Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
In an ironic twist of fate, Microsoft's Computer Online Forensic Evidence Extractor (Cofee) crime scene reporting tool has leaked onto the net.According to the security firm Sophos and other reports, copies of the tool have surfaced on a file sharing site, and users are already downloading it. Cofee is designed to be used by crime scene investigators, letting them download the contents of a suspicious computer without the need to insert a USB key.Microsoft describes the system thus: "Computer Online Forensic Evidence Extractor (Cofee) is designed exclusively for use by law enforcement agencies. "Cofee brings together a number of common digital forensics capabilities into a fast, easy-to-use, automated tool for first responders. And Cofee is being provided — at no charge — to law enforcement around the world."Should it fall into the wrong hands it could prove a useful tool for data harvesters and thieves, security experts warn."The ability to grab a perfect copy of data from a PC without interfering with a computer is attractive to the computer crime authorities - and it's especially handy when more and more drives are using encryption and strong passwords to prevent unauthorised access," wrote Sophos senior technology consultant Graham Cluley, in his blog. "But at the same time, you can probably understand why Microsoft might wish to control who can get their paws on the software."Cluley warned that as well as using Cofee to assist them in their own malicious activities, criminals could and write their own code that " neutralises" Cofee or wipes sensitive data from their computer if they determine the tool is being run on their own machine."That might make life difficult for the computer cops when they try to dash-and-grab data from a suspicious PC," he added.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.