There are a few reasons why search tools don’t use the master file table for instant results. First, the master file table is not always populated when the search query is executed. This can cause some search results to be returned instead of the desired information. Second, if the master file table is not populated, it can take some time for the search engine to find all of the files that are needed to perform a search. Finally, if there are many files in a directory that are not included in the search query, it can take some time for the search engine to find them all and return results.


Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.

The Question

SuperUser reader Dan Dascalescu is curious why all search isn’t table-based:

We’re pretty confident this is the reaction of every computer user upon first encountering just how blisteringly fast file table-based search is. So why isn’t it built into everything?

The question is, why isn’t this capability way more popular among file managers, and Windows Explorer Search (Win+F) to begin with?

The Answer

SuperUser contributor Mehrdad explains why low-level search has never caught on:

Have something to add to the explanation? Sound off in the the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.

That’s the real reason. (And the only real reason, in my opinion — it’s not that hard to make a reader for major file systems, although it’s by no means easy; making a writer is the real challenge.)

A program like this bypasses the entire (file) system’s security infrastructure, so only an administrator (or someone else who has “Manage Volume” privileges) can actually run it.

So obviously, it wouldn’t work in many scenarios — and I don’t think Microsoft (or any other big company) would ever consider making a product like this and then encouraging users to run as administrators, because of the security ramifications.

It would be theoretically possible to make a system which runs in the background and filters out secured data, but in practice it would be a lot of work to get correct and without security holes for production.

By the way I haven’t used UltraSearch, but I’d written a very similar program myself a few years ago which I open-sourced just last month! Check it out if you’re interested. :)