Results 1 to 5 of 5

Thread: MICROSOFT COFFEE

  1. #1

    MICROSOFT COFFEE

    I may be late to the party but I accidently stumbled onto several articles and downloadable sites related to Microsoft Coffee. Microsoft pulled the download. It is hyped as being able to break into protected and encrypted "live" systems. It is only for law enforcement people with no forensic background. Ironic that someone with security clearances leaked it. I find it disturbing it is also being leaked all over the Internet. Is this program just for Micosoft products only? Can it attack online services? Any member at *AO using it? I'm sure hackers ripped open the api for their own deeds.

    More information:

    http://www.microsoft.com/industry/go....aspx#get_info

    You can download here:

    http://wikileaks.org/wiki/Microsoft_...on%2C_Sep_2009

    Freak out here:

    http://gizmodo.com/5399377/microsoft...you-can-pirate

  2. #2
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,883
    Did you look at the program at all, or just post about it and ask questions?

    from the users guide:
    Target Machine
    Hardware: USB Port Enabled
    Software: Windows XP*
    *Windows XP is currently the only supported operating system. It is possible that COFEE will work on additional operating
    systems, but these operating systems have not been tested, and are not supported.
    So obviously it needs to be a windows XP machine you are checking, and you have to have access to the USB port.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  3. #3
    Quote Originally Posted by souleman View Post
    Did you look at the program at all, or just post about it and ask questions?
    Nope but you did. For the record, I don't dwell in illegal activities. Besides reading comments from other downloaders, it's a worthless, lame program.

  4. #4
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Interesting...............

    It looks like a cost saving and resource optimisation exercise to me.

    This enables the officer to take advantage of the same common digital forensics tools used by experts to gather important volatile evidence, while doing little more than simply inserting a USB device into the computer.
    So you would certainly need physical access rather than an online connection.

    I don't know about you guys, but over here computer forensics resources are scarce and expensive. This probably means that a lot of leads are not followed up due to budget and time constraints.

    I could be wrong, but if the tool works it should indicate if there is anything worth pursuing further and greatly improve the effectiveness (strike rate) of the mainstream forensics facilities.

    There might also be a PR angle to it, as it would avoid the annoyance and embarrassment of seizing equipment, keeping it for weeks or months and then finding nothing?

    EDIT:

    I wonder to what extent this product would be acceptable in a court to the extent that EnCase generally is?............witnesses? MD5 hashes?
    It would seem to me that unless you create a certified copy of the drive BEFORE you do anything you will have just tainted the crime scene?

    I am now thinking that it won't be that much of a help to the scene of the crime officers as they will still have to take the equipment and go through recognised procedures?

    Where it might help, is by allowing the preliminary investigation to be carried out by semi-skilled personnel? After all EnCase is expensive and it requires quite a lot of expensive and time consuming training.

    At the end of the day you are still faced with the usual computer forensics problem of proving who was actually using the computer when the offence was committed, and that they actually did it.
    Last edited by nihil; December 20th, 2009 at 02:48 PM.

Similar Threads

  1. August security hotfixes
    By mohaughn in forum Microsoft Security Discussions
    Replies: 1
    Last Post: August 9th, 2005, 07:37 PM
  2. October MS updates
    By mohaughn in forum Microsoft Security Discussions
    Replies: 2
    Last Post: October 13th, 2004, 04:31 AM
  3. Evolution of a Linux User
    By gore in forum Tech Humor
    Replies: 9
    Last Post: October 1st, 2003, 08:53 PM
  4. Securing Windows 2000 and IIS
    By spools.exe in forum Microsoft Security Discussions
    Replies: 0
    Last Post: September 15th, 2003, 09:47 PM
  5. Lol Now I Know Why Everyone Hates Microsoft!!!
    By NUKEM6 in forum Non-Security Archives
    Replies: 10
    Last Post: January 24th, 2002, 06:21 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •