|Home » Resources » Rants
The Bell Tolls
Week of October 27, 2003
Authorities recovered 200,000 child pornographic images from the computer hard drive of Dr Marc Watzman, despite his use of Evidence-Eliminator.
And so the truth is out: Evidence-Eliminator does not protect you from Bubba. What is amazing is that for so many it took until now to realise this.
Evidence-Eliminator is a Visual Basic program. It was put together in the greatest haste by people no longer connected with the vendor Robin Hood Software of Nottingham England.
The focus during development was on creating an attractive, user-friendly interface, and not on making the program work satisfactorily. The developers of Evidence-Eliminator are long gone, having moved on before the company changed name to Robin Hood Software.
And the staff at Robin Hood have never since included anyone capable of maintaining or improving the code of Evidence-Eliminator. The last update to Evidence-Eliminator was years ago.
What Robin Hood Software have instead excelled at is understanding the underbelly of the human psyche, human society, and the workings of the Internet. The most spammed software product ever, Evidence-Eliminator has fallen into millions upon millions of mailboxes around the world and been the scourge of USENET, the Google Groups, even polluting and pestering the official forums for net abuse.
Several ISPs have caught up with Evidence-Eliminator spammers, closed down their accounts, and made public apologies to Internet users at large. The hosting of the Robin Hood Software Evidence-Eliminator web site has had to change regularly, as the abuse complaints and the black hole submissions have made their support of Robin Hood untenable.
And yet Robin Hood Software marched on. By treating their affiliates with the utmost discretion and their customers with the utmost derision, Robin Hood have been able to maximise profits and minimise losses to zero.
At the same time, people not satisfied with the Evidence-Eliminator product are given the infinite loop of 'run-around'. Enquiries to the distributor SWREG link back to 'Bubba' scare pages at the Robin Hood site - there are no avenues for refund whatsoever.
And the illusion that Evidence-Eliminator could somehow help you safeguard your privacy has never been questioned. But although Evidence-Eliminator sports a fancy, user-friendly interface, it never attempted to get at the crux of the matter: incriminating evidence.
All Evidence-Eliminator can do is get at the 'trails' of evidence, by removing 'most recently used' lists in the Registry or on disk, and by removing all traces of whatever you've done with your computer.
When this initial phase of the cleansing is complete, and after Evidence-Eliminator overwrites your disk slack, it prefers to be shut down. At this point the program will revert to 16-bit 'MS-DOS' mode and the power is turned off.
The important phase of defragmenting directories is never addressed: no program, save a disk defragmenter, can go into directories and take out obsolete entries. Things such as
Will remain. It is only by defragmenting the Windows disk that directories are optimised and the deleted entries such as the above are removed. Should the authorities stop by for tea when you've just shut down your computer through use of Evidence-Eliminator, they will find references to all your dirty secrets in the fragmented directories.
And then you'll smell the bread burning, for when they realise you do have something to hide, they'll bring in their forensic team, and the petty 'overwrite' Evidence-Eliminator's Visual Basic logic gave you won't stand in their way for one single nanosecond.
Not to miss the most salient point of them all: Evidence-Eliminator cannot go in and take out compromising data from your hard drive, only references to it - and to everything else at the same time.
Evidence-Eliminator cannot go through your entire hard drive, making suggestions like
The file 'BARELY-LEGAL.JPG' has a suspicious name. It is also an image file. Do you want to remove it?
Evidence-Eliminator has no clue what is compromising on your disk - only you can know that. But of course, the Evidence-Eliminator users have never had that explained to them, as Robin Hood Software is inaccessible to its customers and offers no support whatsoever.
Most people sucked in by the scare tactics of Robin Hood Software assume that with Evidence-Eliminator on their hard drive, they're protected. Which is tantamount to thinking that if you have prophylactics in your bedside table drawer, you won't get pregnant, even if you don't use them.
Users of Evidence-Eliminator have no clue what's going on, and no clue that they're really not being protected at all.
Worse still, if users of Evidence-Eliminator were to understand the above, they'd still be up the proverbial creek without the proverbial paddle, because Evidence-Eliminator does not offer any sort of generic overwriting facility, much less a proper document shredder. All Evidence-Eliminator can do is remove the 'trails' - no more.
The bell has tolled for Marc Watzman. Marc was caught with Evidence-Eliminator on his computer hard drive, and the authorities were able to recover a walloping 200,000 (two hundred thousand) illegal child pornographic images. Evidence-Eliminator did not stand in their way because Marc did not realise he needed to shred every one of those pictures, and because Evidence-Eliminator's simple 'overwrite' could not protect him when he did. Marc is up on charges, and faces a stiff sentence and a date with 'Bubba', the nightmare Robin Hood Software promised to protect him from.
And the irony is thick here: for the authorities were first clued in to the possibility that Marc might have compromising evidence on his hard drive by the presence of Evidence-Eliminator: seeing this program, they understood they'd have a gold mine of evidence waiting to be plucked.
And so must the bell toll for Robin Hood Software as well. The most spammed software product in the history of the Internet, the economic mainstay of semi-legal and totally illegal child porn sites the world over, Evidence-Eliminator has now been shown to be a useless product. It cannot protect you: it only gets you into trouble a whole lot worse and a whole lot faster.
And the authorities picked up quite a lot of evidence against Marc outside his computer, something Eric Lee Green has been trying to warn the uninitiated about for so long. If you're wondering if your employer will one day ask to inspect your hard drive, relax right now: they'll never get that far. They've already got all the damning evidence they need in the corporate proxy logs.
Evidence-Eliminator never gave anyone any protection. All the hype about being able to defeat forensic software was just that: hype and no more. With only minimal tools at their disposal, the authorities were able to recover 200,000 incriminating files from the hard drive of Marc Watzman, Evidence-Eliminator customer.
All Evidence-Eliminator has succeeded in doing is fleece a lot of scared and uninformed people into giving Robin Hood Software their money.
But now that the cat is out - now that Evidence-Eliminator users see that they are not protected, that Evidence-Eliminator users are going to jail - they will react, and so will the others who have yet to receive any spam from the company.
There will likely be a class attempt to get money refunded from Robin Hood Software. Count on Robin Hood going deeper into Sherwood Forest than even now.
And when next the Evidence-Eliminator spam hits mailboxes, when next the unsuspecting casual surfers happen upon a scare page about Evidence-Eliminator, they will be wiser, know better, and steer far clear.
And it's about time too - but it proves that even in the chaotic, anarchic world of the Internet, there is karma and there is justice.