Results 1 to 2 of 2

Thread: Microsoft's COFEE forensics tool leaks online

  1. #1
    Resident Nutter InsaneNutter's Avatar
    Join Date
    May 2007
    Yorkshire, England
    Blog Entries

    Default Microsoft's COFEE forensics tool leaks online

    TorrentFreak report Microsoft’s much sought-after COFEE law-enforcement forensic tool has leaked onto the Internet. One user uploaded it to private tracker to collect a huge 1.6tb bounty. However, in a sensible move, the admins of the site took action to remove the link and ban further sharing of the tool via the site.

    “Law enforcement agencies around the world face a common challenge in their fight against cybercrime, child pornography, online fraud, and other computer-facilitated crimes,” says the marketing blurb on Microsoft’s site.

    “They must capture important evidence on a computer at the scene of an investigation before it is powered down and removed for later analysis. ‘Live’ evidence, such as active system processes and network data, is volatile and may be lost in the process of turning off a computer. How does an officer on the scene effectively do this if he or she is not a trained computer forensics expert?”

    Using COFEE, of course.

    The Computer Online Forensic Evidence Extractor (COFEE) is a piece of software designed for the use of law enforcement agencies, and provided to the same free of charge by Microsoft. And, largely because of its mystique, has been a much sought-after piece of code.

    Indeed, on the private tracker, users had offered a huge bounty (a reward for finding and sharing something) of 1.6 terabytes.

    During the last day or so, a user – who had only been a member for a matter of weeks – uploaded COFEE.

    However, then took the unusual step of removing the torrent. Not just an unusual step but, in my opinion, a very sensible step indeed.

    “Suddenly, we were forced to take a real look at the program, its source, and the potential impact on the site and security of our users and staff,” said management in a statement.

    “And when we did, we didn’t like what came of it. So, a decision was made. The torrent was removed (and it is not to be uploaded here again),” they added.

    According to the site’s staff, neither them or their host was threatened by Microsoft or law enforcement. The decision was taken purely on the issue of site and member security.

    Of course, the tool is now widely available from other sources and while some are saying that the tool is useless to regular Internet users, there are others who disagree. It certainly won’t take long for a detailed analysis to appear.

    There will doubtless be lots of finger-wagging and complaints that this tool has become available in this way, but as with unexpected leaks of anything from software, to movies, to music, rarely is the finger pointed at the initial supplier of the material. That is usually way too embarrassing to reveal.

    Have a question or need help? Post on the forum, thats why it's here.
    I will only reply to Digiex related issues via PM, not general help requests.

    XB1: Launch console - 500gb internal drive, 4tb external drive
    360: Jasper - 1tb drive - jtag hacked running the 17150 dashboard
    360: Falcon - 500gb drive hacked with hddhackr, not flashed

  2. #2

Similar Threads

  1. Site Leaks Microsoft Online Surveillance Guide, MS Demands Takedown
    By InsaneNutter in forum News and Article Submission
    Replies: 6
    Last Post: 28-02-10, 21:14
  2. Windows Home Server Codenamed Vail leaks
    By InsaneNutter in forum News and Article Submission
    Replies: 3
    Last Post: 07-02-10, 10:42
  3. Halo 3 ODST leaks to the internet 20 days before release
    By Hoffman in forum News and Article Submission
    Replies: 16
    Last Post: 07-09-09, 12:24

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
About us
Digiex is a technology and gaming forum, founded in 2004 by InsaneNutter and Nimrod. Digiex has served the internet community with breaking news, detailed guides, exclusive downloads and a popular discussion forum. A small, friendly community of like minded people has developed over the years. People are encouraged to register and participate in on-going discussions.
Join us