Well things are quite quiet on the tech news front which gives me the opportunity to look at the Windows 7 debate again. I read Ed Bott's artcle on Windows 7 here. He makes a two points regarding beta cycles and feedback that I don't agree with.

[Update: After re-reading the post it appears that I misread it. I agree with what's being said in these points. Suppose that's what happens when I post after a late night]

I suppose this comes down to how much of a failure you believe Vista is but for those who do believe Vista failed to deliver I ask them to remember that the features you saw in the final release is only a small subset of the features that were supposed to be in it. It was the large amount of public [Update: Not public, private testing] testing that told Microsoft that the new features were too complicated and too far from what the users understood and Microsoft had to remove them. The Vista that would've been released if it hadn't been for the comprehensive testing and feedback might've been a little more complicated but it certainly would've been feature rich and different enough from XP to make it a must have. Microsoft seemed to be saying at the time that the features that were removed would be slowly added over the next few OS versions to make the transition easier on the end user. I don't think added user feedback would help Windows 7, actually the opposite.

Labels: Ed Bott, Microsoft, Windows 7, Windows Vista

Microsoft has reportedly developed a USB key that allows investigators to
extract forensic data from PCs.
COFEE (Computer Online Forensic Evidence
Extractor) comes in a USB key form factor, and was distributed to a small number
of law-enforcement agencies last June, the Seattle Times reports. The device includes 150 tools that allow
investigators to extract internet history files, for example, or "decrypt
passwords".

The 150 tools are simply based on the 150 commands that forensic experts must enter anyway and that normally take 4+ hours. Microsoft claim that they are simply making this stage easier.

Rather than pointing to the existence of a backdoor

There are people that have climed that this tool circumvents security such as BitLocker and exploits backdoors in the system. It doesn't! Never did, that's just anti-Microsoft propaganda. Nice to see The Register rubbishing it.

the decrypting password
feature appears to relate to password auditing tools. COFEE also allows
investigators to upload data for analysis.
The device is used by more than
2,000 officers in at least 15 countries, including Germany and the US. Microsoft
supplies the technology to law enforcement agencies without charge. The tool
reportedly allows investigators to scan for evidence on site without necessarily
having to cart PCs back to a lab.
Computer forensics is a painstaking process
carefully designed to make sure data on a suspect computer isn't changed -
simply plugging a device into a computer to extract data seems like a quick and
dirty fix. The admissibility of such data in court in debatable even before we
get into considering the possibility that the USB key might harbour
malware.

Do we honestly think that this is a revelation to the people who designed the tool or consulted on the tool? I honestly do not believe that there is a room in Redmond where someone is now thinking, "I wonder should we have asked a computer forensic professional about this stuff before we built this. The fact that the Microsoft General Counsel Brad Smith has commented about it makes me think that they've done a lot of research into the legal viability of the evidence the tool will produce. Anyway, I suspect the tool is meant to indicate the presence of evidence and produce passwords rather than actually produce the evidence. It's not designed to replace forensic experts just make their lives a bit easier.

Another, even greater concern is that the kit will get into the
hands of hackers. The form factor for COFEE would be just their cup of
tea.

To start with hackers would need to actually gain physical access to the machine they are trying to attack for this to be a real threat. Secondly do you think they don't have similar tools already? Anyone heard of Switchblade?

The extraction and analysis of digital evidence features in the
investigation of more on more crimes, not just those specific to computers such
as internet fraud and child abuse investigations. UK specialists we've spoken to
tell us they're struggling to cope with the volume of work from law enforcement
clients. There's a genuine problem here, but we're not convinced COFEE is the
solution.
Law enforcement officials from forces in 35 countries are meeting
in Redmond this week to talk about the role of technology in combating crime. A
similar event two years ago led to the development of COFEE, the Seattle Times
reports. ®

So the industry has been involved in this tool for while then?

My only problem with it is that by the time law enforcement agencies have finished testing it and ensuring it's going to work in virtually all conditions there'll be a new set of technologies out there and it'll have to be updated again anyway. Great place to start though so I say well done Microsoft. Reading the comments on Ed's blog, as well as on the Seattle Times site, though it's obvious that there are people out there that are willing to believe anything anti-Microsoft and no matter how sensationalist and obviously false the story they want to believe it.

Labels: COFEE, Ed Bott, Microsoft, Seattle Times, The Register

Labels: Ed Bott, UAC, Windows Vista