IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> more RL hacking stories., with extra microsoft goodness
Weaver95
post Nov 20 2009, 09:57 PM
Post #1


Moving Target
**

Group: Members
Posts: 206
Joined: 29-September 09
Member No.: 17,687



check this out.

COFEE is a custom suite of applications designed by microsoft for cops to use if/when the encounter a computer that might be used for illegal purposes. basically you put this onto a USB thumb drive and can plug it into any windows machine and it'll collect data for the cops. Well, this being a 24/7 always online wired world it didn't take long for someone to find a copy of microsoft's little cop helper and put it up on bittorrent.

Microsoft is not amused.

Still, check it out. the files are up on cryptome.org if you're of a mind to do some investigating.
Go to the top of the page
 
+Quote Post
Neraph
post Nov 21 2009, 05:47 AM
Post #2


Great Dragon
*********

Group: Members
Posts: 5,542
Joined: 30-September 08
From: D/FW Megaplex
Member No.: 16,387



That is really interesting. It's like a real-life Fetch Module.
Go to the top of the page
 
+Quote Post
underaneonhalo
post Nov 21 2009, 07:38 AM
Post #3


Moving Target
**

Group: Members
Posts: 144
Joined: 19-June 06
From: CAS baby
Member No.: 8,736



Wow cryptome.org got hit hard and fast with the cease and desist. You might want to look towards the bay, I hear there are pirates there. (IMG:style_emoticons/default/wink.gif)

Also I hear COFEE is pretty damn useless.
Go to the top of the page
 
+Quote Post
Weaver95
post Nov 21 2009, 07:42 AM
Post #4


Moving Target
**

Group: Members
Posts: 206
Joined: 29-September 09
Member No.: 17,687



QUOTE (underaneonhalo @ Nov 21 2009, 02:38 AM) *
Wow cryptome.org got hit hard and fast with the cease and desist. You might want to look towards the bay, I hear there are pirates there. (IMG:style_emoticons/default/wink.gif)

Also I hear COFEE is pretty damn useless.


I haven't tested it yet, so I can't say how effective it is...but the fact that microsoft moved on it so fast makes me wonder if there's more to it than would seem.

i'll test run it later this month.
Go to the top of the page
 
+Quote Post
Heath Robinson
post Nov 21 2009, 07:45 AM
Post #5


Running Target
***

Group: Members
Posts: 1,263
Joined: 4-March 08
From: Blighty
Member No.: 15,736



QUOTE (Weaver95 @ Nov 21 2009, 07:42 AM) *
I haven't tested it yet, so I can't say how effective it is...but the fact that microsoft moved on it so fast makes me wonder if there's more to it than would seem.

Like, say, exclusivity clauses in the contract they have?
Go to the top of the page
 
+Quote Post
Weaver95
post Nov 21 2009, 07:47 AM
Post #6


Moving Target
**

Group: Members
Posts: 206
Joined: 29-September 09
Member No.: 17,687



QUOTE (Heath Robinson @ Nov 21 2009, 02:45 AM) *
Like, say, exclusivity clauses in the contract they have?


Anyone who thinks they can keep ANY software secret in this day and age is either high or deluded. Microsoft announced COFEE in a press conference - it was just a matter of time before it hit bittorrent.
Go to the top of the page
 
+Quote Post
Jack Kain
post Nov 21 2009, 07:49 AM
Post #7


Moving Target
**

Group: Members
Posts: 906
Joined: 16-October 06
Member No.: 9,630



Well its usefulness to police depends on it being secret. If your a programmer and you get ahold of Cofee. You could figure out how to hide our data from it. Or even leave a booby trap virus that will fry data should it detect Cofee running.
Go to the top of the page
 
+Quote Post
Heath Robinson
post Nov 21 2009, 07:52 AM
Post #8


Running Target
***

Group: Members
Posts: 1,263
Joined: 4-March 08
From: Blighty
Member No.: 15,736



QUOTE (Weaver95 @ Nov 21 2009, 07:47 AM) *
Anyone who thinks they can keep ANY software secret in this day and age is either high or deluded. Microsoft announced COFEE in a press conference - it was just a matter of time before it hit bittorrent.

Yup, but they'd still be compelled to act according to their contract.

The anouncement was most likely a prestige, and thus brand-building, exercise. Microsoft also wants to sell as many licences as possible (to legitimate users, according to their contracts), and since user-level demands are a way to force recalcitrant organisations into signing agreements the anouncement could also be seen as an investment in forcing licences.
Go to the top of the page
 
+Quote Post
underaneonhalo
post Nov 21 2009, 08:12 AM
Post #9


Moving Target
**

Group: Members
Posts: 144
Joined: 19-June 06
From: CAS baby
Member No.: 8,736



QUOTE (Jack Kain @ Nov 21 2009, 02:49 AM) *
Well its usefulness to police depends on it being secret. If your a programmer and you get ahold of Cofee. You could figure out how to hide our data from it. Or even leave a booby trap virus that will fry data should it detect Cofee running.


I get the feeling this works on a built in backdoor in windows source. The truth of the matter is that if you're doing something illegal, and a fed gets within arms reach of your computer, you REALLY have a problem.


Fun story!
Last week my buddy was looking into connecting to the internet through a DNS server. Well he's been googling how to do it for a few days when his phone rings. It's 10PM

Lady "Hi this is so-and-so with Comcast, is -account holder- available?"
Friend "... No... He's asleep. Can I take a message?"
Lady "Oh no, we just wanted to let him know that if he has any questions he can call us."
Friend "Okay."
[click]

Now I'm not saying they're monitoring us, I just find it a little odd that Comcast would just call out of the blue to say hi at 10PM.
Go to the top of the page
 
+Quote Post
The Jake
post Nov 22 2009, 02:02 AM
Post #10


Shooting Target
****

Group: Members
Posts: 1,849
Joined: 26-February 02
From: Melbourne, Australia
Member No.: 872



I've heard of COFEE but I've never heard of anti forensics tools designed to defeat it. There's enough anti forensics material on the net to make any law enforcement official's job a freakin' nightmare anyway, if one was so inclined.

- J.
Go to the top of the page
 
+Quote Post
Weaver95
post Nov 22 2009, 02:11 AM
Post #11


Moving Target
**

Group: Members
Posts: 206
Joined: 29-September 09
Member No.: 17,687



QUOTE (The Jake @ Nov 21 2009, 09:02 PM) *
I've heard of COFEE but I've never heard of anti forensics tools designed to defeat it. There's enough anti forensics material on the net to make any law enforcement official's job a freakin' nightmare anyway, if one was so inclined.

- J.


especially if one is fond of heavily encrypting executable virus programs and hiding them in file directories clearly labelled 'kiddie porn'.
Go to the top of the page
 
+Quote Post
The Jake
post Nov 22 2009, 07:54 PM
Post #12


Shooting Target
****

Group: Members
Posts: 1,849
Joined: 26-February 02
From: Melbourne, Australia
Member No.: 872



QUOTE (Weaver95 @ Nov 22 2009, 02:11 AM) *
especially if one is fond of heavily encrypting executable virus programs and hiding them in file directories clearly labelled 'kiddie porn'.


That's just mean. I mean doing all sorts of nasty shit like using hidden files in between inodes designed to bypass forensics tools like enCase. For all intents and purposes, the files do not exist.

- J.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



RSS Lo-Fi Version Time is now: 28th March 2024 - 03:41 PM

Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.