Feature #16453
closed
Add note to delete boot environments when resetting to factory defaults
0%
Description
Something just came up on Reddit… I suspect someone bought a used Netgate device which was reset but had boot environments left on it after resetting to factory defaults. That seems problematic if a new owner can just boot into someone else’s router config, and/or pull the config file.
A checkbox on this page to “also delete all boot environments” would work but seems slightly extreme/dangerous. So my suggestion is a note on the Factory Defaults page to the effect of, “this process does NOT delete saved boot environments.”
Sometimes I find people get confused and assume it’s “reinstalling the firmware” which it does not.
Updated by Kris Phillips 5 days ago
- Status changed from New to Duplicate
Bug is duplicate of https://redmine.pfsense.org/issues/16403
I'll add a note to the other redmine.
Updated by Jim Pingle 3 days ago
Factory reset aside, there were two major failures in the described scenario: The seller should have wiped the disk before selling it, and the buyer should have wiped the disk and reinstalled it themselves when receiving it.
The reset procedure is more of an "oops I messed up and need to get back in" function and not something intended to blow away all traces of personal information on the entire disk.
Updated by Steve Y 3 days ago
Oh, agree. And I told the person so. That's basically the point of the other redmine, which I didn't find when searching.
But FWIW I have seen a few posts over the years by people who assume "factory defaults" means "like it came from the factory brand new" which is incorrect. Perhaps "use..." or "change to the default configuration file" would be less prone to misunderstanding, that's all.