DECAF App Thwarts Microsoft's Super-Illegal COFEE Forensic Software

Microsoft's COFEE software is designed to help law enforcement grab sensitive, encrypted data from a suspect's hard drive. Recently that software was leaked online. Now, two "developers" have come up with DECAF—an app designed to counteract COFEE.

Needless to say, the Computer Online Forensic Evidence Extractor (COFEE) is super-illegal for the average Joe to use, and the breach last month has opened up the floodgates for countermeasures. DECAF is a lightweight app for Windows that deletes temporary files, clears all COFEE logs, disables USB drives, and contaminates or spoofs a variety of MAC addresses once the COFEE software is detected. Future versions could also add features that allow users to remotely lock down protected systems.

Of course, the two guys behind DECAF have not released the source code for the app citing fears that the signatures might be reverse engineered. That means it could be riddled with software that can do God-knows-what to your computer. In this case, it's probably best to switch to Tea—or some other drink that hasn't been corrupted. [DECAF via The Register via Wired UK Image via Gimme Coffee]