Microsoft issues takedown for leaked COFEE software

[Justin]

Microsoft faced a bit of embarrassment earlier this month when their COFEE forensics tool leaked onto the Web. The collection of programs and scripts is given to law enforcement to make PC forensics easy, and while it's composed of readily-available tools, it is still considered to be a proprietary package.

Redmond has now issued legal threats to anyone who made the tool available for download, but it may be too late to avoid circulation. COFEE was listed on various torrent networks and other locations on the Internet. This move is likely a reflection of Microsoft's anti-piracy agenda more than an effort to prevent distribution. They reinforced their legal threats with requests to hosting companies to pull sites which mirrored the files involved.

At least one site, Cryptome, has already been taken down, and most sites will probably comply with the request voluntarily. The damage has already been done, and new versions of the tool are already in development, which will make the leaked version obsolete.

Permalink to story.

https://www.techspot.com/news/37113-microsoft-issues-takedown-for-leaked-cofee-software.html

 

[klepto12]

well microsoft has thrown there money at someone once again but it is there right since they lost there software.

 

[codefeenix]

Wouldn't call this news.
Issuing take down notices is many companies SOP

 

[Fada]

Too late microsoft, i already got myself a copy! not that i am ever going to use it, kinda defeats the purpose of downloading it, but hey its free.

 

[lfg18]

As always microsoft released something they shouldn't, just like with their windows 7, anyway I don't really imagine why would somebody want these programs, not me a least

 

[Xclusiveitalian]

"Microsoft faced a bit of embarrassment earlier this month" nah that happened already with vista ^_^ On a serious note tho, good job microsoft leaking such important tools to criminals, bravo!

 

[kimsland]

lol I like the PDF in Coffee right at the end it states:
Version 1.1.2 Fixed bug which would not allow drives with drive labels to be formatted or wiped.
No its probably not meant for the standard User, but imagine the previous version where investigators would "wipe" someone's drive accidentally when trying to recover information. (actually it says "not", but anyway, still a concern for the standard non educated User)

Anyway, big hype over nothing, all tools including hex checkers can be found on the Net, mind you, you need to know what hex string you are looking for, and having those updated lists ("Dictionaries" I think) have always been the hardest thing to get But without them, then its very hard (nearly impossible) to search for suspect files.

 

[IvanAwfulitch]

Does anyone else find it mighty convenient that they already have a new product ready for deployment in its place? That was mighty fast, MS. Got anything else that you'd like to share with us that you already have squared away?

 

[Puiu]

They just want more attention towards that product. It's not like they care that it appeared on the internet (i suspect that one of their own did it), it was only a matter of time until it happened, but they are working on a new version and they need to give the police (or whoever is buying it) a reason to buy the new one.

 

[Styl]

Puiu said:
but they are working on a new version and they need to give the police (or whoever is buying it) a reason to buy the new one.

Actually, Microsoft provides COFEE to law enforcement agencies for free. As for issuing a takedown demand, that will accomplish very little.

 

[Razerblade]

I love the fact that Microsoft is threatening people when it was their fault the software got leaked! They should take responsibility for it and not pass the blame to anyone else!

 

[Nirkon]

How does MS manage to leak the exact thing that SHOULDN'T be leaked... I mean
come on, use more security and discretion.

 

[freedomthinker]

Just a simple question ? So what ?

 

[yorro]

Microsoft should handle their people carefully.

 

[JudaZ]

its a pointless piece of kit anyway, ... so who cares you spilled your COFEE?

 

[Cyberman]

I see any problem on having this software

 

[lupinnktp]

juz some noise Mic makes to keep itself on consumers' mind, be it good or bad? lol. i don't really thing this deserves much fuss/attention. the wares in COFEE ain't new to begin with. more like a collection with easy-of-use so average law inforcement (who ain't geeks) can use on-site.

 

[ColdPreacher]

Something so sensitive as COFEE was leaked on to sites. Maybe the new version will as well.

 

[tengeta]

Wow, people, read some stuff before getting ridiculous. The COFEE crap does nothing you couldn't do normally, it just does it faster by typing commands for you. Its more or less for a police department that doesn't train their forensics in anything computer related (Which seriously, WTF).

 

[manintech]

sounds like a useless software anyway

 

[vangrat]

Okay, so this "kit" just assists people in investigations. So no security risk there, essentially MS just want it taken down like any piece of their software packages. It is possible that this wasn't leaked by MS at all, perhaps a disgruntled govt employee somewhere decided to upload it or some such...

 

[Vicenarian]

JudaZ said:
its a pointless piece of kit anyway, ... so who cares you spilled your COFEE?

At least the COFFEE wasn't hot...

 

[JudaZ]

Vicenarian said:

JudaZ said:
its a pointless piece of kit anyway, ... so who cares you spilled your COFEE?

At least the COFFEE wasn't hot...

Nope Seems like its mostly some old COFEE left in a pot all day long...now stone cold , usless and tastes stale.

 

[fref]

If all the tools are readily available on the web already, why go through all this trouble to take it down? Plus, it's only tools to help catch criminals, not help them. I just don't see where the problem is.

 

[swilllx2p]

I took quite a few computer forensics classes in school..and I find this funny because the COFEE tool suite is nothing special at all...There is certainly better products out there for forensics if you can pay for them, heck we got them free in our classes. And even funnier..as others said you can download tools that do the same thing as offered in COFEE anyways.