sell device

julia

Well, I'm currently using a Google Pixel 8 and I want the 9, and is it safe for me to format my Google Pixel 8 and then sell it to someone else or is it better to destroy it, I was going to sell it to complete the value of a new Google Pixel, what do you think of my GOS operating system, the latest version updated and the password really strong 128 bits of entropy?

de0u

julia Personally I would feel pretty confident after a factory reset. If you want to go further you could install Google's stock OS, which should shake things up a fair amount in the flash storage. In theory you might also fill 90% or so of the free storage space by downloading some non-compressible things like MP3 or MP4. But honestly a factory reset by itself should mean that nobody is getting your data.

Personally I would not want to destroy a perfectly usable high-tech device.

GrapheneOS

julia Factory reset provides very high assurance of all the data being unrecoverable in multiple different ways, the same way our duress PIN/password feature does. Someone having your PIN/password won't be able to recover any data. The encryption keys are random and encrypted with key encryption keys derived with multiple sources of entropy including random data on the secure element, stored via the TrustZone hardware keystore and your PIN/password. The secure element data will be reliably wiped, preventing data being recovered. It will also wipe the TrustZone keystore and the disk encryption metadata on the SSD via special secure erase instructions. It doesn't depend on the SSD doing that reliably. This is not really something you need to worry about, just do a factory reset.

Watermelon

Actually, the strength of your password doesn't matter at all. Your credentials are used to encrypt/decrypt the cryptographic material that encrypts/decrypts your device. When you do a factory reset, this cryptographic material is erased, so even if someone guesses your password they shouldn't ever be able to decrypt the contents of your device.

This also means that when you change your password, only this small cryptographic material needs to be re-encrypted with your new password, rather than your device having to go through your entire data and re-encrypt it. And it also means that factory resets properly get rid of your data even if you didn't use a screen lock at all (i.e. swipe unlock).