Slashdot Mirror
Hackers Counter Microsoft COFEE With Some DECAF
An anonymous reader writes "Two developers have created 'Detect and Eliminate Computer Assisted Forensics' (DECAF). The tool tries to stop Microsoft's Computer Online Forensic Evidence Extractor (COFEE), which helps law enforcement officials grab data from password-protected or encrypted sources. After COFEE was leaked to the Web, Microsoft issued takedown notices to sites hosting the software." The article notes that DECAF is not open source, so you aren't really going to know for sure what it will do to your computer.
http://www.decafme.org/
There are 10 kinds of people in the world > > Those who understand binary and those who don't
AFAIK, if your computer is locked COFEE relies on autorun to work, so disable autorun and lock your computer will pretty much thwart COFEE, since it would somehow require bypassing MS's supplied GINA dll, which given it's Microsoft, might know how to do, but would find it highly unlikely.
Your hair look like poop, Bob! - Wanker.
So, set up a VM and then port it through WireShark. It shouldn't be too hard to figure out if it's communicating with some central server.
I'd rather you do it wrong, than for me to have to do it at all.
Note that the GP didn't say it will put disproportionally fewer innocent people - only that there will be fewer innocent people.
Fixed it for you. You and the OP made the same mistake. It's like nails on a chalk board, honestly!
You can have fewer innocent people or you can have less innocent people, but it means different things. Less innocent people are not as innocent, fewer innocent people are of a smaller number.
I want my Cowboyneal
It's .NET and they ran Dotfuscator over it, so you're going to have to graduate past bovine intelligence on this one.