Hackers issue DECAF toolkit

Sabotages any attempts to use forensics software COFEE on a computer

15 December 2009 10:15 GMT / By Duncan Geere

In the middle of 2007, Microsoft developed a suite of applications called COFEE that allows police officers at crime scenes to extract forensic-quality digital evidence from computers with the aid of a USB stick.

That software leaked to the Web earlier in the year, to the delight of the hacker community, who immediately set about producing a suite of apps that anyone can run on their PC to protect themselves from Microsoft's evidence-collection tools. It's called DECAF, and has just been released on the Web.

We haven't used or analysed it to test whether it does what it says, so it's entirely at your own risk, but it's claimed that it contains a bunch of safeguards activated on the detection of files or processes that are associated with COFEE. It can disable USB drives, wipe temporary files and spoof mac addresses, among other things.

While Microsoft hasn't had any luck with its lawyers' attempts to get COFEE removed from public availability, this will further put the boot in to the usefulness of the software as an evidence recovery tool.

Via: theregister.co.uk

>> Comment on this story

Full tags

Software, Hacking, COFEE, DECAF, Security software

UK Shopping

Amazon.co.uk, play.com, pixmania.co.uk, Currys.co.uk, Dixons.co.uk, 7dayshop.com, ebay.co.uk

US Shopping

Amazon.com, bestbuy.com, ebay.com

Latest in Software

Latest on Pocket-lint

Comments

Is decaf.org site been hacked?

'I too would still be swallowed up in my prideful and selfish ways. I would still be with my addictive behaviors; womanizing, pornography, stealing, hacking, lieing, manipulating, and fighting. DECAF would have been a perfect way to feed my sin. Instead I used it as a way to bring you a message. A message of freedom, a message of peace, a message of transparency. As you learn a little about me, understand I faced the same things I am speaking about. I didn't address the fruits of my life, I addressed the bitter roots of my life. Religion didn't do it for me. Catholicism didn't do it for me. Athiesm didn't do it for me. Agnostic didn't do it for me. Only one man gets credit for it. Jesus Christ. Once I learned Christ wasn't about that foolishness I seen on t.v. or seen in other "Christians", I realized I was missing the point. I couldn't look past the Christians to see the CHRIST. I accepted Him as my savior and then started putting Him in positions over my life. My life changed and yours can too.' Posted by Xavier Sanz, Spain
The site has not been hacked, but there was some shady activity going on with the authors. DECAF has now been hacked and re-enabled by the guys over at SOLDIERX. For the full story and the files, see the news article at http://www.soldierx.com/news/DECAF-hacked-and-re-enabled-SX Posted by JimJones, USA