So you see Stanley, we don't need you.
Posted on 05/02/2008 5:02:14 PM PDT by Dawnsblood
Last Summer, Microsoft Corporation quietly introduced a powerful tool for getting past security on laptops and PCs running the Windows operations system (which about 90 percent do). The device is a USB thumb drive called COFEE (Computer Online Forensic Evidence Extractor). When you capture an enemy computer, you plug in COFEE and then use over a hundred software to quickly get whatever information is on the machine. COFEE can quickly reveal passwords, decrypt files, reveal recent Internet activity and much more. A lot of this can be done without COFEE, but with the Microsoft device, intelligence collection is a lot faster.
Microsoft has distributed thousands of COFEE devices to police and military intelligence personnel in the United States, and some foreign countries. COFEE was developed mainly to assist the investigation of Internet based crime. But military intelligence operators find it very useful in uncovering enemy plans. Islamic terrorists love their laptops, and never go killing without them.
And taht is why naughty stuff should be done in Linux.
PING!
It is really quite easy to disable USB drives on a Windows machine. It’s just a few registry entries, and then this device would be useless without an admin account on the target machine.
So you see Stanley, we don't need you.
Does anyone think it unwise to alert the “Evil Doers” that Mr. Softee might be on to them?
Microsoft has distributed thousands of COFEE devices to police and military intelligence personnel in the United States, and some foreign countries.
Any device that was distributed “by the thousands” to police and military, has almost certainly been obtained by criminal organizations by now
It seems that most of Bill’s recent speeches contained something or other about identifying/monitoring individual users (e.g., personal handwriting signature recognition by tablets, tabletops,...).
This COFFEE software has to be available on the Internet by now. I want to download a copy.
All of the really good USB exploits for Windows operate at the BIOS on the motherboard. I have yet to test a really good Windows port security program that could withstand rudimentary hacking.
I don't really care what you've done with your registry entries. If I can get physical access to your computer I own the box. If you are connected to the network, I own the network. I can create hidden Administrator accounts on every WIndows device your computer "sees" on the network in a matter of seconds. Exploitation of trust relationships and escalation of privileges is trivial in Windows.
You don't even need an exploit to do this. You can buy WinKey from PassAware and do the same thing with a USB drive, DVD, or CD. The only difference is that you will make log entries, leave tracks showing that you did it, the machine will require a reboot, and the process takes minutes instead of seconds.
BINGO!
Poor writing skills aside, there is no back door here. It automates commands that would normally have to be entered by hand on a logged-in computer. I’ll grant there may be a rainbow brute force cracker, but those have been freely available for years now.
Much ado about nothing, but y’all can feel free to enjoy the knot in your panties.
If the usb device is bootable, as long as it can read the filesystem, it doesn’t matter if it’s a windows box, Linux machine, Apple, BSD. As long as the filesystem isn’t encrypted, you can read it. And if you are from NSA you can read anything, encrypted or not.
Jack
I believe the point was this Tech eventually falling into the hands of ID and Data theives....
That would be the government snoops who have no inherent right to your information.
The 4th amendment states the people shall be secure in...their papers....;oh silly me,I forgot the Bill of Rights is only a piece of paper.
There is a back door into EVERY program and operating system. Programmers can't help it. They are nosy.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.