Earlier this week, I released a security advisory for everyone using "secure deletion" software (such as PGPWipe, BCWipe, East-Tec Eraser, etc.) on an NTFS file system (i.e. Windows NT, 2000 and XP) being at risk (a sizable group of people). Every single vendor tested, with one partial exception, fails to delete alternate data streams, a facility in NTFS for creating files that contain multiple sets of data (i.e. multiple files). As a result of this, large amounts of sensitive data are left on hard drives -- data that people think has been securely deleted. How is it possible for such a large problem to occur -- not just with one vendor but with all of them?
Kurt Seifried is a full-time security analyst/researcher. Coming from a technical background, he is making progress on the business side of infosec and risk management.