Microsoft's COFEE Computer Forensic Tools Leaked
from the that-can't-be-good dept
Last year, we wrote about Microsoft’s COFEE tools, which are a set of computer forensic and auditing tools that Microsoft puts on a USB key and gives to law enforcement to use in trying to extract info from a computer. There was some fear that it was a “back door,” but people insisted it was no such thing, but just a collection of basic tools. Still, the fact that the system was promoted as being useful for decrypting passwords and analyzing a computer’s data and internet activity seemed troubling. We noted that if Microsoft was giving it out to law enforcement, it seemed likely that others would have access to it as well.
Well, late last week, reports started showing up noting that COFEE itself had been leaked to various file sharing sites. Apparently, the program had been quite sought after at private tracker What.cd — though, after it was leaked there, the admins actually removed the torrent.
Still, you have to imagine that the software is very much out there. So, the question still remains, is this a big deal or not? When we did our original post, many people insisted that there was no big deal in Microsoft COFEE and it was just basic everyday auditing software. Yet, when even What.cd is removing the torrent, claiming they “didn’t like” what they saw when they examined the software, in terms of “the potential impact on the site and security of our users and staff,” it does raise certain questions that are similar to those we originally raised.
So, once again, let’s get some feedback from the folks reading here. Is this really a big deal? Or is it just your ordinary tools?