Quote :

"Computer Online Forensic Evidence Extractor The Computer Online Forensic Evidence Extractor (Cofee) is a USB thumb-drive developed by Microsoft that was distributed to more than 2000 law-enforcement officers in 15 countries including the United States, Germany, New Zealand and Poland. Software on the device supports more than 150 commands that eliminates the need to seize the computer from the scene because it can gather the evidence right there. The commands can be used to decrypt passwords, analyze the Internet activity and data that is stored on the computer. The advantage of this method is that data can be analyzed while the computer is still connected to a network or the Internet which would not be possible of the computer would be seized. Some blogs have gone so far as to assume that Microsoft would give Vista backdoor keys to the police but the original article at the Seattle Times did not mention that at all. The tools on the USB device provide a set of commands that speed up the evidence gathering process and allow that process to be started while the computer is still running in its local environment. The original Seattle Times article seems to support that by quoting the head of the Special Assault Unit in the King County Prosecuting Attorney’s Office. The 35 individual law-enforcement agencies in King County, for example, don’t have the resources to investigate the explosion of digital evidence they seize, said Johnson, who attended the conference. “They might even choose not to seize it because they don’t know what to do with it,” she said. “… We’ve kind of equated it to asking specific law-enforcement agencies to do their own DNA analysis. You can’t possibly do that.” I think it is fair to assume that Microsoft is providing the tools and probably even the training, or at least training manuals, so that law-enforcement agents won’t face the decision of what to do with the computers. "

http://seattletimes.nwsource.com/html/microsoft/2004379751_msftlaw29.html

I'm looking for a copy of this to put on a thumb drive.

any help?


[Edited on May 2, 2008 at 1:53 PM. Reason : ?]

5/2/2008 1:52:05 PM

Download helix.

Same thing. OSS.

5/2/2008 1:52:47 PM

I can't even find a list of "commands" or what software is on it exactly.

5/2/2008 1:54:05 PM

man, I wish I had thought of this. I have all these tools on my thumbdrive but never thought to sell them as a security package

5/2/2008 3:41:30 PM

Noen?


joeschmoe?


can you guys get a list of the software on this piece?

5/5/2008 11:11:30 AM

http://www.dailytech.com/article.aspx?newsid=11692

interesting program in the comments:
http://wiki.hak5.org/wiki/USB_Switchblade

5/6/2008 10:56:59 AM

Quote :

"COFEE works by being plugged into a running system where a user has already logged on."

It's not anything new. It's not some super secret program. There are no backdoors in Vista.

5/6/2008 11:31:20 AM

Quote :

"There are no backdoors in Vista."

i have a hard time believing that

5/6/2008 12:51:42 PM

it doesn't sound like anything at all...

Quote :

"Essentially a USB thumb drive pre-loaded with about 150 publically available tools,"

5/6/2008 12:54:55 PM