We now know as of yesterday that, since June of 2007, law enforcement agencies have been making use of a computer security-bypassing piece of hardware made by Microsoft called COFEE (Computer Online Forensic Evidence Extractor).
The USB thumb drive contains 150 Microsoft programmed special commands to allow the user to decrypt passwords, recover all of the computer’s data stores, and read a complete log of the computer’s Internet activities. It works on-site with any Windows-loaded computer, including PDAs.
Microsoft’s General Counsel Brad Smith described COFEE yesterday as being new technology developed to aid law enforcement in this new age of “new digital cities” online.
Microsoft gives law enforcement authorities the COFEE for free. So far, over 2000 agents in 15 different nations across the globe, including Interpol, are using COFEE.
The revelation has some feeling uneasy, and asking themselves the question: "If MS can write a tool that bypasses all of that pesky Windows security, how long will it take before someone else does, too?"
However, computer experts are already saying that the only thing new about COFEE is that now those who are not computer code or hardware and software experts can do what those have already been able to do for quite some time, and do it faster and more conveniently.
Smith told a gathering of law enforcement agencies in Redmond, Washington yesterday that online publishers who see huge financial opportunities in advertising to the fervently churning Internet online community and thus permit people to participate anonymously, such as with Google AdWords and AdSense, are also permitting "criminals to infiltrate the community, become part of the conversation. and persuade people to part with personal information…[Also], criminals seek to win a child’s confidence in cyberspace and meet in real space."
Microsoft has been acting to meet law enforcement wishes for better, faster methods of fighting cybercrimes since at least 2005, as more and more crimes get committed in the digital world in parallel with increased socializing, commerce, researching, and banking online. Phishing, fake IDs, and bots roam the cyberworld and law enforcement insists that it must be able to keep pace without needing to hire masses of computer hacking experts or rely on comfiscating every suspected computer and taking it back to a central lab.
Microsoft invests millions of dollars annually into its law enforcement aiding efforts.
"It’s in Microsoft’s interest for people to have a safe and healthy computing experience. This is a part of our broader corporate citizenship," says Aaron Kornblum, a senior attorney with Microsoft’s Internet Safety Enforcement division.