Posted by Jean-François Gingras on May 19

Maybe I missed something, but why is this a vulnerability? This behavior is
directly caused by NTFS. The way information is stored in the MFT and in a
INDEX_ALLOCATION (for large directories) will cause this problem to any
secure delete program.

IIRC, if your file is located in a large directory, the records (mainly the
FILENAME attribute) for this directory are not hold in a resident attribute
(INDEX_ROOT – 0x90) in the MFT, they are hold in a…