Bugtraq mailing list archives
Re: BugTraq: EFS Win 2000 flaw
From: "Fulmer, John" <JFulmer () HRBLOCK COM>
Date: Tue, 23 Jan 2001 09:26:19 -0600
There is a big difference between using a simple sector editor to recover files, like the EFS flaw would apparently allow you to, and having to use some fairly sophisticated magnetic data recovery equipment. Sector editors are widely available, and a person can fetch the data without your knowledge. To recover overwritten data you must remove the hard drive, disassemble it, and use some pretty specialized equipment to retrieve the data. The level of effort is pretty much beyond anyone who isn't extremely well funded, and it would be almost impossible to do so undetected. jf -----Original Message----- From: Russ To: BUGTRAQ () SECURITYFOCUS COM Sent: 1/19/01 2:10 PM Subject: Re: BugTraq: EFS Win 2000 flaw To the best of my knowledge, Peter Guttman(sp?) has demonstrated for years now that there is no form of over-writing which makes any substantial difference to the ability to recover previously written data from a computer hard disk. My understanding of current "high security" standards wrt the re-use of disks which previously contained classified materials is that they only be re-used in similarly classified systems, or, are destroyed beyond any form of molecular reconstruction (e.g. melted). So to suggest that your perceived EFS flaw can be resolved by over-writing is naive. The only solution is to encrypt in memory or use some removable partition as the temp space. Anyone know if PGPdisk works differently than EFS does? Cheers, Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
Current thread:
- Re: BugTraq: EFS Win 2000 flaw, (continued)
- Re: BugTraq: EFS Win 2000 flaw Timothy J. Miller (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Ryan Russell (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Jeremy Epstein (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 23)
- Re: BugTraq: EFS Win 2000 flaw Dan Kaminsky (Jan 24)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Kirk Corey (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Attonbitus Deus (Jan 25)
- Re: BugTraq: EFS Win 2000 flaw Ryan Russell (Jan 24)