Just try and backdoor my computer. Go ahead, I dare ya... I have a few surprises for you.

First Rule: Always secure your system when not around it. Turn OFF your PC on a regular basis or have it shut itself off to save energy, and set a BIOS bootup password. Sure, the bios password can be cleared/bypassed, but this would require a court order to get around, as well as pulling your hard disk and analyzing it. If you're that paranoid, use a non-Microsoft based full disk encryption software, and disable your USB ports from allowing any device to install without requiring a password (see policies to understand).

Another thing is, if this somehow got leaked to the public and was able to be reproduced, it could contribute to corporate espionage, it would be a huge threat to national security in the wrong hands. In fact, the US DOJ should be investigating this along with DHS.

Besides, isn't Vista supposed to be invulnerable to security threats like this? What happened to the security initiative, Microsoft? Encryption is supposed to be our protection against unlawful search and seizures, right? What use is your security and encryption now?

This goes to prove that no matter WHAT a corporation or the government says, *always* take any statements regarding your "safety and security" with a HUGE grain of salt.

This is a backdoor. Plain and Simple. And it was intended to give the government the ability to violate your 4th Amendment rights.

If Vista was so secure, it would not be able to be farmed/hacked and it's memory dumped by someone simply plugging in a USB key. Microsoft just proved their security is crap.

First rule?

For whom, exactly?

Terrorists? People with a grudge?

Seriously, this is totally overkill for most computer users out there.

Besides, isn't Vista supposed to be invulnerable to security threats like this?

There is no security when the hacker (or forensic technician) has physical access to the machine. 256bit RSA? Pfft...

Encryption is supposed to be our protection against unlawful search and seizures, right?

No...that would be the laws in your respective countries. For instance, in the US, it's a little document called the Constitution.

This is a backdoor. Plain and Simple. And it was intended to give the government the ability to violate your 4th Amendment rights.

No, this is a forensic tool. Like knoppix and "Active Password Remover" (Google it).

If Vista was so secure, it would not be able to be farmed/hacked and it's memory dumped by someone simply plugging in a USB key

Any system where one has physical access can be accessed in the same fashion with the proper tools. Again, physical access=zero security... unless the system is booby trapped to vaporize itself.

From conspiracy whack-but to anti-Vista troll in one post. Nice touch.

"COFEE works by being plugged into a running system where a user has already logged on". COFEE is only an instrument, like a gun. If a judge has authorized an investigation this and all existing evidence finders are of course legal. If there's no judge at all, nobody has the right in America to invade your privacy.

Easy answer is, don't use hashed keys on anything you want really protected.

What's the big deal? There are freeware programs everywhere that can crack/display/remove Microsoft passwords on most of their OS programs & features. It's not like they really need a new program to do it....

...unless it cracks BitLocker. In which case, why pay the extra for Ultimate? Might as well just use Truecrypt/Bestcrypt/PGP or whatever your preference is.

Not a bad idea but if you are already logged in, there is a chance that your encrypted drive is already unlocked.

I have had this discussion with one of our IT staff about using double encryption for sensitive files. One for the file system and one for the files. The file system would become decrypted at login and the files when opened.

If the file is closed, then the file is now protected.

The only problem is many applications don't know how to handle encrypted files.

Also, will your passwords be stored in memory for analysis later?

Best way to start to protect yourself? Stop using Windows and then you are sure that there is no Microsoft back door on your system.

"Because COFEE is designed to be used by law enforcement officials in investigations that deal with highly sensitive evidence and information, the exact methods by which the COFEE tool works cannot be disclosed," a Microsoft spokesperson wrote, in an e-mail to BetaNews on Friday.

So whose word should we take that it's not doing anything illegal? Microsoft or "Law Enforcement Officials". Given that they are both beyond reproach, I suppose it's a toss-up....

So whose word should we take that it's not doing anything illegal?

FYI:

If the police are searching your PC, they likely have a warrant. The tools they use are irrelevant. Warrant=legal.

Ah the old "if you don't do anything wrong you have nothing to worry about" theory. This is all we need, industry teaming up with law enforcement. Some of the biggest crooks are "law enforcement". This thing will be on the street by tomorrow.

Here's a novel thought... Don't store illegal crap on your computers or be into criminal activities and you won't have to worry now will you?

Ok. So you wouldn't mind it if they put video cameras all through your home and watched you 24/7 at EVERYTHING you do? After all, you haven't done anything illegal, have you?

You could start with a decent comparison, not the conspiracy theory tripe that everyone brings up. Big brother is not watching you, I'm sure. I doubt that you'd be that interesting to them or anyone. Besides, COFFEE is nothing new. There have been other forensic devices around that are as just as pervasive.

It's not about big brother actually watching. It's an abuse issue (among other things).

It is the potential for an employee of big brother to get access to private information that (for many legitimate reasons) you might not want people to know about. For example, the terms of an important business deal, the fact you're having an affair, or you're watching socially "frowned upon" movies. None of these things are illegal but most people would probably not want them known.

It's also about the potential for mistakes.

It's easy to say "I've nothing to hide so go ahead" until you become the victim by mistake. Then all hell breaks loose.

A free society needs to be able to protect its citizens from such things.

...

In all fairness you have the same possibility for abuse from your banker, ISP, neighbor, IRS, etc...

Criticizing something based solely on potential for abuse is a cop-out.

What a silly comment. Abuses have happened all over the place, this is hardly hypothetical.

The IRS is part of government with whatever legal rights are deemed appropriate by government. It's absolutely reasonable for them to have information about your financial situation for the SOLE PURPOSE of assessing your taxes but that's all.

Neighbors don't get to come into your house uninvited, nor do they have any legal right to do so. One can keep data private from ISPs by using encryption, anonymous proxies, etc.

Your banker (for example) should be obliged (and allowed) to protect your information from all others (including government) unless your bank has good reason to believe you're doing something illegal, in which case it's appropriate to report it but then there needs to be mechanisms in place so that you have recourse to protect you in the case where they are wrong, etc.

You missed the point completely. Every one of those examples falls under the same basic flawed logic.

Everything has potential for abuse. Everyone is obligated not to do so. Everything has oversight. Anything can be corrupted.

This type of argument is usually a last resort when one can come up with nothing else. It is a generalization that can't be disproven by it's very nature of being true to *all* applicable situations, and as such, it is completely irrelevant to them all as well.

I didn't miss the point at all.

I'm not talking about the "potential" for abuse. I'm talking about how we are supposed to prevent abuse and also how to HANDLE abuses when they do happen.

For example, in a typical court case, prosecution is not allowed to introduce evidence obtained illegally. That's the "prevent abuse" part.

If they do, the judge is supposed to disallow that evidence. That's the "handle abuse" part.

Laws should typically describe what is and what isn't allowed and then go further to provide the appropriate recourse if the law is violated.

To me, such things come under civil liberties, an area that has been much abused the last 7 years or so.

???

I didn't miss the point at all.

I'm not talking about the "potential" for abuse.

To quote your original post:

It is the potential for an employee of big brother to get access to private information

Yeah...it's not about potential.

For example, in a typical court case, prosecution is not allowed to introduce evidence obtained illegally. That's the "prevent abuse" part.

How is the above not applicable with this software? Illegal search and seizure was illegal before this tool and is still illegal now.

Laws should typically describe what is and what isn't allowed and then go further to provide the appropriate recourse if the law is violated.

??? This isn't a law. This is a tool, much like the many that have been in use for decades. MSFT got tired of forensics using linux to hack windows and have now provided an alternative.

Perhaps this is a huge miscommunication? It sounds like you're talking about something completely "other" than the police toolkit. The Patriot Act, perhaps?

Yes, you are correct, I was thinking about the Surveillance (I mean Patriot) Act. This whole thing with MS seemed to fit!

My apologies for the miscommunication.

No problem.

It just totally didn't seem like we were at all communicating there, I knew something had to be awry.

The PATRIOT Act does indeed leave a lot of doors open. The problem I have with it is not solely in it's potential for abuse, as again, all things have that potential, but as I see it, the problem is that such potential has a much lower threshold of consequences.

Examples:

Cop guilty of illegal search and seizure (breaking and entering without a warrant); Justice system finds out, cop gets fired, case dropped, or at the very least, evidence deemed inadmissable.

DHS agent guilty of illegal search and seizure, (holding suspect and evidence without knowledge of any other parties); ... That's pretty much the end of it. No-one knows.

..now even that's pretty wild. Most agents are closely watched, held accountable, their superiors intensely vetted, etc... But the bar has dropped regardless.

Haven't 100% made up my mind on that one yet...

omy.. i must destroy my vannesa hudgens photos! lol

Security by obscurity never works. All it will take is for one of these devices to leak out, and get reversed engineered...

The key item in this it that the tool is used on a running system before it is shut down and taken away. Since the owner is likely logged on there is lot that can be done. If nothing else it could take a memory snapshot which could include unencrypted data. Possibly even the users passwords since users want transparency with encryption and do not want to keep entering the password.

This clearly something that does not need reverse engineering to understand. A live system is very different from a system that is cold.

Besides which there are plenty of tools out in internet land already for digging passwords out MS's hash files. Poor passwords can be beaten in reasonable lengths of time by brute force combined with dictionary attacks. This not a secret known only to MS.

The big difference here is the stick, as reported will allow investigators to get around the screen saver, mount and operate software without knowing any system passwords to start off with. This is some system acces hole that is a security threat in a business atmosphere.

As for the stick being reversed engineered. I think that will be sooner than later. There are enough crooked people working in police forces around the country. And with the falling economy, there are many that need that extra income. Maybe not a police officer but some staff worker.