Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 30th, 2008

Law Enforcement Get Around Encryption With Microsofts Help

Microsoft has reportedly developed a USB key that allows investigators to extract forensic data from PCs. The tools called “COFEE” (Computer Online Forensic Evidence Extractor) comes in a USB key form factor, and was distributed to a small number of law-enforcement agencies last June. The device includes 150 tools that allow investigators to extract internet history files and “decrypt passwords”. COFEE also allows investigators to upload data for analysis.

The device is used by more than 2,000 officers in at least 15 countries, including Germany and the US. Microsoft supplies the technology to law enforcement agencies without charge. The tool reportedly allows investigators to scan for evidence on site without necessarily having to cart PCs back to a lab.

Computer forensics is a painstaking process carefully designed to make sure data on a suspect computer isn’t changed – simply plugging a device into a computer to extract data seems like a quick and dirty fix. The admissibility of such data in court in debatable even before we get into considering the possibility that the USB key might contain malware.

The extraction and analysis of digital evidence features in the investigation of more on more crimes, not just those specific to computers such as internet fraud and child abuse investigations. UK specialists said they’re struggling to cope with the volume of work from law enforcement clients. There’s a genuine problem here, but we’re not convinced COFEE is the solution.

Ironically, COFEE can not help investigators when Windows Vista is installed on suspect`s PC. COFEE can not decrypt files that were encrypted using BitLocker technology.

Share this item with others:

More on CyberInsecure:
  • Fake Microsoft-like Sites Attempt To Install Malware
  • Data From 56 Law Enforcement Agencies Stolen By Antisec, 10GBs Of Emails From 300 Accounts Posted Online
  • Radisson Hotels Breached, Sensitive Customer Data Exposed
  • GSM Encryption Cracked, 4.3 Billion Mobile Phones Affected
  • Houghton Mifflin Harcourt Server Breached In Mass Web Attack

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Law Enforcement Get Around Encryption With Microsofts Help

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.