Well, according to a decafme.org press release, Version 2 is out. It now supports a whole new set of program detection. Seems the big reason he pulled it was due to its phone home functionality, which wasn’t really meant to phone home.
From the press release:“Version 2 is finished. We are now monitoring Microsoft COFEE,…»Read the full article
I hope everyone had a good holiday or at least a good few days off!
Well the decaf tool I blogged about a few weeks ago was disabled. The site, http://www.decafme.org/ explains why. Well I’m thrilled he’ll bring v2 out shortly, I was a little surprised that it phoned home with usage logs. The sites owner…»Read the full article
Most of you probably know about Microsoft’s tool they give law enforcement called COFFEE (Computer Online Forensic Evidence Extractor). I read over at the Internet Storm Center that some researchers released some proof of concept code called DECAF (Detect and Eliminate Computer Assisted Forensics). While, it’s a cool proof of concept evasion tool, I’m curious…»Read the full article