Re: Guidance Software response to iSEC report on EnCase
Guidance, in its response to ISEC report, stated on more than one occasion:-
"Also, by corrupting the NTFS partitions, the perpetrator would likely render
his file system dysfunctional, which calls into question both the likelihood
and feasibility of such a tactic. Thus, the chances of this specific scenario
occurring in the field are extremely remote;"
A perpetrator, suspecting intervention by lawful authorities, and with time to
spare, may use just this tactic to specifically avoid detection.