Bet you didn’t know Microsoft was enabling an invasion of your privacy by making your computer less secure. Aside from their usual, sloppy coding, of course.

Hackers have released an application designed to thwart a Microsoft-packaged forensic toolkit used by law enforcement agencies to examine a suspect’s hard drive during a raid.

The hacker tool, dubbed Decaf, is designed to counteract the Computer Online Forensic Evidence Extractor, aka Cofee. The latter is a suite of 150 bundled, off-the-shelf forensic tools that run from a script. Microsoft combined the programs into a portable tool that can be used by law enforcement agents in the field before they bring a computer back to their forensic lab. The script runs on a USB stick that agents plug into the machine.

The tools scan files and gather information about activities performed on the machine, such as where the user surfed on the internet or what files were downloaded.




  1. Rabble Rouser says:

    Welcome to the Police States of Amerika. Luckily, there are still some hackers out there who are on the ball.

  2. jmsiowa says:

    I wonder if having this on your computer will automatically make you suspect by the police/border patrol?

  3. Xof says:

    So glad to be on a Mac!

  4. SparkyOne says:

    Now with automatic Global Climate Change adjustments to the data, if trends are to have meaning.

  5. Somebody_Else says:

    This story is old (and misleading).

    If the cops have physical access to your machine then you’re fucked. They can get to your data with or without the toolkit. Any reasonably smart IT person can reset a Windows password.

    While I think this was a dumb move of Microsoft’s part from a PR standpoint it’s not like they gave them anything they don’t already have. It’s not a super-secret backdoor into your system.

    Encrypt your porn/sensitive data/whatever. It’s easy, and it’s the only way to be safe.

  6. araknd says:

    #2 Of course it does. You have a computer, you are automatically suspect. You must be using the computer to steal videos or music. 😉

  7. Lucas says:

    All the stuff that microsoft bundles in there for this purpose has been hacked and you can download it in it’s entirety to your pc and put it on your own USB drive so you can spy on others. Read about it about a month ago.

  8. Postman says:

    But I want the police to catch people who look at child porn, or are terrorists…

  9. Improbus says:

    @Postman

    That is sort of like letting the fox guard the hen house.

  10. qb says:

    That took a month. *grin*

  11. Zybch says:

    #3 – Thats right. Keep living in your little dreamworld under the mistaken belief that your computer is secure. Last time I checked OSX could be compromised in mere seconds.

  12. ubiquitous talking head says:

    But I want the police to catch people who look at child porn, or are terrorists…

    I want the police to catch people who cheat on their taxes. How about I want to catch people who are guilty of sedition against the US?

    Ok, I really want the police to catch people who complain about the president of the US in a threatening way. We should read everybody’s emails to make sure there’s nothing “funny” in there.

    Wow, I’ve barely gotten started. Lets see how big we can make this list of things that we think the GOVERNMENT SHOULD DO EVERYTHING IT COULD TO PREVENT. Wheeeeee.

    Naturally the whole process should be conducted in absolute secrecy (just in case they “catch” somebody who is powerful and might be embarassed… can’t have that happening.)

  13. Troublemaker says:

    So glad I switched to Apple a couple of years ago.

  14. Special Ed says:

    I’m all for putting a stop to pictures like this.

  15. sargasso says:

    A bootable version of Puppy Linux on a hardware encrypted 4GB thumb drive, with a secure VPN and Open DNS.

  16. Michael says:

    TrueCrypt with a 20 character password (numbers, letters, specials, case sensitive). Simple enough.

  17. qb says:

    #17 Michael

    TrueCrypt is a truly fine piece of software. Much better than most commercial products.

  18. bac says:

    How is this different from linux distrobutions such as CAINE, Backtrack and SystemRescueCD? I use those distros to recover data, passwords and fix other problems. With these distros, it does matter if the target machine runs Windows, MacOS or Unix (linux, BSD).

    Secure your privacy with encyption.

  19. qb says:

    #12 Zybch

    Safari, Firefox, and IE8 were all hacked through the same flaw. 2 out of 3 have been patched. I wonder which one hasn’t been patched?

  20. GF says:

    The real question is why is there any crime at all if there is a bug up everyone’s ass. Wink, wink, nod, nod.

  21. Animby says:

    15 -Special Ed: That is so disgusting. But I wonder who she gets to shave her vagina? What? That’s her navel????

    14 -Troublemaker : Enjoy your naivete.

  22. karnababy says:

    TrueCrypt is secure and easy to use. Plus, its 100% free!

  23. Zybch says:

    #20, but which ones were defeated first?
    Hmm, that would have been a fully patched and updated mac.

  24. Mr Diesel says:

    There are ways around TrueCrypt so don’t think it will protect you.

  25. Benjamin says:

    Presumably they have a warrant if they are entering your house with a thumb drive. If someone has physical access to your computer, they can hack in.

  26. Michael says:

    #25:

    If you use a simple password, of course any brute force attempt will succeed. If every computing resource was dedicated to brute forcing my 20 character (considered short) case-sensitive, letters, numbers, specials, it would take longer than the life of the universe.

    TrueCrypt cannot be “hacked” or decrypted with the password or key file. It’s not possible.

  27. Michael says:

    Damn it…meant to say:

    TrueCrypt cannot be “hacked” or decrypted *without* the password or key file.

  28. tymak2 says:

    lol at people that say so glad I am on a MAC maybe you should read pwn2own contest information in the last 3 years or so MAC OSX has been the first to get broken into… so much for the glad I am on a mac statement lol so much for xof’s post

  29. tymak2 says:

    also now in 2010 they have broken 2048 bit encryption so even TrueCrypt can be broken if someone wanted to bad enough and look at Verisign it even got broken with 200 PS3’s in a cluster server environment even though it is true that no ordinary user would have 200 PS3’s around lol


0

Bad Behavior has blocked 5744 access attempts in the last 7 days.