Buying a used computer? Make sure it’s safe
Why pay full price for a new computer when you can buy a dirt-cheap used laptop? They’re readily available on eBay or Craigslist, or at a yard sale or second-hand store. Inexpensive used computers are tempting. Especially if you’ve got straightforward needs like browsing the web, sending email, or giving your kids tools for their schoolwork. But what about security?
The majority of used computers are safe It’s unusual for someone to sell you a used computer they’ve deliberately infected with malware to hurt you. But you don’t know where that computer’s been. Was its previous user careful about security? Did they inadvertently leave risky software or inappropriate files on the device? It makes sense to take precautions, and you can.
Refurbished machines – age matters
We’ll focus primarily on used computers running Windows 10, the Windows version first released in July 2015. Older Windows versions like XP and Vista no longer get support or security updates from Microsoft. Support for Windows 7 will end in January 2020. Don’t buy a used computer that won’t get security updates. An exception to this is you’re willing to pay extra for a Windows 10 upgrade (assuming your computer will run Win10). Or, alternately, if you plan to replace Windows with a version of Linux that’s still updated.
(It isn’t just Windows that eventually loses security updates. Before buying an older Chromebook, visit the Google Chrome Enterprise Help / Auto Update Policy page. Check when security updates will end. Typically, 5 to 6.5 years after the device was released. Apple typically provides security updates for roughly the last three versions of macOS. If your device isn’t too ancient, you can sometimes upgrade to a macOS version that’s still getting them. This might work for a while, at least.)
Factory reset
Let’s say you’ve bought a used Windows 10 computer. Ideally, the first time you turn it on, you’ll get the same screens you’d see if you’d bought it new. Screens that walk you through personalizing Windows for yourself. That means the seller reset Windows to its factory condition, clearing out their files and reinstalling Windows fresh. Probably from a copy hidden on the computer in a separate “recovery partition.” Most authorized PC refurbishers will do this. So will many sophisticated private sellers who don’t want to leave stray data on a device they sell.
But what if you turn on the computer and it goes straight to the Windows start screen where you can start working? In that case, you’ll probably want to reset it yourself.
First, make sure Windows has been legitimately activated so when you reinstall it you won’t have problems. Choose Start, Settings, Update & Security. If you see the message “Windows is activated with a digital license,” you should be okay. If you see a 25-digit product key number, write it down. You’ll probably need it.
Out with the old
Next, to find Windows 10’s options for doing this choose Start, Settings, Update & Security, Recovery. Walk through the process. Choose “Remove Everything” and then “Remove files and clean the drive” rather than leaving files on your computer. This process will also remove software like Microsoft Office or Adobe Photoshop. That software will need to be reinstalled, assuming you have the disks, media, and appropriate licenses. If you don’t, it’ll be gone.
This cleaning and resetting process might take a couple of hours. Once it’s done, you can walk through setting up Windows as if you’d bought a new computer. Then, immediately do three things:
- Install security software you trust, such as Sophos Home Premium.
- Run Windows Update to install Microsoft’s latest security and reliability updates.
- See if the reinstallation added “bloatware” you don’t want – for example, adware, or games you’ll never play. You can usually uninstall these from Start, Settings, Apps & Features. (Sophos Home Premium can flag some especially unwelcome programs as “Potentially Unwanted Apps,” and help you quickly remove them.)
Going the extra mile
These steps will make your used computer far safer. But if you’re extremely paranoid, you could go even further.
Before using Windows’ reset features, you could have used a third-party utility like DBAN to repeatedly wipe its hard drive. This ensures there’s virtually no magnetic trace of anything that was once there. Some people even remove and discard hard drives and install entirely new ones. You might reduce the risk of boot sector viruses by flashing your computer’s built-in BIOS firmware with a new copy. (Each type of computer has its own set of instructions for doing that. But be careful to plug into reliable power. If the lights go out while you’re flashing the BIOS, the computer might become permanently unusable.)
As a security company, far be it from us to tell you not to take these extra steps. But if this seems like too much time and effort, maybe you’d rather invest in a new computer after all.