Forensic Tools for Computers

Zilla Data Nuker

Test: Zilla Data Nuker

Software Title

Files created or downloaded leave a trace even when deleted. These traces allow skilled computer forensic professionals to retrieve the data. Zillasoft, LLC, a New England-based software developing entity provides Zilla Data Nuker that “Shreds sensitive files so they cannot be recovered or undeleted” according to the promotional material for the software. (Zilla Data Nuker 2.0) Zilla Data Nuker is freely downloadable from the ZDNet site at www.zdnet.com or can be obtained directly from the Zillasoft website at www.zillasoft.ws.

Software Functionality

Zilla Data Nuker uses what the company terms as “shredding algorithms” to obliterate data. Ostensibly the software is designed to be used to improve the functionality of a home or office computer by deleting unnecessary files from the hard drive. Zillasoft also claims that the software can function to help protect the users privacy by completely destroying information targeted by Zilla Data Nuker. This tool might be used by someone who wants to delete personal files that contain sensitive information or by someone working for a company that is attempting to “prevent employees from wasting company time on things such as pornography and music downloading.” (Rothke, 2004) Many companies are beginning to more closely examine the files on employee computers to assure that misuse is not taking place. Zilla Data Nuker claims that it can remove such files not just from visibility but from existence on the hard drive. Since the Enron case where data was destroyed by the terabytes, “recovery and analysis of data has come to form a central part of internal investigations.

” (Marlin, 2004) But with every advance in detection software comes an advance in obfuscation software.

Performance Testing

Using a tool that operates with a GUI interface within the Windows environment such as Zilla Data Nuker has some inherent drawbacks. Some proponents of command line forensic tools “argue that most users really do not know what is going on when they point and click their way around a computer forensic examination.” (Kuchta, 2001) This may be a true statement but is somewhat beyond the scope of this text since the testing information is not being submitted in a legal proceeding. Conditions where the specifics regarding the process that the software uses to perform its function will often require software experts from the company that wrote the software to help solidify the reliability of the program in question.

The Computer Forensics Tool Testing project at the National Institute of Standards and Technology (NIST), an agency of the United States Department of Commerce, was designed to provide a measure of assurance for the software tools used by law enforcement in computer forensics investigations.” (General Test Methodology, 2001)

The test method is a combination of the software used for testing and the procedures for completing the testing. (General Test Methodology, 2001) Each of the applicable procedures mentioned in the U.S. Commerce Department prescribed methodology has been included below.

Title stating what product was tested: Zilla Data Nuker

Identification of the testing environment: Local corporate office.

The name and address of the vendor:.