Microsoft Hands Cops Forensic Tools
by Al
Lucky day for users of Windows. It seems that Microsoft is handing tools to law enforcement around the world that gives quick and easy shortcuts to gather data from Windows machines for police forensics.
From the Seattle Times article today:
The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB “thumb drive” that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference Monday.
The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer’s Internet activity, as well as data stored in the computer.
It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.
More than 2,000 officers in 15 countries, including Poland, the Philippines, Germany, New Zealand and the United States, are using the device, which Microsoft provides free.
I wonder if Apple does something similar for OS X for police or maybe Mac users don’t commit crimes? If they do, they probably don’t tell everyone. :-) Another reason to use Linux, it seems.
On one hand, I understand the need for law enforcement to be able to gather evidence for criminal investigations. On the other hand, I find it extremely creepy that an operating system manufacturer (with a monopoly or near monopoly, effectively, as an operating system) is in bed with cops and developing tools internally for them. It isn’t like these could be abused by someone, right?
I also dislike this comment, especially, from Microsoft General Counsel Brad Smith:
Smith compared the Internet of today to London and other Industrial Revolution cities in the early 1800s. As people flocked from small communities where everyone knew each other, an anonymity emerged in the cities and a rise in crime followed.
The social aspects of Web 2.0 are like “new digital cities,” Smith said. Publishers, interested in creating huge audiences to sell advertising, let people participate anonymously.
That’s allowing “criminals to infiltrate the community, become part of the conversation and persuade people to part with personal information,” Smith said.
The tying of anonymity on the net with criminality is hyperbole, as far as I’m concerned. I’m surprised he didn’t attempt to link it to “terrorists” either since that seems to be the method of making people more paranoid at the moment.
Sure, if you are anonymous, you can commit crimes and it is difficult to know who you are but the root of the problem is the criminal behavior, not the anonymity. I can be anonymous in my day to day life, walking around my city, and commit crimes. You don’t find people declaring that the problem is that the guy who mugged someone was anonymous but that he mugged someone. Otherwise, we’d all have our names emblazoned on our clothes or broadcast through RFID or somesuch.
The net has a long tradition of anonymity, which I think is actually essential to its well being and societal good. It has acted as a place where people can say things or think thoughts (or write thoughts, more importantly) without worry about the impact it will have on them by being associated with their name. Ask the Chinese bloggers if this is important…
Comments
“Another reason to use Linux, it seems.” – Wow, way to be a troll. As a MacOSX and Linux user myself, you do realize that this already exists in most if not all linux disrtibution CDs and is not limited to any OS in particular? Hell right now it’s easier for me to do this using Ubuntu or MacOSX than my windows Box while having PHYSICAL ACCESS to all 3 of them.
I’m not am MS lover, but your post is FUD and you obviously have no idea what you are saying. Even worse I had to read your uninformed post while reading all the truly smart, informed and useful post at p.m.o. Thanks for lowering the bar. For my sake I hope they remove you from planet so I can go back to my Mozilla/Firefox news!
How can you be a troll in your own blog? That’s like the opposite of trolling, Paul.
You are welcome to your opinion in any case. It was neither trollish nor FUD just because you disagree with my opinion or don’t like it. You’re also focusing on the first half of what I wrote but that’s ok. If you want Microsoft handing out “Forensic Tools for Dummies” on a USB flash drive to cops around the world, you’re welcome to it.
You might be able to do all of these things (and, heck, I can probably do most of them as well) but you aren’t creating a series of custom applications to do it, sticking them on a USB drive, and showing a bunch of non-technical cops how to use them after they requested you to create these apps for them. Do you do spec work for police who want to data trawl people?
Oh, and better yet, you aren’t the creator of the operating system in question, which still has more than 90% of the desktop market.
It’s one thing for people to be able to use network analysis or disk tools, etc. to gather forensic data. If you know how to use the tools, by all means do so. It is quite another for the creator of the dominant operating system on the planet to create and distribute a series of applications to non-technical cops that asked them to make it per spec to data mine their own operating system. That just leads to abuse, both on the part of Microsoft and on the part of random cops. Once law enforcement has an easy tool to mindlessly do a job, they tend to overuse it. That’s what happened with tasers, which are now treated like nothing more than a non-polite way of forcing people to do what a cop wants rather than being treated as a tool with serious responsibilties.
If you cannot see the difference, I think that is really a separate problem and doesn’t say much about me, even though you have decided that I am clueless on things technical.
I guarantee you that if any of the maintainers of the main Linux distributions had a bunch of cops come up to them and ask them to create these tools so they could do the same thing on their distros, the cops would get politely (or not so politely) told to go away. More likely, they would be told to get bent and never come back. That’s the difference between Windows and Linux. I’d like to think that Apple would tell them to take a hike too but I expect they’d play ball with cops.
Wow, Paul. I guess nobody ever clued you in to the radical concept of “disagreeing politely”.
Sorry about your parents, there.