An article today in the Seattle Times describes a forensic device Microsoft started distributing last June to over 2000 officers in 15 countries. The device, referred to as a COFEE (Computer Online Forensic Evidence Extractor) is a USB thumb-drive loaded with software used in forensic investigations. According to the Seattle Times article:
The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer's Internet activity, as well as data stored in the computer.
It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.
Microsoft COFEEs have been distributed to over 2000 officers in 15 countries including Poland, the Philippines, Germany, New Zealand and the United States.
No comments:
Post a Comment