Home page logo

bugtraq logo Bugtraq mailing list archives

Re: BugTraq: EFS Win 2000 flaw
From: Russ <Russ.Cooper () RC ON CA>
Date: Fri, 19 Jan 2001 15:10:12 -0500

To the best of my knowledge, Peter Guttman(sp?) has demonstrated for years
now that there is no form of over-writing which makes any substantial
difference to the ability to recover previously written data from a computer
hard disk.

My understanding of current "high security" standards wrt the re-use of
disks which previously contained classified materials is that they only be
re-used in similarly classified systems, or, are destroyed beyond any form
of molecular reconstruction (e.g. melted).

So to suggest that your perceived EFS flaw can be resolved by over-writing
is naive. The only solution is to encrypt in memory or use some removable
partition as the temp space.

Anyone know if PGPdisk works differently than EFS does?

Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]