- Bank Web sites full of security holes
- SCO Group: Its future is all used up
- Maligned feature being added to IPv6
- I returned my iPhone 3G after six days!
- VPNs: Six burning questions
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
The growing use of encryption software -- like Microsoft's own BitLocker -- by cyber criminals has led Microsoft to develop a set of tools that law enforcement agents can use to get around the software, executives at the company said.
Microsoft first released the toolset, called the Computer Online Forensic Evidence Extractor (COFEE), to law enforcement last June and it's now being used by about 2,000 agents around the world, said Anthony Fung, senior regional manager for Asia Pacific in Microsoft's Internet Safety and Anti-Counterfeiting group. Microsoft gives the software to agents for free.
While Microsoft can point to wide usage of COFEE, some experts are skeptical about using that type of tool to recover data, and even the developer of the product at Microsoft acknowledges that it's not accepted by some users.
Fung, who initiated the creation of COFEE, spent 12 years as a police officer in Hong Kong, with the final seven dedicated to fighting cybercrime. When he joined Microsoft, he sought to devise a way that agents could do better at finding valuable information on computers used by cyber criminals.
When he was an officer, the protocol for handling computer crime was to remove a computer from the scene of the crime, taking it back to the lab where computer scientists would search it for information. In many regions of the world this is still the standard procedure. "At that time everybody followed that principle, but they knew that once they unplugged the computer, which was the guideline, a lot of potential information was lost," Fung said.
That's because data on an encrypted system is accessible to police so long as the criminal has logged on and the PC remains on. But if police shut the system down, they need to have the criminal's password to get past the encryption software when the computer boots back up. The release of Vista has accelerated the problem because BitLocker, a data encryption feature, comes with Windows Vista Enterprise and Ultimate versions, Fung said.
"Criminals are taking advantage of these technologies like BitLocker," Fung said. "BitLocker was the real driving force because it's becoming ubiquitous." In addition to BitLocker, other hard disk encryption methods, like one from PGP, also frustrate agents, he said.
Rss FeedRss Feed
If the IT manager is knowledgeable regarding Cisco technology, he would have 2 options. Option 1 - Consult...- Anonymous
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comments (3)
Very misleading and dishonest articleBy Anonymous on May 1, 2008, 2:18 pmSeeing as the computer has to be on and the criminal loggied on - it is like saying that a user can access their own data. People pay for this?
Reply | Read entire comment
How so?By Adam Gaffin on May 1, 2008, 10:18 amHow so?
Reply | Read entire comment
ShameBy Anonymous on April 30, 2008, 9:05 pmThis is a horribly misleading article.
Reply | Read entire comment
View all comments