Settings' > 'Update & Security' > 'Recovery' exists a 'Reset this PC' option.
This option allows you to perform a reset at varying but specific levels:
- Keep my files - which "removes apps and settings, but keeps your personal files"
- Remove everything - which "removes all of your personal files, apps and settings.
When selecting the latter option, one is presented with two additional choices:
- Just remove my files - which "[..] is quicker, but less secure" and should be used "[..] if you're keeping the PC."
- Remove files and clean the drive - which "[..] might take a few hours, but will make it harder for someone to recover your removed files" and should be used "[..] if you're recycling the PC."
So, the question stands: If Microsoft is offering this as an option, and has since Windows 8, what does the latter option actually do?
- Does it do a clean all?
- Does it do a format /p n? If so, what is n?
- Does it 'detect' user data and try to write back 'random' data only to those blocks? (Perhaps leveraging something like sdelete? And if it is sdelete, how many passes?)
- Is it 'safe enough' that the above-average IT guy wouldn't be able to recover much of anything?
I don't expect that option to be bullet proof meaning impossible for:
- professional data recovery services to get anything
- some seasoned forensics team to recover the data
If one either has data of that caliber or is paranoid, and arguably rightfully so, then yes I would agree that a third-party utility, like the ones I already mentioned, would be the correct approach. (Of course your data would likely already be encrypted
to begin with so tossing the keys should be sufficient.)
But if that built-in option isn't safe or reliable to begin with, why is it included? To provide a false sense of security? Is the expectation that the machine is going from non-IT person to non-IT person and there's no concern if the recipient
trying to recover anything?
The query isn't a challenge on the feature, nor am I suggesting it provides DOD 5220.22M grade wipe functionality.
Just seeking a deeper understanding of what it does, how it works and when one, the average home user, who this feature is likely aimed at, might want to consider using something else.
-
Edited by
JuliusPIV
Tuesday, May 26, 2015 12:08 AM