From the "what could possibly go wrong" department, Microsoft just announced that they've developed a simple one-button tool to break into a computer and suck down an entire hard drive's contents onto a thumb drive:
COFEE, a preconfigured, automated tool fits on a USB thumb drive. Prior to COFEE the equivalent work would require a computer forensics expert to enter 150 complex commands manually through a process that could take three to four hours. With COFEE, you simply plug into a running computer to extract the data with the click of one button --completing the work in about 20 minutes.
It's basically a whole bunch of existing password guessers and other cracking software into a single one-touch device — and since it works on the live computer it can bypass encrypted disks like Vista's BitLocker so long as the user is still logged in.
Apparently Microsoft isn't concerned that they're building tools that can turn any two-bit felon into a highly-skilled data thief, or that they're providing products that exploit their very own security holes. After all, they're only supplying these devices to law enforcement — so what could possibly go wrong?
Posted by bug to Security at April 30, 2008 9:54 AMWell such tools already exist in various formats already, including open source versions that run on ipod linux and whatnot. The only innovation here is that it's officially sanctioned by MS.
Posted by: Mort at April 30, 2008 10:59 AM