Hackers have released an application designed to thwart a Microsoft-packaged forensic toolkit used by law enforcement agencies to examine a suspect’s hard drive during a raid.

The hacker tool, dubbed DECAF, is designed to counteract the Computer Online Forensic Evidence Extractor, aka COFEE. The latter is a suite of 150 bundled, off-the-shelf forensic tools that run from a script. Microsoft combined the programs into a portable tool that can be used by law enforcement agents in the field before they bring a computer back to their forensic lab. The script runs on a USB stick that agents plug into the machine.

Link:
http://www.wired.com/threatlevel/2009/12/decaf-cofee/

Check out these posts too:

  1. Can code this simple cause an IE script error?
  2. Inside Microsoft’s War Room
  3. Computer forensics with Helix
  4. Four more AJAX / JavaScript frameworks and code
  5. Don't be in the dark with your computer
  6. Will Self-Destruct
  7. How to clean the HTML code from Word