Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Issues Takedown Notices Over COFEE

Posted by Soulskill on from the horses-and-barn-doors dept.

Eugen tips news that Microsoft has sent DMCA takedown notices to several websites to stop them from offering the Computer Online Forensic Evidence Extractor (COFEE) tool for download after it was leaked earlier this month. One of the sites, Cryptome.org, has posted their correspondence with Microsoft over the software. "... Microsoft contacted Network Solutions, which hosts Cryptome, and since John Young, the owner of the website, wasn't too keen on losing his whole website for the sake of a single 15MB file, he removed the download link and sent Network Solutions a notice of compliance."

3 of 69 comments (clear)

  1. Too little, too late? by Telecommando · · Score: 4, Insightful

    I suspect that anyone who wanted it has already downloaded a copy by now.

    --
    Beta sux! Join the Slashcott! http://hardware.slashdot.org/comments.pl?sid=4760465&cid=46173047
  2. Takedown notice... by Trebawa · · Score: 5, Insightful

    Thus guaranteeing thousands of frantic downloads.

  3. Re:Available on Freenet by arth1 · · Score: 3, Insightful

    Freenet and other anonymous forwarder schemes arent's secure, unless you already can trust any and all of the nodes you connect directly to. And if you can trust them, you might as well use a network share -- it's much faster.

    Why it isn't safe? Funneling. The easiest imaginable (but far from most efficient) version is a cluster of N nodes, where N equals the maximum number of jumps a packet can take, the internal max TTL of the protocol used. The nodes are firewalled in a chain, so that only one end of the chain is open from the outside, and only the other end of the chain can send requests out to the internet. Then those who run the nodes know that any traffic that makes it through to the end of the chain must be from directly connected hosts. It doesn't matter if the TTL is randomized and encrypted in an onion layer; as long as there is a max, even if only one out of a million packets make it to the endpoint host, for all the traffic that does make it, they know the source and the destination.

    The problem is that with a design where the next hop gets to choose its next hop, you can't prevent someone from creating funnels where traffic can't go to other nodes, only to other malicious hosts or the outside.

    Another problem is if you have a single pipe. Then it's dead easy to sit at your ISP and drop the pipe to you intermittently. When there are outgoing requests when the pipe to you is down, the snoops know that the traffic originates from you. And again, with a funnel, they can find out where the traffic is going. Do they know what the traffic is? Well, they may be the ones that host the materials you try to access, in which case, yes, they do.

    And yes, a large portion of the so-called darknets are run by law enforcement agencies and institutions working closely with them. Letting a thousand people getting away with downloading pipe bomb recipes, child porn and sedition against king Dumbledore is apparently acceptable if they can nab one every now and then, and thus justify their own existence.