Microsoft device helps police pluck evidence from cyberscene of crime
Sunday, 11. May 2008, 04:34:11
Microsoft has developed a small plug-in device that investigators can use to quickly extract forensic data from computers that may have been used in crimes.
The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB "thumb drive" that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference Monday.
The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer's Internet activity, as well as data stored in the computer.
It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.
More than 2,000 officers in 15 countries, including Poland, the Philippines, Germany, New Zealand and the United States, are using the device, which Microsoft provides free.
"These are things that we invest substantial resources in, but not from the perspective of selling to make money," Smith said in an interview. "We're doing this to help ensure that the Internet stays safe."
"So many of our crimes today, just as our lives, involve the Internet and other digital evidence," said Lisa Johnson, who heads the Special Assault Unit in the King County Prosecuting Attorney's Office.
A suspect's online activities can corroborate a crime or dispel an alibi, she said.
You must be logged in to write a comment. if you're not a registered member, please 
(11%)
My husband, who is a very generous person, had two laptops which he left in the office for the guys who worked for him to use - check their email, play card games etc. He was a pilot, as were all of them and there were times when any one person would be alone in the office for extended periods of time.
Someone used the laptops to look at child porn. The FBI confiscted them and of course started looking at him since they were his computers until they realized how many people had access to them. It took almost 2 years for them to determine which of the men actually did this, make their arrest and return the computers.
I'm glad they found out who did it and don't begrudge the laptops being taken or anything, but it would be nicer to think they could get to the bottom of such a thing and get the pervert off the internet a little faster.
By cakkleberrylane, # 11. May 2008, 10:51:14
Also, it gives them a court excepted method of collecting evidence. You know a good defense attorney would jump all over how evidence was collected.
By cwbywz, # 11. May 2008, 13:36:38