I am still too scared to pull the trigger on the used computer on ebay. Do they come with their own OS key so you can use windows media usb to load a new one with a SSD? I have a small SSD for os/load BI on and then 8gb Purple to store. I am just waiting on what computer I should purchase.
Anyone can link good ebay ones going on?
Be aware that you can download the Dell OS Recovery Tool from Dell, then run it and plug in the Dell Service Tag from a Dell you are considering buying off Ebay. Example, I found a 7th-gen i5 system with a service tag of B7Q99N2 and here is what the Dell tool has for it (picture attached).
If you are installing Win10 fresh then you can enhance your system security with some specific settings in the firmware. Win10 will make use of hardware virtualization capabilities to isolate high-security system processes. In short:
1. start system, hit F12, update firmware from a flash drive with the latest one from Support.dell.com to fix low-level vulnerabilities.
2. Make sure the system is booting in UEFI mode with Secure Boot enabled (this can be toggled from the F12 startup option list)
3. Go into the firmware settings and ensure that the TPM is both "On" and "Enabled" in the Security Section
4. Enable the SMM Security Mitigations option in the Security section if your model has it, as well as UEFI Capsule Updates
5. Set Intel SGX to Enabled if your model has it
6. Enable all the features in the Virtualization menu, the key being Intel TXT Trusted Execution.
7. Once Win10 is installed, go into Settings > Security > Device Security and make sure Core Isolation and its sub-setting Memory Integrity are enabled.
This is a punchlist thing for us at work. It results in the chain of trust for the Win10 boot process starting from the TPM itself, making a compromise of the boot process quite a challenge.
I looked at the BI Helper stats before purchasing, and I thought I would have about 50% headroom with the CPU I chose. If I'm just viewing while BI records, that is the case. But if a situation arises where I need to play back all my cameras to determine what just happened (glass breaking, etc), the system has to play back while continuing to record, and the headroom is gone. If you can opt for "too much" CPU for a moderate upcharge, it may be worthwhile when it's showtime.