About | Buy Stuff | News | Products | Rants | Search | Security
Home » Resources » Software » Reviews » The Evidence Eliminator Documents

The EE Review

With all this data in, it's time to summarise.


Get It

Try It

A gem conspicuous in its absence from all the product descriptions, reviews, and scare tactics hard sells was any evidence that Evidence Eliminator had ever been thoroughly tested.

Site after site claimed (borrowing copy from other sites to be sure) that EE was known to defeat forensic analysis software yet no software archive or e-zine ever attempted a test of their own.

EE purports to be following the DoD standard for secure file deletion, but that is simply incorrect: It doesn't take a room full of Einsteins to come up with 'First all zeroes, then all ones, then randomize it.' And even the DoD is a far cry from Peter Gutmann's methods, which take into account the various hardware algorithms for magnetic data storage currently in use.

There is one poster on Usenet who claims to have run EnCase against a drive cleaned by EE and found that EnCase could get everything back right away (as would be expected), but in everyone's interest, more tests of this nature are required.

The program itself is a bloat monster. 3MB of the 4MB download is attributable to finally including the VB runtimes (earlier downloads that did not include these files hovered around 1MB). But VB programs need not be bad. MS BASIC was once the second fastest language on the PC - after C - leaving all implementations of Pascal far behind. VB will never be as good as C, but it doesn't have to lag all that far behind.

The program is very thorough, and represents a lot of hard tedious work. Some routines might be slower for running through VB code, but this is not certain. And a number of the algorithms and ideas are very cute.

How this program was ever going to shred slack on NTFS was a mystery that was at last solved: It doesn't. This gem might be hard to come by before either purchasing the product or downloading the trial version, but it seems the programmers have a goodly bit of legacy knowledge of FAT systems which they were able to put to good use. Yet not being able to support NTFS is a major boner - which seems all the worse if it's not known before runtime.

EE now claims to run under NT as well - but again, there is a tremendous hitch: By NT EE means 'any version greater than 4' - which is Windows 2000 and not what people understand by 'NT' at all. Add to that the fact that most Win2K users will avail themselves of NTFS and you have a product which cannot in this respect be used.

Although EE has buttons for copying its log file (presumably to the Clipboard) and for saving it as well, the log file is not written to disk by default and will be lost on a 'Safe Shutdown' operation (according to EE, the only completely secure operations are 'Safe Shutdown' and 'Safe Restart').

But the big issue with any of these programs that scandalize the Internet community is whether they represent anything significantly new; and whether it's possible to differentiate between the 'market need' they attempt to induce and the product they claim will satisfy it.

The world already has its goodly share of secure file deletion software: BC Wipe, Clean Disk Security, Cyberscrub, Eraser by Sami Tolvanen, McAfee PGP Personal Privacy, McAfee Quick Clean, Norton Clean Sweep, On Track Internet Cleanup and Window Washer are all well-known products that essentially do the same thing. Lesser utilities and tools such as Super Shredder and radsoft.net's own ShredPerfect+ (see Windows 2000 Magazine October 2000) perform shredding on a per-file basis, the latter of these two conforming completely (as Cyberscrub claims to do) to the algorithms of Dr. Peter Gutmann.

So - what does EE have that these other programs don't have? Why shell out $75 for this product, as opposed to any other product? What feature does it have that the others don't have, that is so important that no matter if you already have any of these other products, you still have to have EE?

The only thing EE has that the others don't have is a questionable marketing campaign: Both EE and its affiliates use hard sell scare tactics to convince you that you must have a file shredder - that you will be raped and murdered if you don't, that your very life hangs in the balance - and then work hard to convince you, while you're still stunned and mesmerized at their site, that only their product will do what you need.

Which is of course ridiculous.

And EE's affiliate program would seem to hold no constraints: anyone can exploit it any way they want, ethical or not, and evidently quite a few have, a few who really don't care what happens to the net as long as they have a chance to make quick money. If EE were a serious venture, they would write a clause or two into their affiliate contracts to prevent this. If EE wanted the respect of the Internet and software communities, they would understand this to be in their interest.

And finally, if EE were a serious enterprise, they would want the respect of the Internet and software communities - and not their scorn.

Prev | TOC | Next

About | Buy | News | Products | Rants | Search | Security
Copyright © Radsoft. All rights reserved.