Microsoft Cofee brews 'back door' fears

Powered by SC Magazine
 

Industry experts have welcomed assurances from Microsoft that the firm has not provided law enforcement agencies with a 'back door' into its systems..

Microsoft briefed Gartner on 2 May about its Computer Online Forensic Evidence Extractor (Cofee) USB device that the company began distributing to law enforcement agencies in 2007.

Cofee is designed to offer police and other agencies a way of collecting digital evidence, decrypting passwords and analysing computer and web surfing activity.

The assurances came after reports claiming that Cofee could provide a 'back door' into Microsoft operating systems and applications.

In its Gartner briefing, however, Microsoft stated that Cofee offers nothing more sinister than a set of scripts designed to help law enforcement professionals take a system snapshot.

Microsoft claimed that the commands held on the USB stick are all public, and that no new code has been written and no back doors are present.

"Gartner believes, and Microsoft agrees, that it was a mistake to widely deploy the Cofee initiative without public disclosure and a formal distribution plan," said John Girard, a vice president and distinguished analyst at Gartner.

"We also believe that Microsoft should work closely with professional third-party forensics product and service vendors to develop, manage and track future data capture utility projects.

"Another concern raised by Microsoft's failure to offer public information about this initiative is that the widespread attention it has drawn will likely encourage otherwise well-intentioned enterprise IT personnel to search the internet for penetration tools with which to experiment.

"Enterprises should review their internal protection measures to ensure that their business data is secure and private."

Copyright ©v3.co.uk


 
 
 
Top Stories
Making a case for collaboration
[Blog post] Tap into your company’s people power.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
Tracking the year of CIO churn
[Blog post] Who shone through in 12 months of disruption?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
This 4G smartphone costs $219
Sep 3, 2014
It's possible to spend a lot less on a smartphone if you're prepared to go with a brand you ...
Looking for storage? Seagate has five new small business NAS devices
Aug 22, 2014
Seagate has announced a new portfolio of Networked Attached Storage (NAS) solutions specifically ...
Run a small business in western Sydney?
Aug 15, 2014
This event might be of interest if you're looking to meet other people with a similar interest ...
Buying a tablet? Microsoft's Surface Pro 3 goes on sale this month
Aug 8, 2014
Microsoft has announced its Surface Pro 3 will go on sale in Australia on 28 August from ...
Apple's top MacBook Pro with Retina is now cheaper
Aug 1, 2014
Apple has updated its MacBook Pro range with faster processors and new pricing, including ...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  4%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1052

Vote