The logs are stored on an SSD , which is literally the only part you need to replace when donating or reselling a PC. Any enterprise company should have a policy ensuring SSD destruction.
Most laptops will last a long time assuming they aren't abused. I guess the SSD wears out, but that's a 50$ part.
Why? Drives should already be encrypted, at which point you just lose the key and it's unrecoverable.
I don't trust HP firmware to wake the laptop from sleep in one attempt, let alone trust them to securely store their telemetry (that they won't let me see directly).
> BitLocker essentially trusts self-encrypted drives to do their job, and defaults to the drive”s hardware encryption.
But that was 2018; the result was that in 2019 https://support.microsoft.com/en-us/topic/september-24-2019-... happened:
> Changes the default setting for BitLocker when encrypting a self-encrypting hard drive. Now, the default is to use software encryption for newly encrypted drives. For existing drives, the type of encryption will not change.
And in any event, I would tend to argue that the matter of reselling is secondary: The problem is that the affected disks are effectively unencrypted, and that's a problem regardless. If your disks are properly encrypted, then reselling them should be safe.
You don't have to worry about IT forgetting to wipe a drive or something.
You have a policy that says we take the SSD out before sending it to the reseller/donating.
A used SSD is a bad idea anyway, everything else on a laptop can more or less work indefinitely
Using a used SSD( Refurbished assuming direct from manufacturer might be ok) feels like digging though someone else's stuff.
Maybe they cleaned it, maybe they left business docs or other sensitive data. The risk to reward is too great.
Physical destruction is cheap and effective insurance against this.
Counterpoint: enterprises shouldn't be incentivized to produce physical waste containing toxic components that are virtually only available from supply chains that abuse human rights and cause mass ecological devastation.
this idea that we should just shred perfectly working components because an asshole in a suit doesn't understand FDE (or just... wiping the drive) is bad for everybody in the log run.
The alternative is corporations just trash the entire laptop. With the rise of soldered ssds( Apple for one) this is possible.
Maybe argue for better recycling ?
It only takes one half awake IT guy to forget to wipe a few drives to spook companies.
In my world if MegaCorp offloads used laptops to a non profit, and the non profit just has to throw in a cheap SSD, that's a win.
trade secrets must take a backseat to human rights and toxic pollution from mines.
Or personal medical information, which in some cases( STI status, etc) can ruin thousands of lives if leaked.
The solution is recycling the destroyed drives, not banning secure data destruction.
The whole thing make no sense. They plan to store the report on the SSD (but not just any SSD, an HP SSD), so that the telemetry is retained between operating system install. I'll give them points for doing on device data collection, but what if I replace the SSD? Maybe they don't plan on making that user replaceable, but that would work against what they are trying to do here.
Honestly if HP cared they would make the device more easily serviceable by the end users, and upgradable. Even that doesn't matter a great deal, beyond having companies slow down their upgrade cycle slightly, there's no real gain. Right now I'm looking at used laptops, but the local refurb place have apparently scraped all their laptops that are unable to run Windows 11. Without the software companies putting in a bigger effort to keep old devices viable for longer I don't really see who's suppose to buy all these old HP computers.
Goes something like this:
- Ford makes the original Mustang (which everyone loves)
- Ford makes different versions of the Mustang (some more powerful than others e.g. the Shelby)
- Hertz had a special custom Shelby model made for them
- You could rent that special model from Hertz
- So, people would buy a lower end Mustang, rent the higher end Mustang from Hertz, swap out the engines and return the Hertz Mustang
There is actually a lot of extra detail in this article if people are interested: https://www.motorcities.org/story-of-the-week/2024/rememberi...
Also many companies want to destroy the SSD on selling old laptops. Paranoid about security and thinking they need Pentagon level security theatre. But companies should delete potential liabilities.
But I'd never allow an enterprise SSD to be reformatted. If some old data leaked from the business and the business was taken to court, the prosecution might argue it leaked from SSDs and you couldn't prove otherwise.
I'm assuming since it writes to a vendor-reserved sector, replacing it would make the whole thing moot. The rental company wants to retain that data because it makes a used PC more valuable. Since the corporate renter doesn't own the PC, they would only be allowed to wipe the SSD (excluding this section), not remove and destroy it.
Carfax exists because of the possibility of buying a car with extensive damage that looks cosmetically ok. Additionally, the service records they collect indicate that a vehicle has undergone regular maintenance.
Computers, for the most part, aren't getting in major accidents and reentering the stream of commerce. Additionally, there's no significant mechanical maintenance required, except for blowing compressed air if the environment is dirty.
I initially though HP found some new way to fleece data out of its users, but looking at what is proposed, I don't see anything that obviously bad so I am lost here too.
And this is all before we get to how difficult HP has gotten to repair. My last HP ( consumer grade after which I swore no personal HP machines ever ) did everything short of soldering hdd to the board ( ridiculous placement, non-standard screws ).
The idea has some, limited merit, but I just don't see it being useful.
I don’t know how much value it’d add, though it would be pretty interesting to see exactly how much of a Ship of Theseus that used laptop you just bought is, if this system tracks part serials and such. Could also be useful for sniffing out use of substandard/knockoff third party parts, which could be of legitimate interest to buyers (I wouldn’t necessarily trust a third party power handling module from AliExpress for example).
There are lots of ways a dodgy car could kill me or someone else.
You can buy a device that looks perfectly good, but has rusty parts, leaking capacitors, shoddy/counterfeit replacement parts, and who knows what else. And if it wasn’t previously opened (they seemingly always are), you don’t know what was done to it.
I don’t think you can really solve that through tech, it’s really more of a record keeping issue. Which actually seems to be mostly how carfax works?
I’ve thought about fixing up consoles and selling them (more for cost recovery and to free up space than for profit), but I wonder about how to share information about the work and the risks in a way that the purchaser is likely to understand and appreciate.
What I see are more technological affordances for closed firmware behavior of the device, increasing complexity, and providing additional opportunity for, and cover for, secret surveillance, backdoors, and other malware.
The used laptop market is very healthy already, and sellers already make money doing their own n-point tests before selling. Some use turn-key diagnostics software packages that work with the state of the laptop as it is (and drive SMART data). It's worked fine, AFAIK.
I've personally bought and used ~40 used laptops, mostly from random sellers on eBay, and not knowing the laptop's dating history hasn't been a barrier. The only significant, rare problems have been dirt and strange odors, which presumably aren't sensed and recorded in this "telemetry".
All this surveillance just in case you want to have an easier time selling a laptop. I'd rather have this time spent building a better laptop that sells itself because it's a battery swap and a CPU re-paste away from feeling like new.
Also these devices in the second-hand market are probably 80+% < $1,000 and let's be real - getting a bad $400 computer is kinda whatever in the dramas of life. Just get another.
(I've sold about 5k things on ebay btw).
My accountant has used the same 4 apps since the turn of the century. Yet the industry has created a situation where they’ve needed to buy 10 new computers to keep up, even though they still just use email, spreadsheets, web, and a word processor. They’d happily be in XP if it were still on offer.
The only meaningful productivity boost from the hardware side of things for the overwhelming majority of knowledge workers over the period was the introduction of SSDs and wireless network cards.
If I worked for an organization that deployed or sold large numbers of used PCs -- and that problem cropped up frequently enough to matter, I think my take away would be: "let's stop deploying/selling used HP laptops and switch to a more reliable brand," not "let's try to use this fancy reporting to identify them before they get deployed."
Based only my own experience in large enterprises, the usual process is to EOL new laptops after about three years, regardless of condition. There's a whole sandwich of business and financial agreements built around this, so this 'fine-grained data' doesn't seem very useful (or necessary).
If HP really wanted to make an environmental impact, why not start an HP recycling/refurbishment program?
Of course you wouldn't want to be locked in to HP hardware only. And hopefully you've got an endpoint management tool which is gathering at least some of this data anyway...
Dealerships in no way use those reports for that reason, nor do they contain the information that would be necessary to do so. They inspect the car to determine its mechanical condition, and query manufacturer databases to determine if recall repairs are necessary. CarFax reports are a marketing tool to assuage concerns that used-car buyers have about inadvertently purchasing a lemon.
The Carfax reference stood out to me. It seems more like a feel-good marketing move than anything with real substance — just enough to trigger that association of “trusted, inspected, certified.” Not necessarily bad, but definitely more about perception than transparency.
Overall, I think they’re trying to rebrand “used hardware” into something safe, premium, and profitable — under the HP umbrella, of course.
I am surprised they are starting with Laptops. IMO, it makes more sense to start with servers. They are car-priced assets, and stand much more to gain from a multi-point inspection versus a laptop. They are also less likely to suffer from long term damage damage, such as water damage.
Slap another 5 years of hardware support on it and resell for 20% above the used market. Many small and medium size enterprises will happily take you up on that offer. For example, typical dell hardware support is 5-7 years, the systems are still usable for several years after hardware support ends.
But in consumer space, margins are very low, and so there is money to be made reselling used HW at a premium, so they will try.
They haven't made anything good for years now.
"I was going to take your original offer of $220 for this here used HP laptop, but after looking at the high number of writes to the SSD on PCFax, I can't do better than $180."
What a bizarre initiative. CarFax was started in the 80's to combat odometer fraud. Cars need CarFax because they're expensive and have thousands of moving parts
trollbridge•3h ago
Old laptops are not particularly valuable because (a) they might be a lot slower than a new, base-model laptop at a quite affordable price, and (b) much of modern electronics has a design life of 3-5 years, and a used laptop will generally be at the end of that design life. Nobody really likes laptops which have random components fail and need replaced.
With that said, we happily use used laptops, some much older than 5 years. HP supplying a "Carfax" would have zero utility to us.
graemep•3h ago
Desktops tend to be better when older though.
There are already dealer who sell second hand machines in reasonably dependable condition.
HP seems to be aiming to control (note the bits about preventing unauthorised access) rather than facilitating the market.
bcraven•3h ago
Indeed, this is the point. When that business is done with it you can buy it, know how well-used it is, and give it a second life.
Dylan16807•3h ago
mattmaroon•3h ago
throitallaway•3h ago