Microsoft Issues Takedown Notices Over COFEE 69
Eugen tips news that Microsoft has sent DMCA takedown notices to several websites to stop them from offering the Computer Online Forensic Evidence Extractor (COFEE) tool for download after it was leaked earlier this month. One of the sites, Cryptome.org, has posted their correspondence with Microsoft over the software. "... Microsoft contacted Network Solutions, which hosts Cryptome, and since John Young, the owner of the website, wasn't too keen on losing his whole website for the sake of a single 15MB file, he removed the download link and sent Network Solutions a notice of compliance."
Too little, too late? (Score:5, Insightful)
I suspect that anyone who wanted it has already downloaded a copy by now.
Re:Can't stop the signal (Score:3, Insightful)
Just put it on a server outside of the USA. Then at least you won't have an issue with DMCA notices.
Takedown notice... (Score:5, Insightful)
Re:Can't stop the signal (Score:2, Insightful)
Unfortunately, the mods didn't get the "Firefly" reference the OP made - Can't stop the signal ... etc..
Ah, pop culture references.
Re:I can relate. (Score:3, Insightful)
It won't matter anyhow, Microsoft just ignorantly invoked the Streisand effect.
Note to everyone out there faced with a "leak": The best thing to do is NOTHING. By trying to have something removed, it will only be spread more widely.
If Microsoft had simply ignored the incident, Cryptome would have hosted it and the vast majority of people would have never even heard of COFEE. Now, tons of people are downloading it just BECAUSE of the reports of their takedown campaign.
Re:Want... (Score:3, Insightful)
That's why most people are going to grab it.
1) They don't want you to have it.
2) They are making a big deal about it.
3) (the lesser reason) To see what MS is giving up to LEO.
Re:Available on Freenet (Score:4, Insightful)
Freenet and other anonymous forwarder schemes arent's secure, unless you already can trust any and all of the nodes you connect directly to. And if you can trust them, you might as well use a network share -- it's much faster.
Why it isn't safe? Funneling. The easiest imaginable (but far from most efficient) version is a cluster of N nodes, where N equals the maximum number of jumps a packet can take, the internal max TTL of the protocol used. The nodes are firewalled in a chain, so that only one end of the chain is open from the outside, and only the other end of the chain can send requests out to the internet. Then those who run the nodes know that any traffic that makes it through to the end of the chain must be from directly connected hosts. It doesn't matter if the TTL is randomized and encrypted in an onion layer; as long as there is a max, even if only one out of a million packets make it to the endpoint host, for all the traffic that does make it, they know the source and the destination.
The problem is that with a design where the next hop gets to choose its next hop, you can't prevent someone from creating funnels where traffic can't go to other nodes, only to other malicious hosts or the outside.
Another problem is if you have a single pipe. Then it's dead easy to sit at your ISP and drop the pipe to you intermittently. When there are outgoing requests when the pipe to you is down, the snoops know that the traffic originates from you. And again, with a funnel, they can find out where the traffic is going. Do they know what the traffic is? Well, they may be the ones that host the materials you try to access, in which case, yes, they do.
And yes, a large portion of the so-called darknets are run by law enforcement agencies and institutions working closely with them. Letting a thousand people getting away with downloading pipe bomb recipes, child porn and sedition against king Dumbledore is apparently acceptable if they can nab one every now and then, and thus justify their own existence.