Re: Guidance Software response to iSEC report on EnCase

[luke.cleverley () gmail com]

Guidance, in its response to ISEC report, stated on more than one occasion:-
"Also, by corrupting the NTFS partitions, the perpetrator would likely render his file system dysfunctional, which 
calls into question both the likelihood and feasibility of such a tactic. Thus, the chances of this specific scenario 
occurring in the field are extremely remote;"

A perpetrator, suspecting intervention by lawful authorities, and with time to spare, may use just this tactic to 
specifically avoid detection.