vista hacked.pngThere is a lot of incorrect information going around the Internet right now about how Microsoft is helping out law enforcement with some forensic tools they are providing on USB drives. The tool is called COFEE (Computer Online Forensic Evidence Extractor), and over 2,000 of these handy little things have been given out to 350 different agencies. Their goal: to help collect data from PC’s that are part of an investigation.

Many sites out there are classifying this as the secret backdoor that we’ve all assumed has been in Windows since its conception. Some are claiming that in seconds the tool will hand over all of your passwords and decrypt any information on your hard drive. That’s an interesting concept, but not exactly how it works.

Ed Bott thankfully jumped all over the ridiculous assumptions people were making about how these tools worked. The original article from the Seattle Times even includes an update straight from a Microsoft spokeswoman saying that the tool “does not circumvent Windows Vista BitLocker encryption or undermine any protections in Windows through secret ‘backdoors’ or other undocumented means.

Tools like this are not anything new, and merely automate the process of grabbing specific data from hard drives. There’s even a tool called USB Switchblade that can stealthily get system information, the local password database, Microsoft product keys, wireless network passwords, browser/email passwords, browsing history, and more. It can do all of that by plugging in a USB device and giving it about 45 seconds to run.

There really hasn’t been any details as to what the 150 tools on the device actually do, but you can bet it’s nothing that a forensics team can’t already do given a little more time. It’s said to do 4 hours worth of work in 20 minutes thanks to a lot of automation, but it’s not using any super-cool backdoors that only Microsoft knows about. Sorry, but I guess that secret backdoor is still resting safely in the Microsoft vault. I mean really, if I created an awesome backdoor in an operating system being used by hundreds of millions of people I wouldn’t go blatantly handing it out. I’d do something cool like start a website that only provides leaked info about products and services using information retrieved from top-secret PC’s. ;)

[part of the image via Future Lawyer]

There Are 6 Comments

  1. The worst thing about all this falsely reported news is the amount of people who will never see that the information was actually incorrect. It’d be nice if websites did a little more research before posting news.

  2. The story was misreported and that is unfortunate. However, keep in mind that without being able to read the source code one can’t say if there are backdoors or not.

  3. Patrick wrote:
    The worst thing about all this falsely reported news is the amount of people who will never see that the information was actually incorrect. It’d be nice if websites did a little more research before posting news.

    I definitely agree with you. A lot of people will likely use this as another reason to hate Windows, which is pretty stupid since they weren’t given the right info in the first place.

    raindog wrote:
    The story was misreported and that is unfortunate. However, keep in mind that without being able to read the source code one can’t say if there are backdoors or not.

    That’s true, but it would be a little crazy of Microsoft to mass distribute it then. Cause you knew darn well that it will leak at some point.

  4. raindog wrote:
    The story was misreported and that is unfortunate. However, keep in mind that without being able to read the source code one can’t say if there are backdoors or not.

    Exactly!

    [theforbiddenknowledge.com]
    [en.wikipedia.org]

    When I read this news, my long held desire to convert to Linux became a mandate. While you could argue even this isn’t definitive evidence of a backdoor in Windows, I don’t believe a corporation founded and run by Bill Gates deserves the benefit of the doubt, especially if it involves cooperation with the US government, especially the NSA.

  5. curtissthompson wrote:
    When I read this news, my long held desire to convert to Linux became a mandate. While you could argue even this isn’t definitive evidence of a backdoor in Windows, I don’t believe a corporation founded and run by Bill Gates deserves the benefit of the doubt, especially if it involves cooperation with the US government, especially the NSA.

    True, but would Microsoft really be dumb enough to give this information out to so many agencies? It’s gotta leak at some point, and if there is any doubt as to the methods used to retrieve the data they will be in for a rude awakening.

  6. I don’t have any real reason to believe COFEE is necessarily using a backdoor built into Windows, though much isn’t known about the 150 tools on the device. I was merely illustrating another instance where there’s strong evidence to support a backdoor built into Windows, albeit for slightly different purposes.

Leave Your Comment


Message is the only required field.
Emails are not published.