My understanding, based mostly on what I've read in the press, is that
COFFEE is a set of scripts that run existing tools, making it easier
for law enforcement to do things which are already known to be
possible.  Note the words "executing 150 seperate commands," which, I
think, would be odd if this was something other than scripts, but
appear in a lot of the news stories.

For example, I believe that there are several freely available
password cracking tools and some commercial ones. For example, you can
order John the Ripper to decrypt a system password on some operating
systems.  I have no idea if a password cracker is included.

Speaking for me.

Adam

On Wed, Apr 30, 2008 at 03:36:28PM -0400, Arshad Noor wrote:
| It can be "ordered to decrypt system passwords"???  So, I wonder
| what attackers can do with this...
| 
| Arshad Noor
| StrongAuth, Inc.
| 
| "Microsoft revealed its development of a digital forensic analysis toolkit at 
a security conference yesterday as part of a wider discussion of how technology 
can be used to fight crime. The Computer Online Forensic Evidence Extractor, or 
COFEE for short, is a USB thumb drive that contains software capable of 
executing approximately 150 separate commands. Once plugged in, COFEE can be 
ordered to decrypt system passwords, display a history of internet activity, 
and search the system for evidence...."
| 
| 
http://arstechnica.com/news.ars/post/20080429-new-microsoft-law-enforcement-tool-bypasses-pc-security.html
| 
| ---------------------------------------------------------------------
| The Cryptography Mailing List
| Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to