Just in case you thought Windows was secure...

2008-04-29 02:03 pm
mdlbear: (kill bill)
[personal profile] mdlbear

It isn't (Seattle Times)

Microsoft has developed a small plug-in device that investigators can use to quickly extract forensic data from computers that may have been used in crimes.

The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB "thumb drive" that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference Monday.

The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer's Internet activity, as well as data stored in the computer.

It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.

More than 2,000 officers in 15 countries, including Poland, the Philippines, Germany, New Zealand and the United States, are using the device, which Microsoft provides free.

Not surprisingly, there is discussion on slashdot and techdirt. Fortunately, an easy-to-install upgrade has just been released that fixes the problem.

  • Mood: appalled
Tags:
Flat | Top-Level Comments Only

Date: 2008-04-29 09:24 pm (UTC)
ext_3294: Tux (Default)
From: [identity profile] technoshaman.livejournal.com
You know, that acronym is just too ironic. And re-proves the point that your computer is, barring other measures usually involving various applications of encryption, only as secure as its physical access....

But, yeah. Part of the security of Linux is that there are about a bazillion different ways to do things, and no one tool can 0wnz3r them all... it's security by obscurity, but it *does* slow the bad guys down, if not give them a nice flat spot on their foreheads.

Date: 2008-04-29 10:07 pm (UTC)
ext_12246: (skull)
From: [identity profile] thnidu.livejournal.com
Oh. By "upgrade" you meant "not Windows". Ha ha.

I don't love Windows at all, but I hate RSI more, and my speech recognition software only runs under Windows.

Date: 2008-04-30 01:31 am (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
Sorry to hear it. That's one of the places where Linux is still lagging. Complain to the vendor; if enough people ask for it they might listen.

Date: 2008-04-30 02:23 am (UTC)
ext_12246: (Default)
From: [identity profile] thnidu.livejournal.com
Not Nuance. When (then called ScanSoft) they bought the Dragon Systems products, code, and data, the CEO bragged to us staff about how tightfisted they were. They took on the engineering and sales departments but didn't figure they needed researchers. I was Chief Linguist.

Date: 2008-04-30 03:54 am (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
Pity. The world needs good open source speech recognition software; it may be years before we get it.

Date: 2008-04-29 11:11 pm (UTC)
From: [identity profile] randwolf.livejournal.com
In other words, every Windows computer is at risk by design. Oh, wow.

Date: 2008-04-29 11:14 pm (UTC)
From: [identity profile] randwolf.livejournal.com
To which I will add, to spell it out: these devices are not going to stay in the hands of police agencies; criminals and terrorists will have them, probably already do have them. I devoutly hope this is a false rumor. (It is the Seattle Times; we may hope.)

Date: 2008-04-29 11:49 pm (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
Almost certainly have them by now.

I _would_ like to see some independent confirmation, though.

Date: 2008-04-29 11:56 pm (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
Should have looked first. Is this a sufficiently authoritative source for you?

http://www.microsoft.com/presspass/features/2008/apr08/04-28CrantonQA.mspx

Date: 2008-04-29 11:46 pm (UTC)
mithriltabby: Serene silver tabby (Pirate)
From: [personal profile] mithriltabby
Now I want to get my hands on one of these and write a detector that automatically pops up a copy of the Fourth Amendment when one of these gets stuck in a Linux machine.

Date: 2008-04-29 11:52 pm (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
Heh! Probably wouldn't be hard to do with hotplug or whatever replaced it (udev? Probably).

Date: 2008-04-30 12:00 am (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
Wonder what they're selling for on the black market...
Flat | Top-Level Comments Only

Most Popular Tags

Links

Style Credit

Page generated 2025-12-30 05:09 pm
Powered by Dreamwidth Studios