Jump to content

DECAFinate your COFFEE-Security related

lord_casek

By lord_casek
in Channel Zero

 Share

Recommended Posts

lord_casek

lord_casek

Posted
Posted

The goods:

http://www.decafme.org/

 

The letters strung together in semi coherent babble telling you why you

need this and what it do.

 

http://www.wired.com/threatlevel/2009/12/decaf-cofee/

 

 

Hackers Brew Self-Destruct Code to Counter Police Forensics

 

 

Hackers have released an application designed to thwart a Microsoft-packaged forensic toolkit used by law enforcement agencies to examine a suspect’s hard drive during a raid.

The hacker tool, dubbed DECAF, is designed to counteract the Computer Online Forensic Evidence Extractor, aka COFEE. The latter is a suite of 150 bundled, off-the-shelf forensic tools that run from a script. Microsoft combined the programs into a portable tool that can be used by law enforcement agents in the field before they bring a computer back to their forensic lab. The script runs on a USB stick that agents plug into the machine.

The tools scan files and gather information about activities performed on the machine, such as where the user surfed on the internet or what files were downloaded.

 

 

Someone submitted the COFEE suite to the whistleblower site Cryptome last month, prompting Microsoft lawyers to issue a take-down notice to the site. The tool was also being distributed through the Bit Torrent file sharing

 

 

This week two unnamed hackers released DECAF, an application that monitors a computer for any signs that COFEE is operating on the machine.

According to the Register, the program deletes temporary files or processes associated with COFEE, erases all COFEE logs, disables USB drives, and contaminates or spoofs a variety of MAC addresses to muddy forensic tracks.

The hackers say that later releases of the program will allow computer owners to remotely lock down their machine once they detect that it has fallen into law enforcement hands. The hackers, however, have not released source code for the program, which would make it easy for anyone to see if the program contains malware that might also harm a computer or allow the attackers to take control of it.

Update: The developers of DECAF have taken issue with Threat Level referring to them as hackers. “We’re just two developers who support the free flow of information and privacy,” one of them wrote Threat Level in an anonymous e-mail. “You could say we’re just average joes.”

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Some tits below:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

nice-tits-7825341.jpg

Link to comment
Share on other sites
This forum is supported by the 12ozProphet Shop, so go buy a shirt and help support!
This forum is brought to you by the 12ozProphet Shop.
This forum is brought to you by the 12oz Shop.
Qawee

Qawee

Posted
Posted

Re: DECAFinated your COFFEE-Security related

 

read about COFEE, if the cops have your computer, isn't it just a matter of time before they can get whatever evidence they need, i mean short of melting your hard drive remotely, i don't think they would have a hard time restoring any data or anything like that

Link to comment
Share on other sites
lord_casek

lord_casek

Posted
  • Author
Posted

Re: DECAFinated your COFFEE-Security related

 

read about COFEE, if the cops have your computer, isn't it just a matter of time before they can get whatever evidence they need, i mean short of melting your hard drive remotely, i don't think they would have a hard time restoring any data or anything like that

 

 

If it's written over a bunch, it can hinder things. If you use kevin rose's technique

you'll be good.

Link to comment
Share on other sites
Guest T14K

Guest T14K

Posted
Posted

DECAF, which supposedly disabled Microsoft's COFEE forensics tool, has been revealed as an elaborate hoax by its creators. Looks like it was created to draw attention to the fact that COFEE is actually not as effective a tool as they'd like—in fact, the hoaxers view COFEE as vastly inferior to properly trained forensics experts. So, we, like everybody else, got duped. Seems to us that software that actually could defeat COFEE would be make a stronger statement than a hoax, but we'll never know now. [seattle P-I]

link directly to this page:

http://gizmodo.com/5430123//gallery/gallery/2

read more: #remainders, #gizmodoremainders, #xperiax10, #android, #threewalrusmoon, #verizon, #iphone, #cofee, #decaf

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...