Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Secure Delete for Windows
From: "GroundZero Security" <fd () g-0 org>
Date: Tue, 17 Jan 2006 22:12:38 +0100

Our software works for NTFS and FAT filesystems and in the new version you can also
wipe the free space to get rid of data that is left on unallocated portions of the disk.

It was tested against encase which is one of the most popular recovery tools.
(apparently has been used to recover data from disks that have been recovered from 
the WTC incident although we can not confirm that)

We could not recover any data in our lab tests. We tested 7 different recovery tools,
but encase is the most popular and we dont want to advertise for the rest too :)

Our application has not only the DOD wiping standard, but also peter gutmanns algorythm 
with 38 random overwrites, which is the most secure wiping methode we know of.
shred is ok but not good enough to really securely clean data. 

----- Original Message ----- 
From: "Michael Holstein" <michael.holstein () csuohio edu>
To: <full-disclosure () lists grok org uk>
Sent: Tuesday, January 17, 2006 9:50 PM
Subject: Re: [Full-disclosure] Secure Delete for Windows


An exe?  No source???  Just "setup.exe"????  Are you crazy?

Or .. get GNU coreutils for windows :

http://gnuwin32.sourceforge.net/packages/coreutils.htm

and just use 'shred'.

(although 'man shred' specifically makes note about journaled 
filesystems -- which NTFS is. I have not forensically analyzed the 
effectiveness of this tool on a specific file -- only on a block device).

SysInternals also offers a freebie tool called 'sdelete'. Source for 
that is also available :

http://www.sysinternals.com/Utilities/SDelete.html

(and in the discussion about 'how sdelete works' they reference the same 
problem regarding journeled filesystems).

If the emminently wise gent from GroundZero wishes to comment on how his 
perticular product addresses these issues, then that might be fodder for 
the list (versus the ongoing flames).

Regards,

Michael Holstein CISSP GCIA
Cleveland State University
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]