Microsoft COFEE, the Most Illegal Stuff You Can Pirate?

Downloading and using software intended for law enforcement use only is a really bad idea. Seriously.

Quote:

Yep, it's all out there on the internet, but if you use it to grab private data from someone else's computer chances are you're in for a world of legal hurt. It's one of the few pieces of software I can think of where the subsequent use is more illegal than the act of downloading it.

Quote:

Originally Posted by Steve

Downloading and using software intended for law enforcement use only is a really bad idea. Seriously.

Not really. The program does what a collection of freeware can do already, just in one program made for law enforcement who don't have time to run multiple programs.

Quote:

Originally Posted by Madalienmonk

...made for law enforcement...

Precisely..."MADE FOR LAW ENFORCEMENT". It's exactly what it sounds like

Oh man, this is just too funny. Seriously folks real depts don't need or use this bs software but it does go to show the lengths to which a corporation will go to cooperate with law enforcement. I know for a fact that the pen and data analysis tools used by high tech task forces in major depts( i.e. LA, NY, not some podunk sheriff county dept) are either freely available or hand-rolled software... you just have to have the skill or training to use them.

Quote:

Originally Posted by stop!theradio

Precisely..."MADE FOR LAW ENFORCEMENT". It's exactly what it sounds like

as in major antivirus/antispyware suites will overlook it? (not that i have anything to hide )

Quote:

Originally Posted by _G_

as in major antivirus/antispyware suites will overlook it? (not that i have anything to hide )

Now that it is out on the net, perhaps our anti spyware and A/V should not be overlooking any more.

Eh how useful is this if somebody is running ubuntu or OSX? What about win7 and bitlocker? Any Computer Forensic Expert worth his salt will not be relying on this piece of software to catch criminals

Nate

This is exaclty why leaving back doors in encryption so law enforcement can still access it is a bad idea. Might as well not encrypt anything if people can just download software to bypass it, even if it is "MADE FOR LAW ENFORCEMENT"
And I am sure that the "FREEWARE" versions of it are also not legal as there just renamed versions of COFEE basicly.

not the most, but its up there.

trucrypt ftw

Quote:

Originally Posted by FLECOM

trucrypt ftw

...doesn't help much if a rootkit designed for law enforcement is logging your keys and copying your hashes (don't know if those can specifically do this).

Quote:

Originally Posted by quixotic

...doesn't help much if a rootkit designed for law enforcement is logging your keys and copying your hashes (don't know if those can specifically do this).

na if you read the article it sounds like its just meant to get you into a machine after it has been collected as evidence...

basically like what you could do with say, a Hiren's boot cd... just from MS

Quote:

Originally Posted by FLECOM

na if you read the article it sounds like its just meant to get you into a machine after it has been collected as evidence...

basically like what you could do with say, a Hiren's boot cd... just from MS

Except it's made by the company that makes the OS most people are using.. So it makes one wonder what MS has programmed into the OSs to specifically work in conjunction with COFEE to subvert any security software added to the OS, as well as probably acting as a universal passkey to bypass any Microsoft designed security software.

Damn, maybe I'd better stop before I wind up sounding like a tin foil hat wearing mofo.

I'm just not very keen on close corporate/government relationships. It just seems in those situations the little guy winds up taking it in the ass in some way every time.

Quote:

Originally Posted by UrielDagda

Except it's made by the company that makes the OS most people are using.. So it makes one wonder what MS has programmed into the OSs to specifically work in conjunction with COFEE to subvert any security software added to the OS, as well as probably acting as a universal passkey to bypass any Microsoft designed security software.

Damn, maybe I'd better stop before I wind up sounding like a tin foil hat wearing mofo.

I'm just not very keen on close corporate/government relationships. It just seems in those situations the little guy winds up taking it in the ass in some way every time.

not really any less secure than going to a linux box in single user mode and resetting the root password...

face it ANY os in its vanilla state is going to be pretty easy to get into if you have the box in front of you... hell you can just take out the HD and put it in a USB enclosure and get whatever you want off of it 99% of the time

Quote:

But if you use it to grab private data from someone else's computer chances are you're in for a world of legal hurt. It's one of the few pieces of software I can think of where the subsequent use is more illegal than the act of downloading it.

That's nice of the article to say, however they fail to mention which law one would be breaking via the use of such software.

Could someone please enlighten me on this subject? I use software with similar functionality all the time in my job for legitimate data recovery purposes, is there really a law which specifically names the techniques utilized by such applications? Or is this one of those vague cases were the intent is defined somewhere under law, more so than the technical specifics?

In any case, could somebody please find the law these people are alluding to. Truly, I want to know.

Quote:

Originally Posted by Jimb0

That's nice of the article to say, however they fail to mention which law one would be breaking via the use of such software.

Could someone please enlighten me on this subject? I use software with similar functionality all the time in my job for legitimate data recovery purposes, is there really a law which specifically names the techniques utilized by such applications? Or is this one of those vague cases were the intent is defined somewhere under law, more so than the technical specifics?

In any case, could somebody please find the law these people are alluding to. Truly, I want to know.

These are the things that I want to know...

Quote:

Originally Posted by quixotic

...doesn't help much if a rootkit designed for law enforcement is logging your keys and copying your hashes (don't know if those can specifically do this).

Trucrypt isn't written by MS and is based on open encrypted standards. This "COFEE" software wouldnt be helpful with a trucrypt partition.

I use linux loopback aes-256 with 20 character strong password. It's where I keep my nuclear weapons how-to guide.

I'll weigh in on this just for the fun of it. I spent 10 years working as the Director of Information Technology for a County in the Midwest. During that time I worked very closely with the Sheriff's Dept, on several occasions assisting with the collection of forensic data on computers. I also gave lectures to LEOs on how to gather electronic evidence at crime scenes and the proper protocols and procedures that they should use. They were also taught how to recognize what "is" electronic evidence (you can all imagine how many gadgets can store data). All of my training materials were provided to me by the FBI and Secret Service, they have some great publications and field guides. I also was a guest lecturer on forensics at a near by college and wrote my own bootable Linux forensics toolkit CD. So I'd like to think I have a bit of experience in the area.

In the world of local law enforcement many of the comprehensive tool suits such as Encase are very cost prohibitive. Things like portable disk duplication hardware with write blockers can end up costing thousands of dollars for a single kit. So free tools are looked at with great interest. COFEE is one such tool. Sure there are plenty of freeware and GPL products that can do the same things, but what local LEO's do not have in most cases is dedicated personnel who can take the time out from their regular duties to learn to use these applications and to keep up with developing technology. Another important aspect of the tool suites is the report generating, keep in mind that you need to be able to produce evidence in a way that can be presented to a judge and jury in most cases. Being easy to read, follow and understand is essential. It also helps greatly if the suite has been used in other cases around the country that you can use for citations. Meaning that it has been successfully court tested.

Is software like this illegal to use? Well that depends. As with most things intent has a lot to do with it. Accessing somebody else's machine without permission, this will get you into hot water. Using a forensic tool to recover lost data for a client who owns the machine, not at all.

I can't say as to whether using COFEE for legitimate purposes without being a LEO would get you into trouble or not. I guess that would depend on if the EULA is enforcable or not where you live.

Quote:

Originally Posted by inotocracy

Trucrypt isn't written by MS and is based on open encrypted standards. This "COFEE" software wouldnt be helpful with a trucrypt partition.

I know, but you have to use your credentials to encrypt or access the data encrypted by it, which can easily be stolen with OS tools.