Microsoft helps police extract evidence
We learn from Seattle Times of a new bit of technology that allows law enforcement to bypass all security on a Windows computer.
One more reason to switch to Llinux i guess... if only games would work on Linux ... oh dear ...
The COFEE, which stands for Computer Online Forensic Evidence
Extractor, is a USB "thumb drive" that was quietly distributed to a
handful of law-enforcement agencies last June. Microsoft General
Counsel Brad Smith described its use to the 350 law-enforcement experts
attending a company conference Monday.
The device contains 150 commands that can dramatically cut the time
it takes to gather digital evidence, which is becoming more important
in real-world crime, as well as cybercrime. It can decrypt passwords
and analyze a computer's Internet activity, as well as data stored in
the computer.
It also eliminates the need to seize a computer itself, which
typically involves disconnecting from a network, turning off the power
and potentially losing data. Instead, the investigator can scan for
evidence on site.
More than 2,000 officers in 15 countries, including Poland, the
Philippines, Germany, New Zealand and the United States, are using the
device, which Microsoft provides free.
|
