SANS Digital Forensics and Incident Response Blog: Tag - indirect blocks

Digital Forensics: A Quick Note About Shred

Hal Pomeranz, Deer Run Associates In the Linux/Unix realm we have tools like shred for securely overwriting files before deleting them in order to prevent recovery of the deleted file. If your adversary is sufficiently advanced (or just not lazy), they can obviously use these tools to frustrate your forensic investigation. Previously, I had thought … Continue reading Digital Forensics: A Quick Note About Shred