Windows XP: a national threat?

A computer forensics expert and retired US federal agent is warning that default security features in Windows XP are a threat to national security.

IT security firm New Technologies' president, Michael Anderson, is claiming the data scrubbing feature in Windows XP Professional will "make it impossible for federal agents and law enforcement to find and reconstruct digital evidence buried on computers, particularly those seized from terrorists," according to an article by Network World.

"This is an intelligence issue," Anderson said. "The government and Microsoft need to think this through."

He also said the government should force Microsoft to postpone the release of the Professional version of XP.

The concerns come from the fact that even when data is deleted from a computer, it still resides on the hard drive for a period of time. Known as ambient data, experts can reconstruct ambient data to recover files and emails.

Anderson said Windows XP Professional has a feature called data recovery and, by default, that mechanism is turned off, meaning that ambient data is "scrubbed" from the hard drive.

According to Anderson, that means terrorists could use it to hide their digital tracks.

Anderson's company, New Technologies, specialises in unearthing computer secrets. A message on the website reads: "We are experts in the exploitation of the security weaknesses in DOS, Windows, Windows 95, Windows 98, Windows NT and Windows 2000, to find computer evidence and computer security data leakage."

Rob Enderle, an analyst at Giga Information Group, said this highlights the privacy vs security dilemma.

"These well meaning but generally clueless individuals are arguing that the increased security features in Windows XP, features that have been demanded by IT professionals and other security experts, in order to make the product secure, make it harder to catch terrorists."

"The foundation of their argument is something like 'no-one should have strong locks on their doors in case the police want to break in,' not realising that the vast majority of 'break-ins' are by criminals, not police," Enderle added.