May 2008 - posts
Over the last few weeks there has been a lot of chatter about a tool we provide in a Beta version to Law Enforcement called COFEE: Computer Online Forensic Evidence Extractor.
Let me give you some information on COFEE and put it into the proper context.
I am personally convinced that every company has its obligation to work towards making the Internet a safer place. Amongst other things, this means a close collaboration with Law Enforcement.
Let's face it: Most of security is about crime prevention!
Now, Microsoft has a team internally working with Law Enforcement running different programs:
- Anti-Phishing Efforts: You know of the Internet Explorer 7 Phishing Filter. Additionally we are founding member of the Digital Phishnet.
- Anti-Spam Efforts: Again, besides technology we have been a leader in promoting Signal Spam, a unique public/private partnership in Europe and probably in the world.
- Legislative Efforts: One of the key challenges in fighting cybercime is that most of the cases are international but the law internationally is not harmonized. Therefore we joined together with other industry partners the Council of Europe to support their efforts on harmonization of legislation.
- CETS (Child Exploitation Tracking System): CETS is actually a tool we developed jointly with the Canadian police to help to track child exploitation cases across a country. From our perspective, we give the software itself away for free and the police has only to pay for the basic implementation cost.
- Training: All across the globe we are training Law Enforcement Officers in different technological themes. We do this either in a partnership with the local or national Law Enforcement agency or Interpol and Europol. We do this for free. Similar trainings we do for judges and prosecutors.
- LE Tech: Approximately once every other year we hold a conference in Redmond called LE Tech. This is a technical conference completely shaped to the needs of Law Enforcement Officers.
- And a lot more.
Let's come back to COFEE: During LE Tech, a conference in Redmond we organized for Law Enforcement organizations from around the world, we invited a few journalists to some of the sessions. As a result a story appeared in The Seattle Times called Microsoft device helps police pluck evidence from cyberscene of crime. In my opinion, there was a very good quote, attributed to Brad Smith, (Microsoft Senior Vice President and General Counse) on the programs above: "These are things that we invest substantial resources in, but not from the perspective of selling to make money," Smith said in an interview. "We're doing this to help ensure that the Internet stays safe."
The target audience for COFEE is a forensic investigator with very limited knowledge of IT forensics. There are many standard forensic tools that law enforcement officers routinely use to capture information from a computer for analysis. In most investigation scenarios these tools have to be used to extract information at the scene of an investigation as powering down the computer could lead to loss of data and potential evidence.
The COFEE tool automates many of these existing tools and delivers them via a thumb drive making it quick and easy to use in an investigation scenario – as stated above – for the investigator with very limited knowledge on IT forensics.
I have seen and heard a lot of inaccurate information about what COFEE is and does, so wanted to spend some time addressing these misconceptions:
- COFEE is in Beta stage today
- Use of COFEE is strictly restricted to law enforcement organisations who can only use it within the parameters of national legal frameworks, such as a search warrant or any other valid judicial order.
- COFEE can only be used with physical access to a machine! No, absolutely, no, remote capabilities
-
COFEE does not do anything that cannot already be done by using a range of tools already available to law enforcement. The only difference is that it automates those tools making them quicker and easier to use in an investigation scenario There is no magic. COFEE does not access a "secret backdoor into Windows" (because such a thing does not exist), and it does not circumvent Bitlocker. It automates standard forensic tools via a USB storage device to enable law enforcement to s to access information on a live Windows system.
The tool allows law enforcement to run over 150 commands on a live computer system and save the results for later analysis, preserving information that could be lost if the computer had to be shut down and transported to a lab.
So I hope I have been able to show that Microsoft is committed to helping address cybercrime and that our collaboration with law enforcement organisations is an important element of that.
Bron : http://www.halbheer.info/security/archive/2008/05/14/support-for-law-enforcement-and-cofee.aspx
Uitnodiging Press Play event
Staat mobiel uitgeven garant voor steeds meer gepersonaliseerde informatie?
How personal can you get?
Wilt u een antwoord op deze en andere vragen over mobiel uitgeven in de toekomst? Kom dan op donderdag 29 mei 2008 naar ‘Press Play, for the future of mobile publishing'. Tijdens dit congres gaan experts binnen dit vakgebied met lezingen en workshops in op verschillende thema's die met mobiel uitgeven te maken hebben. Denk hierbij aan mobiele reclame, mobiele applicaties, streaming video, privacy en auteursrecht. Press Play gaat over de toekomst van mobiel uitgeven. Bovendien komt u tijdens dit event in contact met andere belangrijke spelers op dit gebied.
Dagvoorzitter van dit congres is bekende mediastrateeg Carel Mackenbach. Daarnaast geeft hij een lezing over mobiel uitgeven in de toekomst. Tevens geeft Raimo van der Klein, oprichter van Mobile Monday Nederland, de workshop ‘Mobiliteit beïnvloedt de samenleving'. Naast deze professionals zijn er nog meer experts die u de toekomst van mobiel uitgeven laten beleven.
Over Press Play
Press Play wordt georganiseerd door derde- en vierdejaarsstudenten aan het Instituut van Media en Informatie Management, onderdeel van de Hogeschool van Amsterdam. Het event, voorheen het Frederik Muller Congres, vindt plaats in het Singelgrachtgebouw, Rhijnspoorplein 1 te Amsterdam. Meer informatie over dit congres is te vinden op www.pressplay2008.nl.
Met vriendelijke groet,
Barbara Vleeming
Press Play
.gif)
Press Play Event | Hogeschool van Amsterdam | Instituut voor Media en Informatie Management | Rhijnspoorplein 1 | 1091 GC Amsterdam | Postbus 1025 | 1000 BA Amsterdam | Nederland | info@pressplay2008.nl | www.pressplay2008.nl
Wie durft ?
Volgende maand hebben we een Intrack georganiseerd rondom applicatie security. Bij security denken we meestal meteen aan het stelen van creditcardinformatie of aan hackers die massaal websites bestoken met denial of service attacks. In deze Intrack wordt er aan de hand van een demo-applicatie vele voorbeelden bekeken omtrent deze problematiek EN belangrijker nog de middelen die je als ontwikkelaar ter beschikking hebt om het te voorkomen. Het beloofd een leuke sessie te worden met ZEER interessante informatie! Een aanrader!
Inschrijven doe je hier!
Bij de release van het Security Intelligence Report is ook gebruik gemaakt van Nederlandse data. Op deze lokatie is een PDF te vinden met allerlei interessante data :-)
Today Microsoft unveils RoboChamps (www.robochamps.com), a simulated robotics league that is open to academics, hobbyists and developers from around the world, that demonstrates the power of the Microsoft platform to enable a broad range of developers to explore new ways to use .NET for robotics programming.
RoboChamps is built on top of the Microsoft Robotics Developer Studio(MSRDS) 2008 CTP, and uses that product’s robust, physics enabled simulation environment to remove the barriers of entry that exist for many today. This simulated league provides individuals with immersive 3-d environments, simulated versions of robots, and compelling scenario-specific challenges where they can win real robots.
More information:
Website – www.RoboChamps.com
Channel 9 video – http://channel9.msdn.com/Showpost.aspx?postid=399952
.NET Rocks Podcast – http://perseus.franklins.net/dotnetrocks_0336_marc_mercuri.wma
On10.net video – http://www.on10.net/blogs/tina/Robo-Champs-My-robot-is-bigger-then-your-robot/
