Microsoft hosts its own police academy
Hundreds of officials from agencies around the world including the FBI, Interpol, state attorneys general, city and county police, and the Air Force are attending a three-day technology training session at Microsoft's Redmond, Wash., campus beginning on Monday.
Microsoft is training the officers how to use technologies that can help them fight cybercrime as well as help them investigate traditional crime with an online component. Nearly 400 people from more than 80 agencies in 35 countries are attending.
For instance, attendees will learn how to pull evidence off PDAs running Windows CE and how to gather evidence from Microsoft's online services and products like Hotmail and Windows, says Aaron Kornblum, a senior attorney for Microsoft's Internet Safety Enforcement Team.
Officials also will be trained on a relatively new computer online forensic evidence extractor, with the acronym of COFEE, that was developed by a former Hong Kong cop who now works for Microsoft. COFEE (Computer Online Forensic Evidence Extractor), designed for use during police raids, is a USB thumb drive that captures evidence on a computer that could be lost when the computer is shut off, according to Kornblum.
Microsoft also operates a law enforcement portal where officials can get free technical support.
With all the phishing attacks, identity theft, and botnets out on the Internet, police can use all the help they can get.
This is the second such event Microsoft has held; the first was in 2006. Microsoft has trained more than 6,000 officers from more than 110 countries and does regular training with state officials and organizations like the International Center for Missing and Exploited Children, Kornblum says.
Tim Cranton (right), Director of the Internet Safety Enforcement Team at Microsoft, demonstrates new forensic tool COFEE for Jean-Michel Louboutin, executive director of police services, Interpol, at the Law Enforcement Technology 2008 conference. COFEE (Computer Online Forensic Evidence Extractor) provides investigators with a means to easily and quickly extract 'live' data from a suspect's computer at the point of seizure, before turning it off.
(Credit: Microsoft)
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
Sir...let me plug in this THUMB DRIVE before you shut down your computer. Yea , right !
C.O.P. coders on patrol
1. - Invasion of my (or your) privacy is NOT funny. I don't subscribe to the attitude that "If you have nothing to hide who cares if the authorities search through your computer".
2. - A recent news story (Center For Information Technology Policy at Princeton University) showed that it is possible to extract data from RAM chips for some time after a computer is turned OFF ! It is also possible to extend the time data remains on those chips nearly indefinitely if the chips are quickly brought to a very low temperature. Regardless of what you are using for encryption, your PASSPHRASE remains in RAM and can be accessed in this manner.
3. - The COFEE thumb drive presumably does a memory dump which gives law enforcement your passphrases as well as grabbing all the other tidbits that you don't know are still on your hard drive.
4. - And, finally, how are you gonna turn off your computer when some over zealous "law enforcement type" hits your home/office with a flash-bang grenade, breaks down your door, and has you pinned to the floor with an M-16 to your head?
Wake Up America !
Don't use MS for Encryption, go with Open Source Solutions.
Why ?
If the police have it, others will get it also. (sounds like it's just a software solution, to bypass all your security)
Can't wait for the first Virus to be built off that :D
- Yet more very good reasons...
- by solitare_pax April 30, 2008 2:52 AM PDT
- To get a Macintosh.
- Reply to this comment
-
(8 Comments)And obey the law of course.
Any way you slice it - if the law wants your data, they're gonna get your data unless you either set up a self-destruct routine of your own, or set up a clever file-saving procedure.