Bugtraq mailing list archives
Re: BugTraq: EFS Win 2000 flaw
From: Ryan Russell <ryan () SECURITYFOCUS COM>
Date: Mon, 22 Jan 2001 16:13:55 -0800
On Fri, 19 Jan 2001, Russ wrote:
To the best of my knowledge, Peter Guttman(sp?) has demonstrated for years now that there is no form of over-writing which makes any substantial difference to the ability to recover previously written data from a computer hard disk. My understanding of current "high security" standards wrt the re-use of disks which previously contained classified materials is that they only be re-used in similarly classified systems, or, are destroyed beyond any form of molecular reconstruction (e.g. melted).
I see a big difference in being able to recover some files by simply booting to a different OS vs. having to break out the electron microscope and manually piece bits together. I could boot DOS or Linux to read a deleted file... I don't think I'd be able to find someone who could read the bits from 3 writes ago off of a physical disk surface for me... unless you gave me a huge amount of time and money. If the problem does exist as described... the possibility that a government forensics lab might recover some data is no exucse for not handling temp files properly for EFS. Ryan
Current thread:
- BugTraq: EFS Win 2000 flaw Rickard Berglind (Jan 19)
- Re: BugTraq: EFS Win 2000 flaw Alexander Ivanchev (Jan 22)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 24)
- <Possible follow-ups>
- Re: BugTraq: EFS Win 2000 flaw Russ (Jan 22)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Timothy J. Miller (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Ryan Russell (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Jeremy Epstein (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 24)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Kirk Corey (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Alexander Ivanchev (Jan 22)