-
- Neowin Hands-on: Windows Phone 7 review
- Did Google steal the Android logo from an Atar...
- iPhone 4 hardware revision coming at the end o...
- Digg users fight back, sabotage main page
- Windows Phone 7 released to manufacturing
- Microsoft introduces new transforming Xbox 360...
- Apple announces new iPod touch, nano and shuffle
- AMD kills off the ATI brand name
Microsoft's COFEE forensics tool leaks online
Microsoft's secret Computer Online Forensic Evidence Extractor (COFEE) has leaked online, available for all.
COFEE is a forensics tool, approximately 15MB in size that fits on a USB drive for law enforcement officials to use in PC forensics. According to Microsoft:
With COFEE, law enforcement agencies without on-the-scene computer forensics capabilities can now more easily, reliably, and cost-effectively collect volatile live evidence. An officer with even minimal computer experience can be tutored—in less than 10 minutes—to use a pre-configured COFEE device. This enables the officer to take advantage of the same common digital forensics tools used by experts to gather important volatile evidence, while doing little more than simply inserting a USB device into the computer.
COFEE can be used to locate parts of a computer's hard drive that criminals could use for identity theft, online fraud, child pornography and other such crimes. It is designed to be easy to use and quick for law enforcement officials. The small program contains 150 commands which simplify and speed up the process of data retrieval. According to a Microsoft spokesperson "an officer with even minimal computer experience can be tutored—in less than 10 minutes—to use a pre-configured COFEE device."
COFEE requires Windows XP for configuration however, it does have some Windows Vista support. According to company insiders, Microsoft is developing a new version of COFEE which will be released next year that fully supports Windows Vista and Windows 7.
Image Credit: CNET news.com
Comments (58)
+++iHazCool - 09 November 2009 - 08:10
Aww sweat man!
+Anarkii - 09 November 2009 - 08:11
Awww Tom you should of leaked the link too hehe :P
+++iHazCool - 09 November 2009 - 08:14
Ya I agree, I cant find it anywhere
ThaCrip - 09 November 2009 - 12:57
i see it on usenet but i just aint sure if it's clean or not.
it's about 14MB in size, sound about right? (i.e. COFEE v1.1.2 Installer.msi ? )
+Anarkii - 09 November 2009 - 08:29
I can :P but i cant tell you where.
Mr Tom... is it okay to post screenshots of this program? (If I get it working under Windows 7) ?
+Beastage - 09 November 2009 - 08:37
If you have this software I suggest either stay silent or delete it, having a copy of this is much much worse than having for example... 50TB of music and movies.
Techie Techerton - 09 November 2009 - 09:00
Explain.
+Anarkii - 09 November 2009 - 09:14
Why would I wanna delete it?
Nihilus - 09 November 2009 - 10:50
/me facepalms
+Anarkii - 09 November 2009 - 11:41
Ummm, RIAA is much worse than anything Interpol can do. You would get MUCH heavier punishment for having 50TB of music and movies than you would for having 50TB of CP on your machine. Remember; RIAA goes after your whole family, Interpol will go after just you. And RIAA don't hold back. :P
omni1 - 09 November 2009 - 12:27
I'm sorry but 50TB of CP would get you life in prison and a needle in your arm in some countries/states. I don't know about you but I would rather a couple of million in you-dont-actually-have-to-pay-them fines versus a needle in my arm.
I know you think you're cool and all because you grabbed COFEE off TBP or whatever but you need a serious wake up call.
Raa - 09 November 2009 - 22:27
Since when did COFEE get onto CP? I don't think that's what it's used for
lunamonkey - 09 November 2009 - 08:31
/me disables USB ports.
shhac - 09 November 2009 - 14:42
Or make the switch to USB3 (via PCI if need be).
+Anarkii - 09 November 2009 - 08:34
Cant get it to install on Windows 7 :(
I do have the pdf thou which is the manual, I can give Tom a link to it later if he pleases for additional information and or screenshots.
+Northgrove - 09 November 2009 - 08:44
I do have the pdf thou which is the manual, I can give Tom a link to it later if he pleases for additional information and or screenshots.
RTFA
profets - 09 November 2009 - 12:58
within the pdf manual, it mentions the investigator's machine, which can be XP and above, where the software is installed, and then the target machine, where the scan is performed from the usb drive - which must be windows XP
Hardware: Pentium 4 or Above
512 MB RAM
USB 1.1 or higher
50MB free hard drive space
Software: Windows XP or Above
.NET Framework 3.5 or higher
USB Removable Device
Hardware: Minimum 1GB Device
Recommended 2GB or larger
File System: FAT32 File System is recommended
Target Machine
Hardware: USB Port Enabled
Software: Windows XP*
*Windows XP is currently the only supported operating system. It is possible that COFEE will work on additional operating
systems, but these operating systems have not been tested, and are not supported.
protocol7 - 09 November 2009 - 14:23
*Windows XP is currently the only supported operating system.
Terrorists and criminal around the world will now rush to upgrade to Windows 7. What a marketing coup!
Foub - 09 November 2009 - 14:35
Terrorists and criminal around the world will now rush to upgrade to Windows 7. What a marketing coup!
Or just use a version of Linux..
.Neo - 09 November 2009 - 22:40
Or Mac OS X.