According to media reports, a tool developed by Microsoft to assist in computer crime investigations has leaked onto the web.
COFEE (Computer Online Forensic Evidence Extractor) is a system designed to collect digital evidence from suspect’s computers while they are running, without the investigating officer having to do much more than inserting a USB stick.
COFEE allows computer crime investigators to grab a dump of processes running on an active computer at the scene of an investigation. The ability to grab a perfect copy of data from a PC without interfering with a computer is attractive to the computer crime authorities – and it’s…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.