COFEE leakage Affair : May Sun Tzu be with you, always !
As the web is boiling with this COFEE leakage affair, i was deep into reading (again and again) my favorite book Sun Tzu : The principles of warfare - The Art of War-. And i was specially focused into the part about turning the enemy’s strength into advantage.
With this leakage, Microsoft reveals how the feds and other gov agencies proceed to extract evidence from computers.
In fact, if you analyze the COFEE package. I said package because: COFEE is something like 150 command line utilities masterminded by a beautiful GUI to produce human readable HTML / XML reports.
If you take look into the reports and analyze them deeply and if you are enough skilled to reverse-engineer the utilities embedded with COFEE, then be sure the bad guys, cyber criminals and other gifted attackers would be able to write their own code to get rid of the evidences from their computers (bunch of logs, memory , processes, registry keys and hives…).
Sun Tsu said : "Therefore, know the enemy’s plans and calculate their strengths and weaknesses"
Sun Tsu said : "What the ancients called a clever fighter is one who not only wins, but excels in winning with ease."
COFEE was leaked and certainly tools to defeat evidence extraction and collection will see the day.
COFEE is the easiest way to learn about Forensics tactics and evidence extraction.
