Home (Post) Mobile Authors Say Anything Register Login
« Previous Post » Next Post
Home

Tuesday, April 29, 2008

Uncle Billy provides unfettered access for Law Enforcement

By Rodney Graves on April 29, 2008 at 02:05 pm
19 Comments
Bookmark and Share

Interesting.  Seems Microsoft has been building backdoor access into it’s OS offerings, and providing the keys to Federal, State, and local law enforcement.

Microsoft device helps police pluck evidence from cyberscene of crime

By Benjamin J. Romano
Seattle Times technology reporter

Microsoft has developed a small plug-in device that investigators can use to quickly extract forensic data from computers that may have been used in crimes.

The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB “thumb drive” that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference Monday.

The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer’s Internet activity, as well as data stored in the computer.

It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.

More than 2,000 officers in 15 countries, including Poland, the Philippines, Germany, New Zealand and the United States, are using the device, which Microsoft provides free.

“These are things that we invest substantial resources in, but not from the perspective of selling to make money,” Smith said in an interview. “We’re doing this to help ensure that the Internet stays safe.”

Law-enforcement officials from agencies in 35 countries are in Redmond this week to talk about how technology can help fight crime. Microsoft held a similar event in 2006. Discussions there led to the creation of COFEE.

For the non-technically inclined, this means that anyone armed with one of these thumb drives can break passwords and encryption schemes on any system up and running with a Windows Operating system.  Shutting down and password encrypting the hard drive(s) is now the only way to effectively secure the data on your Windows PC, and *nix (Unix, linux, etc.) are looking better all the time.

I further expect this little tool to find its way to less than friendly foreign entities in short order as well.

Thanks, Bill.

Hat Tip: Walleywag

Comments

The Whistler

I guess I wouldn’t be bothered knowing that these things were insured to only come out with a valid search warrant. 

Assuming that they will fall into the wrong hands it’s very troubling that they are selling the devices.

It is somewhat likely someone will figure out how to imitate these doohickeys.  In that case I think Microsoft should be held strictly liable for the damages caused for not making this back door secure. 

I’d love to be on that Jury.

What’s going to happen to US industry when the global warming extremists like John McCain double the price of electricity?  I would think all these factories will close and set up in countries where they aren’t scared of technology.

The Whistler's signature
The Whistler on April 29, 2008 at 04:19 pm
Rodney Graves

Whistler,

This may provide the impetus for me to switch the household over to *nix (which will be a non-trivial task).

Out Here
Rodney G. Graves

Ceterum censeo Parthia esse delendam
Latin: “Furthermore, Parthia (Persia aka modern day Iran) should be destroyed.”

Rodney Graves on April 29, 2008 at 05:02 pm
2Hotel9

OK. So, who do I talk to about barring these doors? Any of y’all got a good geek for this kinda thing?

Una Salus Victus Nullam Sperare Salutem

2Hotel9 on April 29, 2008 at 05:54 pm
Rodney Graves

2H9,

If the article is accurate you have precisely two choices:

1.  Password protect both the BIOS and the Hard Drive of your system and shut down to a power off state whenever you are not actually using it.  Encrypting the hard drive may also help, but I suspect not.

2.  Move to a non-Microsoft OS such as one of the Unix or Linux distributions for PC’s.

Out Here
Rodney G. Graves

Ceterum censeo Parthia esse delendam
Latin: “Furthermore, Parthia (Persia aka modern day Iran) should be destroyed.”

Rodney Graves on April 30, 2008 at 07:24 am
The Whistler

I wonder if there’s a way of thumb drive manufactures to make an 100% uncrackable piece.  Save stuff to that rather than your hard disk.

Plus there’s probably room for a browser provider to create a product that doesn’t leave any trace.

What’s going to happen to US industry when the global warming extremists like John McCain double the price of electricity?  I would think all these factories will close and set up in countries where they aren’t scared of technology.

The Whistler's signature
The Whistler on April 30, 2008 at 08:12 am
Rodney Graves

This has potential:

http://www.thinstall.com/solutions/usb_apps.php

Out Here
Rodney G. Graves

Ceterum censeo Parthia esse delendam
Latin: “Furthermore, Parthia (Persia aka modern day Iran) should be destroyed.”

Rodney Graves on April 30, 2008 at 08:15 am
The Whistler

According to Jerry Pournelle you can already run open office and some other programs from your flash drive. 

Of course there’s more reason than espionage to want to secure those.  After all you might lose it.

What’s going to happen to US industry when the global warming extremists like John McCain double the price of electricity?  I would think all these factories will close and set up in countries where they aren’t scared of technology.

The Whistler's signature
The Whistler on April 30, 2008 at 08:19 am
likwidshoe

2Hotel9 - OK. So, who do I talk to about barring these doors?

Your easiest bet is to go with an external hard drive connected via a USB cord while keeping your computer anonymous with few identifying characteristics. The external hard drive can also be an MP3 player, a cell phone, or a USB stick.

You’re not going to bar the doors. You can only hide from the attacker which in this case are the authorities from around the world, at least until it gets into the hands of hackers.

The external hard drives are fairly cheap nowadays. This is the one I use. I have to warn you that it runs a little hot, so it’s probably a good idea to check out another model. Keep in mind that they make them smaller and more portable, so if you have really sensitive stuff, it’s best to keep it completely separate from the computer. Easy portability is key. Assume that the computer will be physically compromised.

That answer your question?

likwidshoe on April 30, 2008 at 08:53 am
2Hotel9

I have a Western Digital external that I put all my large documents and PDFs and video clips into so they are not taking up space in the laptop. And Wifey has 2 externals for all the video and audio from her, er, activities.

Here is an article on this from BetaNews. Seems a bit o’two steppin’ is going on over at Microsoft.

Neither of us have anything that Jonny Law would find of any interest, anyway. It just pisses me off that this crap is happening at all.

Una Salus Victus Nullam Sperare Salutem

2Hotel9 on May 1, 2008 at 05:35 am
ellinas

Why is it a surprise that uncle Sam and uncle Bill are holding hands?

ellinas on May 3, 2008 at 08:04 am
2Hotel9

No, e. The question is why are Democrats not screeching&wailing about this obvious breech of civil rights? Why are they OK with this?

Una Salus Victus Nullam Sperare Salutem

2Hotel9 on May 3, 2008 at 03:35 pm
ellinas

Hey bud. Didn’t hear any republicans cying about it either.

ellinas on May 3, 2008 at 09:46 pm
Rodney Graves

Elinas,

I’d encourage you to enroll in a remedial reading comprehension course, but I suspect what actually ails you is not subject to remediation via education.  There is, after all, no educational cure for idiocy.

Out Here
Rodney G. Graves

Ceterum censeo Parthia esse delendam
Latin: “Furthermore, Parthia (Persia aka modern day Iran) should be destroyed.”

Rodney Graves on May 3, 2008 at 11:55 pm
Carrick

For the non-technically inclined, this means that anyone armed with one of these thumb drives can break passwords and encryption schemes on any system up and running with a Windows Operating system.

If they can break passwords, that means that the underlying encryption scheme for the passwords is vulnerable.  Given that this is Microsoft, that is easily to believe.

Another choice is MacOS.  Linux is actually more vulnerable than Windows. MacOSX on the other hand has yet to see its first true virus (trojan horses, which require a click from the user, don’t count).

Carrick on May 4, 2008 at 12:41 am
ellinas

Dearest Rodney. I meant to say politicians of the republican persuasion not bloggers. Forgive me.

ellinas on May 4, 2008 at 06:17 am
2Hotel9

Bullshit.

Una Salus Victus Nullam Sperare Salutem

2Hotel9 on May 4, 2008 at 08:02 pm
ellinas

Bullshit.
2Hotel9 on May 4, 2008 at 08:02 pm

Is that what comes out of your mouth?

ellinas on May 5, 2008 at 09:43 am
2Hotel9

It is what comes out of your head.

Una Salus Victus Nullam Sperare Salutem

2Hotel9 on May 5, 2008 at 09:49 am
ellinas

I love you too, sweet pea!!!!!!

ellinas on May 5, 2008 at 10:25 am
Page 1 of 1        

Post a Comment


Before commenting, please recite:

Grant me the serenity to ignore the trolls,
the courage to debate with honest opponents,
and the wisdom to know the difference.

Name   
Email   
URL   
Human?
  
 
 @ 
<a>
Close Tags

Upload Image    

Remember my personal information

Notify me of follow-up comments?

Note: Notifications will only be sent to confirmed email addresses. Confirm your email address here.