<<< Date Index >>>     <<< Thread Index >>>

Re: Guidance Software response to iSEC report on EnCase



Guidance, in its response to ISEC report, stated on more than one occasion:-
"Also, by corrupting the NTFS partitions, the perpetrator would likely render 
his file system dysfunctional, which calls into question both the likelihood 
and feasibility of such a tactic. Thus, the chances of this specific scenario 
occurring in the field are extremely remote;"

A perpetrator, suspecting intervention by lawful authorities, and with time to 
spare, may use just this tactic to specifically avoid detection.