By Dan Goodin in San Francisco
14th December 2009
Hackers have released software they say sabotages a suite of forensics
utilities Microsoft provides for free to hundreds of law enforcement
agencies across the globe.
Decaf is a light-weight application that monitors Windows systems for
the presence of COFEE, a bundle of some 150 point-and-click tools used
by police to collect digital evidence at crime scenes. When a USB stick
containing the Microsoft software is attached to a protected PC, Decaf
automatically executes a variety of countermeasures.
"We want to promote a healthy unrestricted free flow of internet traffic
and show why law enforcement should not solely rely on Microsoft to
automate their intelligent evidence finding," one of the two hackers
behind Decaf told The Register in explaining the objective of the
Microsoft has been pouring free COFEE to law enforcement officers since
at least mid 2007. Short for Computer Online Forensic Evidence
Extractor, it packages forensics tools onto an easy-to-use USB stick
that allows investigators to collect browsing history, temporary files
and other sensitive data from most Windows-based machines. COFEE is
distributed through Interpol.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News